Next-Generation Firewall
Premium Health Alerts
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
- PAN-OS 9.1 (EoL)
-
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
-
-
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1
- PAN-OS 11.2
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1 (EoL)
Premium Health Alerts
The following table identifies the premium alerts that Strata Cloud Manager can raise
which are related to the health of your platform.
The AIOps for NGFW Premium license is required in order for Strata Cloud Manager to raise these alerts.
Alert
|
Description
|
---|---|
ACC Query Failure (Premium alert)
|
This alert detects if the Application Command Center (ACC) query has failed.
Class: Health
Category: Reporting
In-App Support Ticket: No
|
Adverse Encrypted Traffic Resource Usage (Premium alert)
|
Encrypted traffic resources are running low.
Class: Health
Category: Resource usage
In-App Support Ticket: No
|
Adverse Resource Usage (Premium alert)
|
The firewall has anomalous values for connections per second (CPS), throughput, or number of sessions.
Class: Health
Category: Resource usage
In-App Support Ticket: No
|
Approaching Max Capacity - ARP Table (Premium alert)
|
Data forecasting analysis shows that the ARP Table entries are on track to reach the firewall's maximum capacity soon.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - Address Groups (Premium alert)
|
The number of address group objects has been consistently high and is approaching the maximum capacity the firewall can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - Address Objects (Premium alert)
|
The number of address objects has been consistently high and is approaching the maximum capacity the firewall can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - Dataplane CPU (Premium alert)
|
The data plane (DP) CPU usage has been consistently high over time and is approaching the maximum capacity that the device can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - Decryption usage (Premium alert)
|
Data forecasting analysis shows that SSL decryption sessions are on track to reach the firewall's maximum capacity soon.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - FQDN Addresses (Premium alert)
|
The number of FQDN address objects has been consistently high and is approaching the maximum capacity the firewall can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - GlobalProtect Tunnels (Clientless) (Premium alert)
|
The number of clientless GlobalProtect VPN Tunnels is approaching the maximum capacity the firewall can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - IKE Peers (Premium alert)
|
The number of IKE peers has been consistently high and is approaching the maximum capacity the firewall can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - Management Plane CPU (Premium alert)
|
The management plane (MP) CPU usage has been consistently high and is approaching the maximum capacity the device can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - Management Plane Memory (Premium alert)
|
The management plane (MP) Memory usage has been consistently high and is approaching the maximum capacity the device can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - NAT Policies (Premium alert)
|
The number of NAT policy rules has been consistently high over time and is approaching the maximum capacity that the firewall can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - Security Policies (Premium alert)
|
The number of security policy rules has been consistently high and is approaching the maximum capacity the firewall can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - Service Groups (Premium alert)
|
The number of service group objects has been consistently high and is approaching the maximum capacity the firewall can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - Service Objects (Premium alert)
|
The number of service objects has been consistently high and is approaching the maximum capacity the firewall can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - Session Table Utilization (Premium alert)
|
Usage of the Session Table (%) has been consistently high over time and is approaching the maximum capacity the firewall or VM license can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - Site-to-Site VPN Tunnels (Premium alert)
|
The number of Site-to-Site VPN Tunnels, comprising of both IPsec Tunnels and Proxy IDs, has been consistently high and is approaching the maximum capacity the firewall can support.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Capacity - URLs or IPs within EDLs (Premium alert)
|
The number of URLs, IPs, or Domains within the configured EDL(s) used in policy on this firewall is approaching the maximum capacity that the firewall can support.
Class: Health
Category: Resource usage
In-App Support Ticket: No
|
Approaching Max Capacity - Virtual Systems (Premium alert)
|
Data forecasting analysis shows that the Virtual Systems configuration is on track to reach the maximum capacity supported by the firewall's license.
Class: Health
Category: Capacity
In-App Support Ticket: No
|
Approaching Max Configuration Limits (Premium alert)
|
Firewall objects such as rules, groups, and security profiles are nearing device limits.
Class: Health
Category: Config Limits
In-App Support Ticket: No
|
Certificate Expiration (Premium alert)
|
One or more certificate(s) on the firewall have been revoked or are expiring soon.
Class: Health
Category: Certificate
In-App Support Ticket: No
|
Commit Push Failed (Premium alert)
|
Configuration push has failed.
Class: Health
Category: Configuration
In-App Support Ticket: No
|
Config Memory Usage Approaching Max Limits (Premium alert)
|
The firewall's configuration is approaching its maximum memory usage limit. During commits, the firewall's total config memory must accommodate two copies: the current 'in-use' configuration and the new 'to-be-used' configuration. If the allocated memory per configuration exceeds 50%, the firewall reaches capacity, resulting in commit failure.
Class: Health
Category: Resource usage
In-App Support Ticket: No
|
DP Packet Drop (Premium alert)
|
The Alert detects abormal packet drop for different reasons
Class: Health
Category: Performance
In-App Support Ticket: No
|
HA Links Status (Premium alert)
|
The health of a link that is connected to the firewall. The firewall is connected to various systems for various services. This alert provides the health of these connections.
Class: Health
Category: High-Availability
In-App Support Ticket: No
|
High Log Ingestion Rate (Premium alert)
|
A Log Collector is approaching its maximum supported ingestion rate.
Class: Health
Category: Logging
In-App Support Ticket: No
|
High Log Query Activity (Premium alert)
|
The Log Collector is nearing its capacity of query jobs or reports.
Class: Health
Category: Logging
In-App Support Ticket: No
|
Increased Traffic Latency - Packet Buffer (Premium alert)
|
Packet Buffer resources are running low on the device.
Class: Health
Category: Resource usage
In-App Support Ticket: Yes
|
Increased Traffic Latency - Packet Descriptor (Premium alert)
|
Packet Descriptor resources are running low on the device.
Class: Health
Category: Resource usage
In-App Support Ticket: Yes
|
Increased Traffic Latency - unknown TCP or UDP (Premium alert)
|
The firewall has received a high amount of traffic whose application is categorized as unknown-tcp or unknown-udp.
Class: Health
Category: Resource usage
In-App Support Ticket: No
|
Lost Connection to Log Forwarding Destination (Premium alert)
|
The device is unable to connect to its log forwarding destination.
Class: Health
Category: Logging
In-App Support Ticket: No
|
Minimum Log Retention Period Exceeded (Premium alert)
|
The Log Collector contains logs that are older than the defined minimum retention period.
Class: Health
Category: Logging
In-App Support Ticket: No
|
NAT Allocation Failure (Premium alert)
|
At least one NAT rule is unable to allocate enough resources for translation.
Class: Health
Category: NAT Pool resource
In-App Support Ticket: Yes
|
NAT Pool Usage (Premium alert)
|
One or more NAT rules have high resource usage.
Class: Health
Category: NAT Pool resource
In-App Support Ticket: No
|
NGFW SD-WAN Application Performance Alert (Premium alert)
|
Indicates the list of applications that is impacted by poor link performance.
Class: Health
Category: SD-WAN Performance
In-App Support Ticket: No
|
NGFW SD-WAN Link Performance Alert (Premium alert)
|
Indicates what is causing degraded performance for your apps and services or links.
Class: Health
Category: SD-WAN Performance
In-App Support Ticket: No
|
Non-default Logging level (Premium alert)
|
This alert is triggered when the logging level of a service is not set to its default configuration. This alert ensures that services consistently maintain their designated logging settings.
Class: Health
Category: Resource usage
In-App Support Ticket: No
|
PAN-OS integrated User-ID Agent Monitored Server Disconnected (Premium alert)
|
This alert is triggered when the server, monitored by the PAN-OS integrated User-ID Agent (Agentless User-ID), loses connection with the firewall. This monitored server is a critical component for mapping user identities to network activities.
Class: Health
Category:
In-App Support Ticket: No
|
Policy Config Memory Usage Approaching Max Limits (Premium alert)
|
This alert detects if the policy config memory usage exceeds a critical threshold.
Class: Health
Category: Resource usage
In-App Support Ticket: No
|
Traffic Latency - Packet Descriptors (on-chip) (Premium alert)
|
Packet Descriptor (on-chip) resources are running low on the device.
Class: Health
Category: Flood/DoS
In-App Support Ticket: No
|
Tunnel Down (Premium alert)
|
One or more Site-to-Site VPN Tunnel(s) are down.
Class: Health
Category: Site-to-Site VPN
In-App Support Ticket: Yes
|
Zone Protection profile - Flood Detection (Premium alert)
|
Connections established on the zone or the incoming packet rate are excessive or abnormal.
Class: Health
Category: Flood/DoS
In-App Support Ticket: Yes
|
Zone Protection profile - Threshold Recommendation (Premium alert)
|
A zone is missing a Zone Protection profile or the threshold values in a Zone Protection profile need adjustment.
Class: Health
Category: Flood/DoS
In-App Support Ticket: No
|