Enable Service Routes for Telemetry
Focus
Focus

Enable Service Routes for Telemetry

Table of Contents

Enable Service Routes for Telemetry

Enable different service routes for telemetry to provide connection with Strata Logging Service.
You can configure specific configuration requirements for device telemetry that collects data about your next-generation firewall. For each virtual system, you can configure service routes to use specific interfaces for outbound telemetry data and share it by uploading to Strata Logging Service.
  1. Select DeviceSetupServices.
  2. Click the Service Route Configuration link under Services Features.
  3. Select Customize.
  4. Click Add for each destination you want to configure.
  5. Enter the FQDNs or IP addresses for each Destination.
    Only explicitly enter IP addresses when testing. IP addresses are dynamic and may be subject to change. If the IP address resolves but the URL does not, review DNS related information about the firewall.
    Some common Palo Alto Network Service Destinations for Strata Logging Service may include:
    • api.paloaltonetworks.com
    • apitrusted.paloaltonetworks.com
    • lic.lc.prod.us.cs.paloaltonetworks.com (if US based)
    • storage.googleapis.com
    • br-prd1.us.cdl.paloaltonetworks.com (if US based)
    You can find the licensing destination using the
    Show device-telemetry details
    command in the CLI.
  6. Choose the custom Source Interface you want to route the telemetry traffic through.
  7. Choose the custom Source Address associated with the interface.
    The image below shows a sample configuration based on common Strata Logging Service FQDNs.
  8. Commit the configuration.