Enable Service Routes for Telemetry
Table of Contents
Enable Service Routes for Telemetry
Enable different service routes for telemetry to provide
connection with Cortex Data Lake.
You can configure specific configuration requirements
for device telemetry that collects data about your next-generation
firewall. For each virtual system, you can configure service routes
to use specific interfaces for outbound telemetry data and share
it by uploading to Cortex Data Lake.
- Select .
- Click theService Route Configurationlink underServices Features.
- SelectCustomize.
- ClickAddfor each destination you want to configure.
- Enter the FQDNs or IP addresses for eachDestination.Only explicitly enter IP addresses when testing. IP addresses are dynamic and may be subject to change. If the IP address resolves but the URL does not, review DNS related information about the firewall.Some common Palo Alto Network Service Destinations for Cortex Data Lake may include:
- api.paloaltonetworks.com
- apitrusted.paloaltonetworks.com
- lic.lc.prod.us.cs.paloaltonetworks.com (if US based)
- storage.googleapis.com
- br-prd1.us.cdl.paloaltonetworks.com (if US based)
Review the FQDNs required for Cortex Data Lake for your specific locale.You can find the licensing destination using the
command in the CLI.Show device-telemetry detailsChoose the customSource Interfaceyou want to route the telemetry traffic through.Choose the customSource Addressassociated with the interface.The image below shows a sample configuration based on common Cortex Data Lake FQDNs.
Committhe configuration.