Direct Query of PA-7000 Series Firewalls from Panorama
Learn how to directly query managed PA-7000 Series firewalls
from Panorama without enabling log forwarding.
Because of the new support for PA-7000 Series Firewall Log Forwarding to Panorama, Panorama
no longer treats the PA-7000 Series firewalls it manages as Log
Collectors. If you have not configured the PA-7000 Series firewalls to
forward logs to Panorama, all logs a managed PA-7000 Series firewall
generates are only viewable from the local firewall and not from
Panorama. Beginning with PAN-OS 8.0.8, if you do not yet have a
log forwarding infrastructure that is capable of handling the logging
rate and volume from the PA-7000 Series firewalls, you can now enable
Panorama to directly query PA-7000 Series firewalls when monitoring logs.
use this new capability, both the PA-7000 Series firewalls and Panorama
must be running PAN-OS 8.0.8 or a later release.
this new functionality available in PAN-OS 8.0.8 and later releases, Panorama
now provides two options for monitoring logs and running reports
for managed PA-7000 Series firewalls:
) Enable Panorama to directly query
managed PA-7000 Series firewalls when monitoring logs.
To enable Panorama to directly query the PA-7000 Series
firewalls without requiring the firewalls to forward logs, you must
enter the following command from the Panorama CLI:
reportd send-request-to-7k yes
running the command, you will be able to view logs for managed PA-7000 Series
firewalls on the Panorama
as with all managed devices, you can also generate reports that
include PA-7000 Series log data by selecting
Before enabling your PA-7000 Series firewalls to forward
logs to Panorama, make sure you have a logging infrastructure that
will handle the logging rate and volume. Refer to the table in Panorama Models to determine if you have
the right logging capacity. Additionally, if you have enabled Panorama
to directly query PA-7000 Series firewalls, you must disable this
before you enable log forwarding by entering the following command
from the Panorama CLI:
debug reportd send-request-to-7k
After you have enabled your PA-7000
Series firewalls to forward logs to Panorama, the PA-7000 Series
log data will be aggregated within all Panorama views: Application
Command Center (ACC), the App-Scope, the log viewer (
and the standard, customizable reporting options on Panorama.