Generate, Schedule, and Email Reports
Table of Contents
10.0 (EoL)
Expand all | Collapse all
-
- Determine Panorama Log Storage Requirements
-
- Setup Prerequisites for the Panorama Virtual Appliance
- Perform Initial Configuration of the Panorama Virtual Appliance
- Set Up The Panorama Virtual Appliance as a Log Collector
- Set Up the Panorama Virtual Appliance with Local Log Collector
- Set up a Panorama Virtual Appliance in Panorama Mode
- Set up a Panorama Virtual Appliance in Management Only Mode
-
- Preserve Existing Logs When Adding Storage on Panorama Virtual Appliance in Legacy Mode
- Add a Virtual Disk to Panorama on an ESXi Server
- Add a Virtual Disk to Panorama on vCloud Air
- Add a Virtual Disk to Panorama on Alibaba Cloud
- Add a Virtual Disk to Panorama on AWS
- Add a Virtual Disk to Panorama on Azure
- Add a Virtual Disk to Panorama on Google Cloud Platform
- Add a Virtual Disk to Panorama on Hyper-V
- Add a Virtual Disk to Panorama on KVM
- Add a Virtual Disk to Panorama on Oracle Cloud Infrastructure (OCI)
- Mount the Panorama ESXi Server to an NFS Datastore
-
- Increase CPUs and Memory for Panorama on an ESXi Server
- Increase CPUs and Memory for Panorama on vCloud Air
- Increase CPUs and Memory for Panorama on Alibaba Cloud
- Increase CPUs and Memory for Panorama on AWS
- Increase CPUs and Memory for Panorama on Azure
- Increase CPUs and Memory for Panorama on Google Cloud Platform
- Increase CPUs and Memory for Panorama on Hyper-V
- Increase CPUs and Memory for Panorama on KVM
- Increase CPUs and Memory for Panorama on Oracle Cloud Infrastructure (OCI)
- Complete the Panorama Virtual Appliance Setup
-
- Convert Your Evaluation Panorama to a Production Panorama with Local Log Collector
- Convert Your Evaluation Panorama to a Production Panorama without Local Log Collector
- Convert Your Evaluation Panorama to VM-Flex Licensing with Local Log Collector
- Convert Your Evaluation Panorama to VM-Flex Licensing without Local Log Collector
- Convert Your Production Panorama to an ELA Panorama
-
- Register Panorama
- Activate a Panorama Support License
- Activate/Retrieve a Firewall Management License when the Panorama Virtual Appliance is Internet-connected
- Activate/Retrieve a Firewall Management License when the Panorama Virtual Appliance is not Internet-connected
- Activate/Retrieve a Firewall Management License on the M-Series Appliance
- Install the Panorama Device Certificate
-
- Panorama, Log Collector, Firewall, and WildFire Version Compatibility
- Install Updates for Panorama in an HA Configuration
- Install Updates for Panorama with an Internet Connection
- Install Updates for Panorama When Not Internet-Connected
- Install Updates Automatically for Panorama without an Internet Connection
- Migrate Panorama Logs to the New Log Format
-
- Migrate from a Panorama Virtual Appliance to an M-Series Appliance
- Migrate a Panorama Virtual Appliance to a Different Hypervisor
- Migrate from an M-Series Appliance to a Panorama Virtual Appliance
- Migrate from an M-100 Appliance to an M-500 Appliance
- Migrate from an M-100 or M-500 Appliance to an M-200 or M-600 Appliance
-
- Configure an Admin Role Profile
- Configure an Access Domain
-
- Configure a Panorama Administrator Account
- Configure Local or External Authentication for Panorama Administrators
- Configure a Panorama Administrator with Certificate-Based Authentication for the Web Interface
- Configure an Administrator with SSH Key-Based Authentication for the CLI
- Configure RADIUS Authentication for Panorama Administrators
- Configure TACACS+ Authentication for Panorama Administrators
- Configure SAML Authentication for Panorama Administrators
-
- Add a Firewall as a Managed Device
-
- Add a Device Group
- Create a Device Group Hierarchy
- Create Objects for Use in Shared or Device Group Policy
- Revert to Inherited Object Values
- Manage Unused Shared Objects
- Manage Precedence of Inherited Objects
- Move or Clone a Policy Rule or Object to a Different Device Group
- Push a Policy Rule to a Subset of Firewalls
- Manage the Rule Hierarchy
- Manage the Master Key from Panorama
- Redistribute Data to Managed Firewalls
-
- Add Standalone WildFire Appliances to Manage with Panorama
- Remove a WildFire Appliance from Panorama Management
-
-
- Configure a Cluster and Add Nodes on Panorama
- Configure General Cluster Settings on Panorama
- Remove a Cluster from Panorama Management
- Configure Appliance-to-Appliance Encryption Using Predefined Certificates Centrally on Panorama
- Configure Appliance-to-Appliance Encryption Using Custom Certificates Centrally on Panorama
- View WildFire Cluster Status Using Panorama
- Upgrade a Cluster Centrally on Panorama with an Internet Connection
- Upgrade a Cluster Centrally on Panorama without an Internet Connection
-
-
- Manage Licenses on Firewalls Using Panorama
-
- Supported Updates
- Schedule a Content Update Using Panorama
- Upgrade Log Collectors When Panorama Is Internet-Connected
- Upgrade Log Collectors When Panorama Is Not Internet-Connected
- Upgrade Firewalls When Panorama Is Internet-Connected
- Upgrade Firewalls When Panorama Is Not Internet-Connected
- Upgrade a ZTP Firewall
- Revert Content Updates from Panorama
-
- Preview, Validate, or Commit Configuration Changes
- Enable Automated Commit Recovery
- Compare Changes in Panorama Configurations
- Manage Locks for Restricting Configuration Changes
- Add Custom Logos to Panorama
- Use the Panorama Task Manager
- Reboot or Shut Down Panorama
- Configure Panorama Password Profiles and Complexity
-
-
- Verify Panorama Port Usage
- Resolve Zero Log Storage for a Collector Group
- Replace a Failed Disk on an M-Series Appliance
- Replace the Virtual Disk on an ESXi Server
- Replace the Virtual Disk on vCloud Air
- Migrate Logs to a New M-Series Appliance in Log Collector Mode
- Migrate Logs to a New M-Series Appliance in Panorama Mode
- Migrate Logs to a New M-Series Appliance Model in Panorama Mode in High Availability
- Migrate Logs to the Same M-Series Appliance Model in Panorama Mode in High Availability
- Migrate Log Collectors after Failure/RMA of Non-HA Panorama
- Regenerate Metadata for M-Series Appliance RAID Pairs
- View Log Query Jobs
- Troubleshoot Commit Failures
- Troubleshoot Registration or Serial Number Errors
- Troubleshoot Reporting Errors
- Troubleshoot Device Management License Errors
- Troubleshoot Automatically Reverted Firewall Configurations
- Complete Content Update When Panorama HA Peer is Down
- View Task Success or Failure Status
- Downgrade from Panorama 10.0
End-of-Life (EoL)
Generate, Schedule, and Email Reports
You can configure reports to run immediately
or schedule them to run at specific intervals. You can save and
export the reports or email them to specific recipients. Emailing
is particularly useful if you want to share reports with administrators
who do not have access to Panorama. Panorama supports the same report types as the Palo Alto Networks
firewall.
Beginning with Panorama 10.0.2 and Cloud Services
plugin version 1.8.0, you can generate scheduled reports on Cortex
Data Lake data.
To do this, you must first enable
the feature from the Panorama CLI by entering
Then,
follow the steps below for generating scheduled reports.
In PAN-OS 10.0.3 and later, this feature
is enabled by default.
admin@Panorama> request plugins cloud_services logging-service sched-report-enable
A
regular commit will not enable this change. Instead, you must switch
to configuration mode:
admin@Panorama> configure
and
enter admin@Panorama# commit force
It is recommended that you install matching
software releases on Panorama and the firewalls for which you will
generate reports. For example, if the Panorama management server
runs Panorama 10.0, install PAN-OS 10.0 on its managed firewalls
before generating the reports. This practice avoids issues that might
occur if you create reports that include fields supported in the
Panorama release but not supported in an earlier PAN-OS release
on the firewalls.
- Configure Panorama predefined reports.
- Select PanoramaSetupManagement and edit Logging and Reporting.
- (Optional) Select Log Export and
Reporting and enable (check) Use Data for Pre-Defined
Reports to offload hourly report aggregation to Log
Collectors. Enabling this setting is recommended for VM-50, VM-50 Lite and PA-200 firewalls.
- Select Pre-Defined Reports and enable (check) predefined reports to push from Panorama.
- Select CommitCommit to Panorama and Commit your configuration changes.
- (VM-50, VM-50 Lite, and PA-200 firewalls only) Access the firewall CLI to
enable predefined reports..This command must be run on each VM-50, VM-50 Lite, and PA-200 firewall.admin> debug run-panorama-predefined-report yes
- Configure Panorama to receive and store user and user group information that it receives from firewalls.
Required to generate reports based on usernames and groups instead of just IP addresses.- If you want Panorama to include user group information in reports, upgrade the managed firewalls to PAN-OS 8.1 or a later release. Panorama cannot synchronize group information from firewalls running earlier releases.
- Select PanoramaSetupManagement, edit the Panorama Settings, and Enable reporting and filtering on groups.
- Add
a Device Group if you haven’t already. For each device group:
- Select a Master Device, which is the firewall that provides user and user group information to Panorama.
- Enable Panorama to Store users and groups from Master Device.
- Generate reports.
Scheduled and Run Now summary reports for the same database and timeframe have discrepancies in the data displayed in each report. This is due to how Log Collectors and firewalls aggregate logs during hourly aggregation.The steps to generate a report depend on the type.- Custom report:
- Select MonitorManage Custom Reports and Add the report.
- Enter a Name to identify the report.
- Select a Database for the report.To base the report on logs stored on the Panorama management server and Log Collectors, select Panorama Data (recommended for faster performance).To base the reports on logs stored on the managed firewalls, select Remote Device Data. This option is for cases where the firewalls might have logs that were not yet forwarded to Panorama. However, because Panorama must query the firewalls directly, this option is slower.
- Select Scheduled.
- Define your log filtering criteria by selecting the Time Frame, Sort By order, Group By preference, and the columns (log attributes) that the report will display.Selecting the Sort By order is required in order to generate an accurate report. If you do not select a Sort By order, the generated custom report is populated with the most recent log matches for the selected database.
- (Optional) Use the Query Builder to further refine the log filtering criteria based on log attributes.
- To test the report settings, select Run Now. If necessary, modify the settings to change the information that the report displays.
- Click OK to save the custom report.
- PDF Summary Report:
- Select MonitorPDF ReportsManage PDF Summary and add the report.
- Enter a Name to identify the report.
- Use the drop-down for each report group and select one or more of the elements to design the PDF Summary Report. You can include up to 18 elements.
- Click OK to save the settings.
- Configure a Report Group.
It can include predefined reports, PDF Summary reports, and custom reports. Panorama compiles all the included reports into a single PDF.- Select MonitorPDF ReportsReport Groups and Add a report group.
- Enter a Name to identify the report group.
- (Optional) Select Title Page and add a Title for the PDF output.
- Select reports in the Predefined Report, Custom Report, and PDF Summary Report lists.
- Add the selected reports to the report group.
- Click OK to save the settings.
- Configure an Email server profile.
The profile defines how the firewall connects to the server and sends email.- Select PanoramaServer ProfilesEmail and Add a server profile.
- Enter a Name to identify the profile.
- Add up to four SMTP servers
and Add the following information for each
one:
- Name—A name to identify the SMTP server (1 to 31 characters). This field is just a label and doesn’t have to be the hostname of an existing server.
- Email Display Name—The name to display in the From field of the email.
- From—The email address where notification emails will be sent from.
- To—The email address to which notification emails will be sent.
- Additional Recipient—To send notifications to a second account, enter the additional address here.
- Email Gateway—The IP address or hostname of the SMTP gateway to use to send the emails.
- Click OK to save the profile.
- Schedule the report for email delivery.
- Select MonitorPDF ReportsEmail Scheduler and Add an email scheduler profile.
- Enter a Name to identify the profile.
- Select the Report Group, the Email server profile you just created (Email Profile), and the Recurrence for the report (default is Disable).
- Send test email to verify that the email settings are accurate.
- Click OK to save your changes.
- Select CommitCommit to Panorama and Commit your changes.
- Configure Panorama to receive and store user and user group information that it receives from firewalls.