Panorama aggregates logs from all managed firewalls
and provides visibility across all the traffic on the network. It
also provides an audit trail for all policy modifications and configuration
changes made to the managed firewalls. In addition to aggregating
logs, Panorama can forward them as SNMP traps, email notifications,
syslog messages, and HTTP payloads to an external server.
For centralized logging and reporting, you also have the option
to use the cloud-based Logging Service that is architected to
work seamlessly with Panorama. The Logging Service allows your managed
firewalls to forward logs to the Logging Service infrastructure
instead of to Panorama or to the managed Log Collectors, so you
can augment your existing distributed log collection setup or to
scale your current logging infrastructure without having to invest time
and effort yourself.
The Application Command Center (ACC) on Panorama provides a single
pane for unified reporting across all the firewalls. It enables
you to centrally Monitor
Network Activity, to analyze, investigate, and report on
traffic and security incidents. On Panorama, you can view logs and
generate reports from logs forwarded to the Logging Service, Panorama
or to the managed Log Collectors, if configured, or you can query
the managed firewalls directly. For example, you can generate reports
about traffic, threat, and/or user activity in the managed network
based on logs stored on Panorama (and the managed collectors) or
by accessing the logs stored locally on the managed firewalls, or
on the Logging Service.
If you don’t Configure
Log Forwarding to Panorama or the Logging Service, you can
schedule reports to run on each managed firewall and forward the results
to Panorama for a combined view of user activity and network traffic. Although
reports don’t provide a granular drill-down on specific information and
activities, they still provide a unified monitoring approach.