tab on Panorama provides
access to log data; these logs are an archived list of sessions that
have been processed by the managed firewalls and forwarded to Panorama.
Log data can be broadly grouped into two types: those that detail
information on traffic flows on your network such as applications,
threats, host information profiles, URL categories, content/file
types and those that record system events, configuration changes,
and User-ID™ mapping information.
Based on the log forwarding configuration on the managed firewalls,
can include logs for traffic flows, threats, URL filtering, data
filtering, host information profile (HIP) matches, and WildFire™
submissions. You can review the logs to verify a wealth of information
on a given session or transaction. Some examples of this information
are the user who initiated the session, the action (allow or deny)
that the firewall performed on the session, and the source and destination
ports, zones, and addresses. The System and Config logs can indicate
a configuration change or an alarm that the firewall triggered when
a configured threshold was exceeded.
If Panorama will manage firewalls running
software versions earlier than PAN-OS 7.0, specify a WildFire server
from which Panorama can gather analysis information for WildFire
samples that those firewalls submit. Panorama uses the information
to complete WildFire Submissions logs that are missing field values
introduced in PAN-OS 7.0. Firewalls running earlier releases won’t
populate those fields. To specify the server, select
edit the General Settings, and enter the
name. The default is
which is the WildFire cloud hosted in the United States.