Add a Virtual Disk to Panorama on AWS

Add a virtual logging disk to Panorama™ in Panorama or Log Collector mode on Amazon Web Services (AWS) and AWS GovCloud.
After you Install Panorama on AWS or Install Panorama on AWS GovCloud, add virtual logging disks to the Panorama™ virtual appliance instance to provide storage for logs generated by managed firewalls. You can add virtual disks to a local log Collector for a Panorama virtual appliance in Panorama mode or for a Dedicated Log Collector. To add virtual disks, you must have access to the Amazon Web Service Console, the Panorama command-line interface (CLI), and the Panorama web interface.
The Panorama virtual appliance on AWS supports only 2TB logging disks and, in total, supports up to 24TB of log storage. You cannot add a logging disk smaller than 2TB or a logging disk of a size that is not evenly divisible by 2TB because the Panorama virtual appliance partitions logging disks in to 2TB partitions. For example, if you attach a 4TB logging disk, Panorama will create two 2TB partitions. However, you cannot add a 5TB logging disk because the leftover 1TB is not supported as a partition.
  1. Log in to AWS Web Service console and select the EC2 Dashboard.
  2. Add a virtual logging disk to Panorama.
    1. On the EC2 Dashboard, select
      Volumes
      and
      Create Volume
      :
      • Select your preferred Volume Type. For general purpose use, select
        General Purpose SSD (GP2)
        .
      • Configure the size of the volume.
      • Select the same Availability Zone that your Panorama virtual appliance instance is located in.
      • (
        Optional
        ) Encrypt the volume.
      • (
        Optional
        ) Add tags to your volume.
    2. Click
      Create Volume
      .
      create-volume-aws.png
    3. In the Volumes page, select the volume you, select
      Actions
      Attach Volume
      .
    4. Attach the Panorama virtual appliance Instance.
  3. Configure each disk.
    The following example uses the sdc virtual disk.
    1. Enter the following command to view the disks on the Panorama virtual appliance:
      show system disk details
      The user will see the following response:
      Name : sdb State : Present Size : 2048 MB Status : Available Reason : Admin enabled Name : sdc State : Present Size : 2048 MB Status : Available Reason : Admin disabled
    2. Enter the following command and confirm the request when prompted for all disks with the
      Reason : Admin disabled
      response:
      request system disk add sdc
      The
      request system disk add
      command is not available on a Panorama management server in Management Only mode because logging is not supported in this mode. If you do not see the command, Set up a Panorama Virtual Appliance in Panorama Mode to enable the logging disks. Once in Panorama mode, Log in to the Panorama CLI and continue to Step 4 to verify the disk addition.
    3. Enter the
      show system disk details
      command to verify the status of the disk addition. Continue to the next step when all newly added disk responses display
      Reason : Admin enabled
      .
  4. Make disks available for logging.
    1. Log in to the Panorama web interface.
    2. Edit a Log Collector (
      Panorama
      Managed Collectors
      ).
    3. Select
      Disks
      and
      Add
      each newly added disk.
    4. Click
      OK
      .
    5. Select
      Commit
      Commit and Push
      and
      Commit and Push
      your changes.
  5. (
    New Panorama deployments in Panorama mode only
    ) Configure Panorama to receive logs.
    If you are adding logging disks to an existing Panorama virtual appliance, skip to step 6.
  6. Verify that the Panorama Log Storage capacity is increased.
    1. Log in to the Panorama web interface.
    2. Select the Collector Group to which the Panorama virtual appliance belongs (
      Panorama
      Collector Groups
      ).
    3. Verify that the
      Log Storage
      capacity accurately displays the disk capacity.

Related Documentation