Add a Virtual Disk to Panorama on AWS

Add a virtual logging disk to Panorama™ in Panorama or Log Collector mode on Amazon Web Services (AWS) and AWS GovCloud.
After you Install Panorama on AWS or Install Panorama on AWS GovCloud, add virtual logging disks to the Panorama™ virtual appliance instance to provide storage for logs generated by managed firewalls. You can add virtual disks to a local log Collector for a Panorama virtual appliance in Panorama mode or for a Dedicated Log Collector. To add virtual disks, you must have access to the Amazon Web Service Console, the Panorama command-line interface (CLI), and the Panorama web interface.
The Panorama virtual appliance on AWS supports only 2TB logging disks and, in total, supports up to 24TB of log storage. You cannot add a logging disk smaller than 2TB or a logging disk of a size that is not evenly divisible by 2TB because the Panorama virtual appliance partitions logging disks in to 2TB partitions. For example, if you attach a 4TB logging disk, Panorama will create two 2TB partitions. However, you cannot add a 5TB logging disk because the leftover 1TB is not supported as a partition.
  1. Log in to AWS Web Service console and select the EC2 Dashboard.
  2. Add a virtual logging disk to Panorama.
    1. On the EC2 Dashboard, select Volumes and Create Volume:
      • Select your preferred Volume Type. For general purpose use, select General Purpose SSD (GP2).
      • Configure the size of the volume.
      • Select the same Availability Zone that your Panorama virtual appliance instance is located in.
      • (Optional) Encrypt the volume.
      • (Optional) Add tags to your volume.
    2. Click Create Volume.
      create-volume-aws.png
    3. In the Volumes page, select the volume you, select ActionsAttach Volume.
    4. Attach the Panorama virtual appliance Instance.
  3. Configure each disk.
    The following example uses the sdc virtual disk.
    1. Log in to the Panorama CLI.
    2. Enter the following command to view the disks on the Panorama virtual appliance:
      show system disk details
      The user will see the following response:
      	Name
      : sdb 
      	State : Present 
      	Size : 2048 MB 
      	Status : Available 
      	Reason : Admin enabled 
      	Name : sdc 
      	State : Present 
      	Size : 2048 MB 
      	Status : Available 
      	Reason : Admin disabled
    3. Enter the following command and confirm the request when prompted for all disks with the Reason : Admin disabled response:
      request system disk add sdc
      The request system disk add command is not available on a Panorama management server in Management Only mode because logging is not supported in this mode. If you do not see the command, Set up a Panorama Virtual Appliance in Panorama Mode to enable the logging disks. Once in Panorama mode, Log in to the Panorama CLI and continue to Step 4 to verify the disk addition.
    4. Enter the show system disk details command to verify the status of the disk addition. Continue to the next step when all newly added disk responses display Reason : Admin enabled.
  4. Make disks available for logging.
    1. Log in to the Panorama web interface.
    2. Edit a Log Collector (PanoramaManaged Collectors).
    3. Select Disks and Add each newly added disk.
    4. Click OK.
    5. Select CommitCommit and Push and Commit and Push your changes.
  5. (New Panorama deployments in Panorama mode only) Configure Panorama to receive logs.
    If you are adding logging disks to an existing Panorama virtual appliance, skip to step 6.
    1. Configure a Collector Group.
    2. Configure Log Forwarding to Panorama.
  6. Verify that the Panorama Log Storage capacity is increased.
    1. Log in to the Panorama web interface.
    2. Select the Collector Group to which the Panorama virtual appliance belongs (PanoramaCollector Groups).
    3. Verify that the Log Storage capacity accurately displays the disk capacity.

Related Documentation