Connect SaaS Security Inline to Cortex Data Lake to retrieve
You already connected SaaS Security Inline
with Cortex Data Lake (CDL) as part of your SaaS Security Inline activation.
However, if you need to update SaaS Security Inline with a new CDL
after activation, contact SaaS Security Technical Support.
your CDL (Cortex Data Lake) is configured to receive logs from your
Palo Alto Networks firewalls,
after activation, SaaS Security Inline discovers all SaaS applications
SaaS Security Inline discovers users by using
CDL (Cortex Data Lake) logs, specifically the
If the firewall forwards a log to CDL and this field is not populated
for a given user, SaaS Security Inline considers that user unknown.
The SaaS Security web interface excludes all application usage data
for unknown users.
created this connection in advance or at the time of SaaS Security
the connection status indicates
If the connection message indicates
contact SaaS Security Technical Support to manually add the Cortex
Data Lake serial number.
If the connection status indicates
contact SaaS Security Technical Support to update the Cortex Data
Lake serial number.