Activate the Traps Management Service
After you purchase Traps licenses, you will receive an email with an Auth code that you can use to activate your Traps management service tenant. The Directory Sync Service and Cortex Data Lake are also available to you.
While Directory Sync Service does not require you to register the service separately, you must perform additional configuration to begin using the service.
By default, Traps management service includes 100GB of log storage when you activate Traps management service. With the Traps Included Storage option, you do not need to activate the Cortex Data Lake separately. However, if you plan to use the same Cortex Data Lake instance for both firewall logs and Traps management service logs, you must first activate the Cortex Data Lake from the
Customer Support Portalinstead of activating the Cortex Data Lake from the Hub and then associate it with Traps management service during activation. This sequence allows you to associate the Auth code with Panorama and later associate the same Cortex Data Lake instance with Traps management service.
Use the following workflow to activate and set up a Traps management service tenant:
- Before you begin:
- Sign Into the Cloud Services Portal (https://apps.paloaltonetworks.com/).Anyone with a Palo Alto Networks Customer Services account that is assigned the appropriate roles can log in to the portal but you can't access an app or service from the portal until you activate it.
- (Optional) Set Up Directory Sync Service.The Directory Sync Service reads Active Directory (AD) information on your network and sends it to the Palo Alto Networks cloud. This enables you to configure rules in your Traps management service tenant that apply to AD objects such as users and groups. Before you can begin assigning policy to AD objects, you must set up the service.
- Set up Cortex Data Lake if you intend to use the same Cortex Data Lake instance to store logs from Palo Alto Networks firewalls. If you plan to use only the Traps Included Storage, skip to the next step to activate Traps management service. If you are unsure how much log storage you need, use the Cortex Data Lake Calculator.You must activate the Cortex Data Lake from theCustomer Support Portaland retrieve the license on Panorama (see License and Install the Cloud Service Plugin) if you want to store Traps logs and firewall logs to the same Logging Service instance.
- Activate Traps management service.Before you can log in to Traps management service, you must activate the app.
- Log in to the Hub andActivate New App.
- Enter theAuth Codeyou received to activate Traps management service andContinue.The Hub prompts you for information to activate your Traps management service tenant.
- Enter anInstance Nameto identify your tenant in the Hub and provide an optionalDescription.
- Select theRegionin which you want to host Traps management service tenant:US East (N. Virginia)orEU (Frankfurt).The region you choose determines the location of the Logging Service and optionally the Directory Sync Service as well as the privacy regulations applied to your Traps management service tenant.The Traps agents can communicate with a Traps management service deployed in any region.
- Enter theSubdomainthat you want to use for your tenant of Traps management service.For example, if you entermycompanyas the subdomain, Palo Alto Networks will create your tenant of the Traps management service asmycompany.traps.paloaltonetworks.com.
- Choose a Cortex Data Lake instance to store logs.The Hub displays the list of Logging Service instances available in yourRegion. If you did not already purchase and activate Cortex Data Lake, the Traps management service includes 100GB of logging storage.
- If you Set Up Directory Sync Service, select your Directory Sync Service instance.
- Review the terms of the End User License Agreement (EULA) andAgree and Activate.
- Before you can begin storing logs, you must set quota allocation preferences for Traps management service.
- Verify the status of your Traps management service tenant.
- From the Hub, click the gear icon next to your name.
- In the Traps area, review theSTATUSfor Traps management service tenant you just activated.When Traps management service tenant is available, the status changes to the green check mark.
- Access your Traps management service tenant for the first time.There are two ways to access your Traps management service tenant: Return to the Hub (https://apps.paloaltonetworks.com/) and select your tenant from Traps management service tile; or go directly to the web address for your tenant (https://).<subdomain>.traps.paloaltonetworks.com