You can overcome the challenge of reproducing intermittent endpoint issues by using event-triggered diagnostics for Prisma® Access Agent to automatically collect troubleshooting logs the exact moment a failure occurs. While you currently rely on periodic diagnostics collected daily or on-demand triggers initiated manually, this feature eliminates delays by capturing data instantly. Event-triggered diagnostics only occur when you configure Prisma Access Agent to collect endpoint insights. Once enabled, a watchdog service continuously monitors the endpoint and captures a diagnostic snapshot during predefined system events, such as agent disablement, slow tunnel connections, and IPSec to SSL tunnel fallback. When an event triggers, the system automatically captures the endpoint state and the preceding ten minutes of activity logs to preserve the precise temporal context of the failure. You use this contextual data to investigate and resolve complex connectivity problems.