Administrator-Initiated Collection of Diagnostics in Prisma Access Agent
Focus
Focus
What's New in the NetSec Platform

Administrator-Initiated Collection of Diagnostics in Prisma Access Agent

Table of Contents

Administrator-Initiated Collection of Diagnostics in Prisma Access Agent

Enhanced endpoint troubleshooting with remote diagnostic triggers and automated data collection to accelerate issue resolution.
When network connectivity issues occur at remote endpoints, traditional troubleshooting requires time-consuming manual coordination between IT administrators and end users to collect diagnostic data, often resulting in delayed resolution and lost context by the time logs are gathered. Prisma Access Agent eliminates these bottlenecks by enabling you to remotely trigger comprehensive diagnostic collection from any managed endpoint instantly, automatically capturing logs and telemetry data to preserve the exact conditions when issues occur.
This enhanced version introduces on-demand diagnostic triggers that you can initiate directly from the Inventory page. You can initiate the immediate collection of endpoint logs, agent status information, network connectivity data, and system diagnostics without requiring any action from the end user. When you trigger a diagnostic session, the system automatically captures a complete snapshot of the endpoint's current state including tunnel status, gateway information, session duration, MTU settings, and operating system details. At the same time, Prisma Access Agent collects delta logs from the previous 10 minutes to preserve critical troubleshooting context.
Enhanced data collection provides deeper visibility into endpoint state than previous versions. It captures detailed machine information such as operating system type and version and comprehensive tunnel details including connection methods and optimization settings.
Diagnostic data retention is now fully configurable through the management interface, enabling you to set retention periods that align with your organization's compliance requirements and storage policies. The system defaults to a 45-day retention period for collected diagnostic data, with the flexibility to extend retention up to two years based on your troubleshooting and audit needs, ensuring that historical diagnostic information remains available for trend analysis and recurring issue investigation.
The improved administrative interface enables you to monitor diagnostic collection jobs in real-time, track the status of multiple concurrent diagnostic sessions, and access the collected data through a streamlined workflow that presents device details, agent status, and troubleshooting logs in an organized format. You can download complete diagnostic packages for offline analysis or sharing with support teams, ensuring that all relevant information is available for escalation when complex issues require specialized expertise.