How to notify/alert a User when the firewall disconnects or re-connects to the Logging service

How to alert user(s) when their firewalls are forwarding logs to the cloud logging service losing connection to the service?

• Customers would want a way to receive an alert or a notification when their firewalls lose connection to the Cloud Logging Service, So they can engage adequate resources as soon as possible to resolve the issue and bring the service back up.
• It is not practical to monitor and keep track of the multiple firewalls if they are forwarding logs to the logging service based on their visibility or lack of it on Panorama > Monitor > Logs and then verify the forwarding status using show logging-status command on the firewalls.

• Prisma Access Panorama or Firewall
• Email Alerts based on System Logs

1. One can configure email alerts based on the Monitor > Logs > System Logs on the firewall(s) or on Panorama that displays these logs.

Monitor > Logs > System 

 Disconnected :

Connected/Re-Connected :

2. Firewalls located in the 'Americas' Region connect to Logging Service IP addresses- 65.154.226.11, 65.154.226.12, 65.154.226.13 or 65.154.226.14 on port 3978
3. Firewalls located in the 'Europe' Region may connect to a different set of IP addresses on port 3978 which can be verified in the output of show logging-status command on the firewalls.
4. For configuring Email Alerts/Notifications using System logs, Refer to How to Configure Email Alerts for System Logs