Panorama data detailed logs

Reply
Highlighted
L1 Bithead

Panorama data detailed logs

hi Team

Please tell how much time frame can detailed logs can retain e.g traffic on panorama before they start to purge to summary database?

or if panorama data detailed logs work differently please tell.?

L7 Applicator

Re: Panorama data detailed logs

Logging is all based on available space rollover and not any summarization schedule.  So how much you get is strictly a  matter of the volume of logs generated and the averrable size of storage.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
L1 Bithead

Re: Panorama data detailed logs

I am having issue of generating Traffic Log report of particular vsys of firewall  using panorama (detailed logs(slower) Panorama Data)

the report of a month period of time  or longer span of time, when  summary database panorama data is used, it generates reports and also with remote device Data.

where as (detailed logs(slower) Panorama Data) is not generating custom report for longer time span.

Is there any documentation regarding Detailed logs reporting for panorama.

Community Team Member

Re: Panorama data detailed logs

What I would be interested to know is if you are able to generate the same detailed traffic report for a time period of 1 month or shorter? as you say longer does not work.??

Stay Secure,
Joe
End of line
L1 Bithead

Re: Panorama data detailed logs

yes one month or shorter detailed logs can be generated.

Is it possible to generate and keep detailed logs over 1 month period time.?

Community Team Member

Re: Panorama data detailed logs

As Steven Puluka stated:

"Logging is all based on available space rollover and not any summarization schedule.  So how much you get is strictly a  matter of the volume of logs generated and the averrable size of storage."

So, to answer your question.. it might be possible to perform this if the logs still contain the data.

If you were able to run 1 month, and have it work, but longer than a month has issues, then would it be possible to run 2 reports, but each one handles 1 month?  Make a custom time, and see if that works for you, if possible.

There might also be issues with the source of the reporting for longer than a month.

If that is the case, then a support case needs to be opened for this.

Regards,

Joe Delio

Stay Secure,
Joe
End of line
L7 Applicator

Re: Panorama data detailed logs

So to increase the length of time you have detailed logging you have two options that will help.

Assign Panorama a maximum sized logging partition.

Reduce the number of logs you generate by only logging rules and parameters you will use.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!