Article Type: Customer Advisory / Awareness
Product: Strata Logging Service, Strata Cloud Manager, Panorama with SLS, Device Security, Cortex XSIAM for NGFW log ingestion and Quantum Security
Impacted Customers: Only limited customers who use FQDN or IP-based allow lists for log forwarding to SLS/CLCS and telemetry services.
Palo Alto Networks is adding new Fully Qualified Domain Names (FQDNs) and IP addresses for the Strata Logging Service Log and Telemetry Ingestion services. These updates are part of ongoing platform improvements to ensure the reliability, scalability, and availability of our logging infrastructure.
IMPORTANT: The FQDNs listed in this advisory are in addition to your existing whitelisted endpoints. Do not remove your current FQDN whitelisted configurations. You must append these new endpoints to your existing allow lists to ensure continued service.
Customers who use firewall rules, proxy rules, allow lists, or third-party security controls that explicitly reference Strata Logging Service FQDNs must review their configurations and prepare for these changes to avoid service interruption.
The complete and most current list of required Strata Logging Service ports and FQDNs is maintained in the official Palo Alto Networks TechDocs. The new FQDNs have already been updated in the official documentation.
This change only impacts existing customers who explicitly restrict outbound connectivity using FQDN-based or IP-based allow lists for:
No action is required if you are not explicitly restricting Strata Logging Service traffic. Customers are generally not impacted if they:
New connectivity endpoints are being added for the following purposes:
|
Region |
Purpose |
FQDN / Domain |
Port |
|
Australia |
Firewall Log Ingestion |
receptor.au1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.au1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.au1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.au1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Canada |
Firewall Log Ingestion |
receptor.ca1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.ca1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.ca1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.ca1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
France |
Firewall Log Ingestion |
receptor.fr1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.fr1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.fr1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.fr1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Germany |
Firewall Log Ingestion |
receptor.de1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.de1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.de1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.de1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
India |
Firewall Log Ingestion |
receptor.in1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.in1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.in1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.in1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Indonesia |
Firewall Log Ingestion |
receptor.id1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.id1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.id1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.id1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Israel |
Firewall Log Ingestion |
receptor.il1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.il1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.il1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.il1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Italy |
Firewall Log Ingestion |
receptor.it1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.it1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.it1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.it1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Japan |
Firewall Log Ingestion |
receptor.jp1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.jp1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.jp1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.jp1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Korea |
Firewall Log Ingestion |
receptor.kr1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.kr1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.kr1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.kr1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Netherlands |
Firewall Log Ingestion |
receptor.eu1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.eu1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.eu1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.eu1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Poland |
Firewall Log Ingestion |
receptor.pl1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.pl1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.pl1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.pl1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Qatar |
Firewall Log Ingestion |
receptor.qa1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.qa1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.qa1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.qa1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Saudi Arabia |
Firewall Log Ingestion |
receptor.sa1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.sa1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.sa1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.sa1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Singapore |
Firewall Log Ingestion |
receptor.sg1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.sg1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.sg1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.sg1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
South Africa |
Firewall Log Ingestion |
receptor.za1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.za1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.za1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.za1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Spain |
Firewall Log Ingestion |
receptor.es1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.es1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.es1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.es1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Switzerland |
Firewall Log Ingestion |
receptor.ch1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.ch1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.ch1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.ch1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
Taiwan |
Firewall Log Ingestion |
receptor.tw1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.tw1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.tw1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.tw1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
United Kingdom |
Firewall Log Ingestion |
receptor.uk1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.uk1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.uk1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.uk1.prd.strata.logging.paloaltonetworks.com |
444 |
|
|
United States |
Firewall Log Ingestion |
receptor.us1.prd.strata.logging.paloaltonetworks.com |
3978 |
|
Enhanced App Log Ingestion |
ingest.us1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Telemetry & GlobalProtect |
api.us1.prd.strata.logging.paloaltonetworks.com |
443 |
|
|
Panorama Log Access |
access.us1.prd.strata.logging.paloaltonetworks.com |
444 |
If these FQDNs or ports are blocked, customers may experience:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
| Subject | Likes |
|---|---|
| 4 Likes | |
| 3 Likes | |
| 3 Likes | |
| 2 Likes | |
| 2 Likes |
| User | Likes Count |
|---|---|
| 6 | |
| 6 | |
| 4 | |
| 2 | |
| 2 |
