01-13-2025 02:18 AM
Hi Bro,
Is there a way to get a report on traffic usage via email with a list of top users and their usage?
I'm stuck on this problem. Hope someone can share with me.
Thanks in advance.
Regards.
David
01-20-2025 12:59 AM
Hi @URONMAPU ,
As far as I know Palo Alto Networks firewalls do not natively support email alerts triggered by bandwidth thresholds.
However, you can achieve similar functionality through different methods.
Using SNMP monitoring and external tools. You can configure the FW to send SNMP data to an external SIEM which in turn can alert you.
Similarly you can use netflow and have the Netflow collector server send you alerts (https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/monitoring/netflow-monitoring).
You could also set up Log Forwarding to send log to an external system. Some of these logging servers have built in tools to send our reports/alerts (e.g. Splunk, ELK Stack, ...). Alternatively you could develop a custom script to parse logs and monitor bandwidth usage and configure the script to send email alerts when thresholds are breached.
Lastly I can think of automation tools such as Cortex XSOAR or similar third-party platforms like ServiceNow to monitor traffic logs and trigger email alerts.
Kind regards,
-Kim.
01-13-2025 05:22 AM
Hi @URONMAPU ,
You can schedule a report for email delivery.
I believe the information found in the traffic report > sources is giving you the information you are looking for (source IP, username, bytes, sessions, etc,...)
Kind regards,
-Kim.
01-13-2025 06:46 PM
Hi Kim @kiwi
This is a way to schedule reports for daily delivery or delivered weekly on a specified day.
Our bandwidth is maxing out (for example 100MB) and I want to see who is using the most at that time.
I'm looking for a way to see a list of top usernames or IPs and their usage in this case.
Regards,
David
01-14-2025 03:27 AM
Hi @URONMAPU ,
You can check the daily reports as shown in the screenshot under Monitor > Reports > Traffic Reports to see the high bandwith users for the past days.
Alternatively you can check the ACC tab > Network Activity > User Activity. Don't forget to select the desired timeframe or create a custom timeframe:
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/acc
Another way is to go to the Networks tab > QoS and click on the 'Statistics' link on your QoS profile (if you have one):
Kind regards,
-Kim.
Kind regards,
-Kim.
01-14-2025 08:29 PM
Hi @kiwi
Is there a quick way to get a report on traffic usage via email?
When our bandwidth is maxing out (or 95%), I will receive an email notification from the system including a list of IPs (or top users) and their usage. No need to access to web interface and do a manually check.
01-20-2025 12:59 AM
Hi @URONMAPU ,
As far as I know Palo Alto Networks firewalls do not natively support email alerts triggered by bandwidth thresholds.
However, you can achieve similar functionality through different methods.
Using SNMP monitoring and external tools. You can configure the FW to send SNMP data to an external SIEM which in turn can alert you.
Similarly you can use netflow and have the Netflow collector server send you alerts (https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/monitoring/netflow-monitoring).
You could also set up Log Forwarding to send log to an external system. Some of these logging servers have built in tools to send our reports/alerts (e.g. Splunk, ELK Stack, ...). Alternatively you could develop a custom script to parse logs and monitor bandwidth usage and configure the script to send email alerts when thresholds are breached.
Lastly I can think of automation tools such as Cortex XSOAR or similar third-party platforms like ServiceNow to monitor traffic logs and trigger email alerts.
Kind regards,
-Kim.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
