My idea was first to setup panorama to monitor the logs for critical and then send snmp trap.
But from what i can see from the PA mibs, there are no way for panorama to send info in the trap about the device? So all i see in the trap is the panorama ip. Is there any way around this? Or is maybe best practise to trap from the individual device?
So full disclosure, I hate snmp traps with a passion and find them very old school when other alerting methods exist.
Generally speaking I would only have the Panorama appliance send traps for Panorama, I wouldn't have it send alerts about attached devices. That being siad, their is a ton of additional information present in the email alerts if you set this up for emails instead of SNMP traps. I would also probably recommend setting up alerts on the individual firewalls as well, instead of simply monitoring Panorama for all devices. I tend to find it a little cleaner and it doesn't add much overhead at all.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!