Logs are being discarded for Palo Alto Networks

Vendor

Palo Alto Networks

Description

Indeni will alert if logs, or forwarded logs, are being discarded.

Remediation Steps

Determine why logs are being discarded - are there too many logs being generated, or is it a connectivity issue?

How does this work?

This script logs into the Palo Alto Networks firewall through SSH and retrieves the log receiver statistics. It focuses on the discards due to the queue being full or send errors.

Why is this important?

This script logs into the Palo Alto Networks firewall through SSH and retrieves the log receiver statistics. It focuses on the discards due to the queue being full or send errors.

Without Indeni how would you find this?

An administrator would need to write a script to poll their firewalls for the data. Alternatively one could retrieve the data once an issue occurs.


View Source Code