On This Page
Configuring Panorama Logging for Provisioning New Rules
Overview
Tufin enables you to configure Palo Alto Panorama Advanced Mode logging to occur at the beginning of a session, end of a session, or both the beginning and end of a session.
By default, logging occurs at both the start and end of the session. If session processing is overloaded or backed-up, configure Panorama logging to occur at the end of the session.
The Panorama logging option in StConf affects only the logging for provisioning of new rules for all the Panorama Advanced Mode devices managed in SecureTrack.
Configure Panorama Logging Option
- Navigate to:
https://<SecureTrack_IP>/securetrack/admin/stcgitest.htm - Navigate to Edit StConf > Fetch StConf.
- In the StConf file, navigate to the
<provisioning>section and verify that the<panorama_ng_log_options>flag is present. - If the
<panorama_ng_log_options>flag is not present, manually insert it into the<provisioning>section. - In the
<provisioning>section of the StConf file, set the<panorama_ng_log_options>flag to configure logging to occur at the beginning of a session(log-start), at the end of a session (log-end), or at both the beginning and the end of a session (both).The logging default is
both - Click Submit New Conf.
Sample code
<provisioning>
<panorama_ng_log_option>log-end</panorama_ng_log_options>
<!--Available values: log-start, log-end, both-->
</provisioning>
Was this helpful?
Thank you!
We’d love your feedback
We really appreciate your feedback
Send this page to a colleague
