Skip to main content

PANOStoCortexDataLakeMonitoring

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Verify that all firewalls successfully pushed logs to the Cortex Data Lake for the last 12 hours. It's an easy way to do monitoring of the FW connection to CDL. You can use either a manual list of FW serials or a Panorama integration to get the list of equipment to monitor.

Script Data#


NameDescription
Script Typepython3
TagsCDL, PAN-OS, XDR
Cortex XSOAR Version6.0.0

Dependencies#


This script uses the following commands and scripts.

  • cdl-query-traffic-logs
  • panorama

Inputs#


Argument NameDescription
fw_serialsComma separated list of FW serial numbers to monitor.
pan_os_instance_namePAN-OS integration instance name to retrieve Firewalls serials list.

Outputs#


PathDescriptionType
CDL.monitoringMonitoring results sorted per Firewall serial.unknown