Manage NGFW Alerts

Table of Contents

Filter

Expand All | Collapse All

Next-Generation Firewall Docs

Getting Started
Administration
Version
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
- PAN-OS 9.1 (EoL)
Networking
Version
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
Incidents & Alerts
Release Notes
Version
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1
- PAN-OS 11.2
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1 (EoL)

Alerts

View Alert Details

Manage NGFW Alerts

Learn how to manage the AIOps for NGFW alerts.

Where Can I Use This?	What Do I Need?
NGFW, including those funded by Software NGFW Credits	One of these: AIOps for NGFW Free or Strata Cloud Manager Essentials AIOps for NGFW Premium or Strata Cloud Manager Pro

Get a birds-eye view of the NGFW alerts by selecting Incidents & AlertsNGFWAll Alerts. Explore the alerts page to help you maintain the ongoing health of your devices and deployments and to avoid disruption to your business. You have direct access to a detailed list of alerts alongside critical visual summaries. You can also Hide Summary to hide the widgets and only view the alerts in a tabular format.

Here’s the data shown under All Alerts.

Alerts: Displays all the alerts.

In this table, you can perform the following tasks:
- Hide Summary to hide the widgets and only view the alerts in a tabular format.
- Expand an alert to view its description and impact.
- Under Actions, you can perform the following actions:
  - Assign an alert to a user, yourself, or unassign an alert.
  - Change Priority of an alert or select Not Set to remove the priority.
  - Acknowledge an alert by selecting Yes, which confirms you have seen the alert.
  - Suppress sets an alert to an operational status of "On Hold" when you don't plan on resolving it actively.
  - Add Comment for an alert.
- Click an alert to view its details.
- Use Column Settings to view or hide specific columns for alerts and rearrange the default order of the columns. These changes will persist in the future sessions.
ASSIGNED TO: Displays the number of alerts by the person or entity who has the task of resolving them. At the top, it shows the alerts assigned to the current logged in user and the unassigned alerts. You can also view the numbers of alerts BY CATEGORY by selecting it in the drop-down list.
BY SEVERITY & COUNT (TOP 10): Displays the alerts categorized by severity, along with the count of alerts in each category. Critical alerts are prioritized first, followed by warning alerts, and then informational alerts.
BY STATUS: Displays the total number of alerts by status.
- New indicates the incidents that have been unassigned.
- Assigned indicates the incidents that have been assigned to a user.
- In Progress indicates that the incident is being worked upon.
- On Hold indicates that you don't plan on resolving an alert or incident actively.
- Closed indicates the closed alerts during the last 30 days.
- Inconclusive indicates that there is no solution for these alerts.
BY SEVERITY: Displays the total number of alerts categorized as Critical, Warning, and Informational.
BY PRIORITY: Displays the alerts according to their priority with P1 being the most severe.