Enhanced Performance for Panorama Query and Reporting
Table of Contents
10.0 (EoL)
Expand all | Collapse all
-
- Automatic Content Updates Through Offline Panorama
- Enhanced Authentication for Dedicated Log Collectors and WildFire Appliances
- Syslog Forwarding Using Ethernet Interfaces
- Increased Configuration Size for Panorama
- Access Domain Enhancements for Multi-Tenancy
- Enhanced Performance for Panorama Query and Reporting
- Log Query Debugging
- Configurable Key Limits in Scheduled Reports
- Multiple Plugin Support for Panorama
End-of-Life (EoL)
Enhanced Performance for Panorama Query and Reporting
Enhanced query performance to reduce the time needed
for Panorama to generated reports.
To improve the way the Panorama™ management
server queries log data to generate reports, PAN-OS 10.0 introduces
the ability to cache previously run queries to decrease the time
needed to show results and generate reports. By leveraging caching,
Panorama can store query results for use in future queries that
use the same parameters. For example, if you run a report for the
last hour and then run a report using identical parameters for the
last six hours, Panorama reuses the already generated and cached
query results to build the new report for the last six hours. This
enhancement is supported for custom, ACC, SaaS, and User Activity
reports and must use the identical query parameters for Panorama
to utilize the cached reports. After Panorama reaches the cached
report storage limit, Panorama automatically deletes the old cached
reports in order to cache a new report.
- Log in to the Panorama Web Interface.
- Generate a custom threat report for the last seven days.
- Review the generated custom threat custom report.
- Generate a custom threat report using
identical report parameters as in Step 2. To leverage enhanced performance for Panorama query and reporting, the report parameters must be identical but the time frame does not.
- Review the cached log storage quota to understand how much storage is available before Panorama begins overwriting the oldest cached queries to storage new queries.