Panorama Threat Test
This test continuously monitors the threat logs in Palo Alto Panorama, and reports the number of threats logged in each threat type. Using this test, administrators can be aware of intrusion attempts, malware downloads, or suspicious traffic.
Target of the test: Palo Alto Panorama
Agent deploying the test: A Remote Agent
Outputs of the test: One set of results for each threat type in the Palo Alto Panorama that is being monitored.
|
Parameter |
Description |
|---|---|
|
Test period |
How often should the test be executed. |
|
Host |
The IP address of the target host to be monitored. |
|
Port |
Specify the port at which the specified host listens to. |
|
API Key |
The eG agent collects the required metrics from the target Palo Alto Panorama by executing API commands using XML API and pulls out critical metrics. In order to collect metrics, the eG agent should be provided with a valid API key. |
|
SSL |
By default, this flag is set to Yes indicating that the SSL (Secured Socket Layer) is used to connect to the target Palo Alto Panorama. If not so, set the SSL flag to No . |
|
Detailed Diagnosis |
To make diagnosis more efficient and accurate, the eG Enterprise embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option. The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:
|
|
Measurement |
Description |
Measurement Unit |
Interpretation |
|---|---|---|---|
|
Recent threats |
Indicates the number of threats detected under this threat type. |
Number |
The detailed diagnosis of this measure lists the name/ID of the threat, severity, filename, application name, source/destination address, and source/destination port. |
