Panorama Reports Based on Device Serial Numbers not Working with Summary Database

Panorama Reports Based on Device Serial Numbers not Working with Summary Database

17378
Created On 09/26/18 13:53 PM - Last Modified 06/07/23 17:50 PM


Resolution


Issue

Custom Panorama reports based on device serial numbers generate empty reports when using the summary database.

 

Details

A custom report was configured (under Monitor > Manage Custom Reports) to display the top 10 traffic among two Palo Alto Networks firewalls (fw1 and fw2). The database used was the Panorama Traffic Log:

config_detailed[2].png

This report displayed the following results:

report_detailed.png

 

The database was then changed to use Panorama Traffic Summary, as generating reports using the Panorama Traffic Log database can take a longer time:

config_sum_bad[3].png

However, running the report using the Panorama Traffic Summary database, resulted in "No Matching Records":

summary_empty.png

 

Cause

The reason behind this behavior is that for the Panorama Traffic Summary database, the serial number of the individual firewalls are changed to the serial number of Panorama (log-collector).

 

Resolution

  1. Change the serial number in the query of the custom report, as shown below:
    config_sum_good[2].png
  2. Run the report and review the results:
    report_summary.png

 

owner: rvanderveken
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClyoCAC&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language