What Important information should customer be aware of before executing debug command on Palo Alto Devices?
25761
Created On 04/30/20 00:51 AM - Last Modified 04/30/20 01:57 AM
Question
What Important information should customer be aware of before executing debug command on Palo Alto Devices?
Environment
- Any PAN-OS
- Any Palo Alto Firewall
- Any Panorama
Answer
Debug commands are often used by TAC to diagnose and resolve any PANOS related issues. Running debug commands involves some level of risk to the environment due to the high utilization of resources required to run these commands. It is highly recommended to run these commands during a maintenance window where the potential impact can be minimized. If not, TAC will take every precaution to minimize any adverse effect to customer environment. These precautions include:
- The cessation (ending) of debug commands when the appropriate information is obtained.
- Review of debug plan by a senior resource prior to the execution of said commands.
- The appropriate restrictions placed on the debug command, as required by the type of information being obtained.
- Verification with the customer that a maintenance window, or other mitigation steps, have been considered.