Prisma Cloud: Why does the error 'Storage account access failed' show up within Flow log status column on Prisma Cloud UI?

Prisma Cloud: Why does the error 'Storage account access failed' show up within Flow log status column on Prisma Cloud UI?

1319
Created On 11/27/23 17:53 PM - Last Modified 07/03/24 19:35 PM


Question


  • Should one be concerned when the error "Storage account access failed" is noticed within the "Flow logs status" column on the Prisma Cloud UI? 

Environment


  • Prisma Cloud
    • Cloud Accounts
      • Storage and flow log permissions
  • Cloud
    • Azure

Answer


  • When setting up 'flow logs' within Prisma Cloud, if one notices the error "storage account access failed" in the Cloud Account -> Status Column then it means that
    • There could be a firewall on the 'Azure storage -> Network Configuration' section that is blocking Prisma Cloud's ability to reach the flow log container (or)
    • There is no flow log container present within the storage account. 
  • However, this does not mean that Prisma Cloud cannot reach the Storage account configured on Azure. (See Additional information [1])

Additional Information


  • To test if a Storage Account ingestion within Prisma Cloud: 
    • Successful: Run a RQL with the Storage account name and check if the results are shown. If yes, check the  JSON by clicking the 'View Config' and verify the data is current. 
    • Failed.      :  Run the same RQL and if you do not notice the said 'Storage Account/Accounts' within the list of results, then it is a different issue and needs a support ticket. 
  • Reference KB for Storage Account Access Failed
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000XhE5CAK&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail