Panorama in HA pair intermittently failed to query the logs from CDL

• Panoramas in HA pair failed to populate the logs in the monitor tab intermittently. 
• During this time the logging-services.log display "logging-services.log" display "'No matching results found! Empty hits array in Response"
• Similarly during this time, one of the panorama serial numbers display displayed as "NULL"

admin@labpanorama(active)> less mp-log logging-services.log

Cloud Job ID : b0bc7f7e-8f4f-4354-b8a3-68d728ec4a06
Remote Job Status : Finished
Last Response Timestamp: 2022/12/05 05:23:16
Last Response String : {"jobId":"b0bc7f7e-8f4f-4354-b8a3-68d728ec4a06","status":"JOB_FINISHED","sequenceNo":0,"result":
......(Output Omitted)...... 
AND (`sub_type`
.`id` = 15))) AND (((`event_name`.`id` = 251660281) OR (`event_name`.`id` = 251659282))))))))) AND ( `panorama_serial` in ('000711234567') OR (`panorama_serial` IS NULL )) order by
`event_time` asc limit 5000","esResult":"{\"hits\":{\"hits\":[]}}"}

Job Statistics:
..(Output Omitted)...
Failures:
Error Category : Information
Error String : No matching results found! Empty hits array in Response

• Panorama
• PAN-OS 10.1, 10.2
• Cortex Data Lake
• Panorama Managed Prisma Access

• The Panoramas are not configured with HA pair's serial number

1. Configure the Panoramas in HA pair with the "Peer HA Serial" number
2. This is done under GUI: Panorama > High Availability > Setup .
3. Commit the configuration.

• CDL started to support multiple Panorama with a single tenant.
• Panoramas started to use S/N values in the queries with this feature.
• If S/N values are not configured correctly, log queries will not return the logs as expected.
• Strata Logging Service - New features.