Log Collection Deployments
Deploy Panorama with Dedicated Log Collectors (Continued)
Step 7
(Optional) Configure the Eth1 and/or
Eth2 interfaces if the Log Collectors will
use them for log collection and Collector
Group communication.
These interfaces are available only if you
configured them for the Panorama
management server during initial
configuration.
Palo Alto Networks recommends
using Eth1 and/or Eth2 to reduce
the traffic load on the MGT
interface and to improve security
for management traffic.
Step 8
Add a Firewall as a Managed Device.
136 • Panorama 6.1 Administrator's Guide
Use the web interface of the primary Panorama management
server peer to perform these steps for each Log Collector:
1.
Select Panorama > Managed Collectors and edit the Log
Collector.
2.
Configure the network settings of the Eth1 and/or Eth2
interfaces. For each interface, select the corresponding tab
and configure one or both of the following field sets based on
the IP protocols of your network.
• IPv4—IP Address, Netmask, and Default Gateway
• IPv6—IPv6 Address/Prefix Length and Default IPv6
Gateway
3.
Click OK and Commit, set the Commit Type to Panorama, and
click OK. This step is required before you can assign the Eth1
and Eth2 interfaces to logging functions.
4.
Select Panorama > Managed Collectors and edit the Log
Collector.
5.
Select the interfaces (MGT, Eth1, or Eth2) that the Log
Collector will use for Device Log Collection and Collector
Group Communication (default is MGT).
6.
Click OK to save your changes.
Use the web interface of the primary Panorama management
server peer to perform this task for each firewall that will forward
logs to Log Collectors.
Manage Log Collection
© Palo Alto Networks, Inc.