Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 476

All firewalls at a company are currently forwarding logs to Palo Alto Networks log collectors. The company also wants to deploy a syslog server and forward all firewall logs to the syslog server and to the log collectors. There is a known logging peak time during the day and the security team has asked the firewall engineer to determine how many logs per second the current Palo Alto Networks log collectors are processing at that particular time.

Which method is the most time-efficient to complete this task?

Answer options

• A. Navigate to Panorama > Managed Collectors, and open the Statistics window for each Log Collector during the peak time
• B. Navigate to ACC > Network Activity, and determine the total number of sessions and threats during the peak time
• C. Navigate to Monitor > Unified logs, set the filter to the peak time, and browse to the last page to find out how many logs have been received
• D. Navigate to Panorama > Managed Devices > Health, open the Logging tab for each managed firewall and check the log rates during the peak time

Correct answer: A

Explanation

Option A is correct because it directly provides real-time statistics for each Log Collector, making it the most efficient method. Options B and C do not specifically focus on log rates from the collectors, and they provide broader session and threat data instead. Option D, while providing log rates, requires checking each managed firewall separately, which is less time-efficient compared to option A.