Palo Alto PowerPack Release Notes, version 101

Version 101 of the Palo Alto PowerPack includes new device classes, presentation objects, and device icons, updates the PowerPack name and collector affinity, enables summarization state, and addresses a number of issues.

Minimum Required SL1 Version: 8.14.0

This PowerPack currently supports only basic authentication for discovery; it does not support the use of an API key.

Before You Install or Upgrade

Ensure that you are running version 8.14.0 or later of SL1 before installing "Palo Alto" PowerPack version 101.

For details on upgrading SL1, see the relevant SL1 Platform Release Notes.

ScienceLogic suggests installing the Host Resource Core Pack PowerPack, Entity MIB PowerPack, and ScienceLogic Support Pack PowerPacks. The Dynamic Applications included in these PowerPacks will automatically align to your Palo Alto devices.

Installation Process

If you are currently using the Dynamic Applications in this PowerPack to monitor devices, collection errors might occur for one or two polling cycles during the installation of a new version. To prevent collection errors during an upgrade, you can optionally disable collection for monitored devices before performing the following steps and re-enable collection after the upgrade.

To install this PowerPack:

Search for and download the PowerPack from the PowerPacks page (Product Downloads > PowerPacks & SyncPacks) at the ScienceLogic Support Site.
In SL1, go to the PowerPacks page (System > Manage > PowerPacks).
Click the Actions menu and choose Import PowerPack. The Import PowerPack modal appears.
Click Browse and navigate to the PowerPack file from step 1.
Select the PowerPack file and click Import. The PowerPack Installer modal displays a list of the PowerPack contents.
Click Install. The PowerPack is added to the PowerPack Manager page.

For more information about using the PowerPack, see the Monitoring Windows Systems with PowerShell manual.

Included Features

This release includes the following features:

Dynamic Applications that discover and collect configuration and performance data about Palo Alto firewalls.

Device Classes for each of the Palo Alto devices monitored.

Event Policies and corresponding alerts that are triggered when Palo Alto devices meet certain status criteria.

Enhancements and Issues Addressed

The following enhancements and addressed issues are included in version 101 of the "Palo Alto" PowerPack:

The PowerPack was renamed to "Palto Alto Base Pack".

The following presentation objects were added to the PowerPack:

% GRE Decap Failed
% GRE Decap Unknown
% GTP Decap Failed
% GTP Decap Unknown
% IPSEC Decap Failed
% IPSEC Decap Unknown

The following Device Classes were added to the PowerPack:

M-200
M-600
PA-220-ZTP
PA-220R
PA-220R-ZTP
PA-3200
PA-3250-ZTP
PA-3220
PA-3220-ZTP
PA-3250
PA-3260
PA-3260-ZTP
PA-5280
PA-820-ZTP
PA-850-ZTP
WF-600

The Summarization State setting was updated to Enabled for the following presentation objects in the "Palo Alto: Environmental Performance" Dynamic Application:

Max Temperature
Min Temperature
Fan RPM
Minimum RPM
Volts
Minimum Volts
Maximum Volts

The Collector Affinity setting was updated to Assigned collector for the following Palo Alto Dynamic Applications:

Palo Alto: Configuration
Palo Alto: DOS, Drops, and TCP Stats
Palo Alto: Environmental Performance
Palo Alto: Global Tunnel Stats
Palo Alto: GlobalProtect Configuration
Palo Alto: License Configuration
Palo Alto: Session Performance
Palo Alto: Traffic to Country Destination
Palo Alto: Vsys Performance

A new SVG icon was added to the PowerPack for the new user interface and all 43 Device Classes that are included in this PowerPack were aligned to the icon. NOTE: This update does not impact the classic SL1 user interface.
The "Fan RPM" collection object that is included in the "Palo Alto: Environmental Performance" Dynamic Application was updated to support whether a fan is spinning. If the device reports a 'False' RPM value, the Dynamic Application will convert the value to 0 RPM and an event will be fired. If the device reports a 'True' RPM value, the Dynamic Application will convert the value to 1000 RPM.
An issue was addressed in which devices were returning empty responses when using the "Palo Alto: License Configuration" Dynamic Application if the device has no license information. The Dynamic Application will now log a message when your device has no license information available.
An issue was addressed in which an error was occurring if environmental data was empty when running the "Palo Alto: Environmental Performance" Dynamic Application. The Dynamic Application now displays a log message if the device has not reported any environmental data.
An issue was addressed in which an error was occurring when running the "Palo Alto: License Configuration" Dynamic Application. The "Expires" field in the "Palo Alto: License Configuration" Dynamic Application now may contain literal or date values. For instances when a license never expires, 'Never' will be applied instead of a date value and no remaining days will be set for the registry.
An issue was addressed in which data from the "Palo Alto: License Configuration" Dynamic Application was not being populated in the GUI table due to an empty authorization code retrieved from a device. The Dynamic Application now skips the license entries with an empty authorization code, which allows the storage process to complete and the data that is successfully collected will be displayed in the user interface.
An issue was addressed in which the "Palo Alto: GlobalProtect Configuration" Dynamic Application was not collecting data due to the value in the 'GlobalProtection datafile release date' field. This field now may contain literal or date values. For instances when the datafile release date is unknown, 'unknown' will be applied instead of a date value and no datafile uptime will be set for the registry.

An issue was addressed in which some devices were returning an XML without traffic records and a 'NoneType' error was being generated from the "Palo Alto: Traffic to Country Destination" Dynamic Application due to a device not being connected or not properly configured. If traffic data is found then the Dynamic Application will process it as usual. If traffic data is not found, a log message is displayed that states that the device has not reported any traffic.
An issue was addressed in which a "NoneType" error was occurring when running the "Palo Alto: GlobalProtect Configuration" Dynamic Application and an empty response was generated. The Dynamic Application now displays a log message that states that the device has not reported any system global protect data.

Known Issues

The following known issues affect version 101 of the Palo Alto PowerPack:

If a device does not have the 'top-application-categoreis' report returned by an API pull, then API based Dynamic Applications may not automatically align.
When running the "Palo Alto: License Configuration" Dynamic Application performance report, Palo Alto licenses that do not have an Auth Code will be skipped and an info message will be displayed. Collection will run as expected.
The data unit for all metrics will not be displayed on the "Palo Alto: DOS, Drops, and TCP Stats" Dynamic Application performance report. The metrics are counters and there is no standard data unit available for this metric.
Some collection objects in this PowerPack support a limited format. Palo Alto software is subject to change without notice to ScienceLogic. Due to this, the format of collected data may change.

The Dynamic Applications that are included in the PowerPack automatically align to discovered devices. If the following Dynamic Applications are not aligned to your device before upgrading to version 101 of the PowerPack, once you have upgraded to version 101 of the PowerPack you can align them manually or run a discovery task:

Palo Alto: GlobalProtect Configuration
Palo Alto: License Configuration
Palo Alto: Environmental Performance
Palo Alto: Traffic to Country Destination