Insights Commands¶
The scm insights commands provide access to monitoring and telemetry data from Strata Cloud Manager, including alerts, mobile users, locations, remote networks, service connections, and tunnels.
Overview¶
The insights commands allow you to: - View security and system alerts - Monitor mobile user connections and activity - Track location-based metrics - Analyze remote network performance - Check service connection health - Monitor tunnel status and statistics
Prerequisites¶
- Install pan-scm-cli (see Installation)
- Configure authentication (see Authentication)
- Ensure your user has appropriate permissions for monitoring data
Commands¶
Alerts¶
View and export security and system alerts from your Prisma Access environment.
List all alerts¶
Filter alerts by severity¶
Filter alerts by time range¶
# Last 7 days
scm insights alerts --list --start 7
# Specific date range
scm insights alerts --list --start 2024-01-01T00:00:00 --end 2024-01-31T23:59:59
Get a specific alert¶
Export alerts¶
# Export to JSON
scm insights alerts --list --export json --output alerts.json
# Export to CSV
scm insights alerts --list --export csv --output alerts.csv
Mobile Users¶
Monitor mobile user connections and activity.
List all mobile users¶
Filter by connection status¶
scm insights mobile-users --list --status connected
scm insights mobile-users --list --status disconnected
Filter by location¶
Get a specific user¶
Locations¶
View location-based metrics and capacity information.
List all locations¶
Filter by region¶
Get location details¶
Remote Networks¶
Monitor remote network connectivity and performance.
List all remote networks¶
Filter by connectivity status¶
Include performance metrics¶
Get specific network details¶
Service Connections¶
Monitor cloud service connections and their health status.
List all service connections¶
Filter by health status¶
Include performance metrics¶
Tunnels¶
Monitor IPSec and SSL tunnel status and performance.
List all tunnels¶
Filter by status¶
Include statistics¶
Get historical data¶
Common Options¶
All insights commands support these common options:
--folder: Filter by folder--max-results: Limit the number of results (default: 100)--export: Export format (json or csv)--output: Output file path for exports--mock: Run in mock mode for testing
Export Formats¶
JSON Export¶
Exports data in JSON format with full field details:
[
{
"id": "alert-001",
"name": "Critical CPU Usage",
"severity": "critical",
"status": "active",
"timestamp": "2024-01-20T10:30:00Z",
"description": "CPU usage exceeded 95% threshold",
"impacted_resources": ["fw-01", "fw-02"]
}
]
CSV Export¶
Exports data in CSV format with flattened fields:
id,name,severity,status,timestamp,description
alert-001,Critical CPU Usage,critical,active,2024-01-20T10:30:00Z,CPU usage exceeded 95% threshold
Mock Mode¶
All insights commands support mock mode for testing and development:
# Force mock mode by clearing credentials
SCM_CLIENT_ID="" SCM_CLIENT_SECRET="" SCM_TSG_ID="" scm insights alerts --list
This returns realistic sample data without making actual API calls.
Notes¶
- The insights APIs require appropriate permissions in your Strata Cloud Manager tenant
- Some metrics and statistics may have a delay of several minutes
- Export operations respect the --max-results limit
- Time filters accept both relative days (e.g., 7 for last 7 days) and ISO timestamps
- The insights functionality requires the pan-scm-sdk to have the insights services implemented