https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-logs-in-cef-format/m-p/349759#M413 <P>GlobalProtect logs will come in SYSTEM messages.</P><P>however PaloAlto is sending the complete message inside 1 filed $msg.</P><P>this need to be fixed by PaloAlto team</P> Wed, 16 Sep 2020 12:21:18 GMT BARaha 2020-09-16T12:21:18Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-logs-in-cef-format/m-p/330989#M161 <P>Hi Everyone,</P><P>I need to send Global Protect logs to Arcsight connector in CEF format.</P><P>looking through all documentations of CEF configuration Guide that are available, there is nothing mentioned about Global Protect logs and how to convert them to CEF format.</P><P>Anyone has an idea how to accomplish this ?</P> Tue, 02 Jun 2020 06:34:12 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-logs-in-cef-format/m-p/330989#M161 A.Kassis 2020-06-02T06:34:12Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-logs-in-cef-format/m-p/332450#M178 <P>Hi Armanka,<BR /><BR />Yes, GlobalProtect log type is not mentioned in the CEF Configuration Guide:&nbsp;<BR /><A href="https://docs.paloaltonetworks.com/content/dam/techdocs/en_US/pdf/cef/pan-os-91-cef-configuration-guide.pdf" target="_blank">https://docs.paloaltonetworks.com/content/dam/techdocs/en_US/pdf/cef/pan-os-91-cef-configuration-guide.pdf</A><BR /><BR />It's a deployment area, I would suggest to please first check with your SE and Account Team and open a Support Ticket on this.<BR /><BR />Regards,<BR />Salman</P> Mon, 08 Jun 2020 22:40:48 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-logs-in-cef-format/m-p/332450#M178 sahmed 2020-06-08T22:40:48Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-logs-in-cef-format/m-p/346088#M375 <P>Hi,</P><P><BR />Could you please provide details on below points on&nbsp;Global Protect<BR />1) At first, is it possible at all to generate Global Protect logs in CEF ?<BR />2) what are other different log formats(ex: syslog, cef etc) it can generate to send data to different SIEM solutions(ex: Arcsight, IBM QRadar) solution for integration??</P> Mon, 31 Aug 2020 16:57:59 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-logs-in-cef-format/m-p/346088#M375 Sreeram 2020-08-31T16:57:59Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-logs-in-cef-format/m-p/349759#M413 <P>GlobalProtect logs will come in SYSTEM messages.</P><P>however PaloAlto is sending the complete message inside 1 filed $msg.</P><P>this need to be fixed by PaloAlto team</P> Wed, 16 Sep 2020 12:21:18 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-logs-in-cef-format/m-p/349759#M413 BARaha 2020-09-16T12:21:18Z