https://live.paloaltonetworks.com/t5/next-generation-firewall/ngfw-threat-amp-traffics-log-fields/m-p/583490#M2968 <P>Hi Team,&nbsp;</P> <P>&nbsp;</P> <P>I am going through the traffic and threat logs of the NGFW. In the logs, I am unable to get the knowledge of the following fields " domain" &amp; "config version".&nbsp;</P> <P>&nbsp;</P> Fri, 12 Apr 2024 08:40:45 GMT SwapnilC_Lentra 2024-04-12T08:40:45Z https://live.paloaltonetworks.com/t5/next-generation-firewall/ngfw-threat-amp-traffics-log-fields/m-p/583490#M2968 <P>Hi Team,&nbsp;</P> <P>&nbsp;</P> <P>I am going through the traffic and threat logs of the NGFW. In the logs, I am unable to get the knowledge of the following fields " domain" &amp; "config version".&nbsp;</P> <P>&nbsp;</P> Fri, 12 Apr 2024 08:40:45 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/ngfw-threat-amp-traffics-log-fields/m-p/583490#M2968 SwapnilC_Lentra 2024-04-12T08:40:45Z https://live.paloaltonetworks.com/t5/next-generation-firewall/ngfw-threat-amp-traffics-log-fields/m-p/583664#M2973 <P>Hello&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/467373333">@SwapnilC_Lentra</a></P> <P>&nbsp;</P> <P>thanks for post.</P> <P>&nbsp;</P> <P>would it be possible to post a screen shot of fields you are referring to?</P> <P>&nbsp;</P> <P>Kind Regards</P> <P>Pavel</P> Mon, 15 Apr 2024 03:14:14 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/ngfw-threat-amp-traffics-log-fields/m-p/583664#M2973 PavelK 2024-04-15T03:14:14Z https://live.paloaltonetworks.com/t5/next-generation-firewall/ngfw-threat-amp-traffics-log-fields/m-p/583975#M3000 <P>Actually I do not have access to the firewall console. I just have raw logs on excel where I got these fields.</P> <P>&nbsp;</P> Wed, 17 Apr 2024 08:16:28 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/ngfw-threat-amp-traffics-log-fields/m-p/583975#M3000 SwapnilC_Lentra 2024-04-17T08:16:28Z https://live.paloaltonetworks.com/t5/next-generation-firewall/ngfw-threat-amp-traffics-log-fields/m-p/584111#M3005 <P>Hello&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/467373333">@SwapnilC_Lentra</a></P> <P>&nbsp;</P> <P>thank you for reply.</P> <P>&nbsp;</P> <P>I see. Could you please confirm the source of the raw logs? Was it exported directly from Firewall / Panorama or SIEM? Also, if possible could you post samples of what information these fields represent?</P> <P>&nbsp;</P> <P>Thank you</P> <P>Pavel</P> Wed, 17 Apr 2024 23:08:09 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/ngfw-threat-amp-traffics-log-fields/m-p/584111#M3005 PavelK 2024-04-17T23:08:09Z