https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/1222212#M2793 <P><SPAN>There are two options either to use existing Log Scale Connector or can build a seperate&nbsp;Log Scale Connector which integrate with CS SIEM.&nbsp;</SPAN></P> <P>&nbsp;</P> <P><SPAN>Both will work</SPAN></P> Fri, 28 Feb 2025 00:29:18 GMT Naga_Chaturvedi 2025-02-28T00:29:18Z https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/596140#M2453 <P>Log Forwarding to Crowdstrike SIEM</P> <P>Is there anyway to forward logs to&nbsp;Crowdstrike SIEM by using API</P> Wed, 28 Aug 2024 08:19:22 GMT https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/596140#M2453 Naga_Chaturvedi 2024-08-28T08:19:22Z https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/596515#M2462 <P>Hello&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/245004">@Naga_Chaturvedi</a></P> <P>&nbsp;</P> <P>thanks for posting.</P> <P>&nbsp;</P> <P>Based on Crowdstrike documentation:&nbsp;<A href="https://falcon.crowdstrike.com/documentation/page/bb227624/paloalto-next-gen-firewall#we80f504" target="_self">paloalto-next-gen-firewall</A>&nbsp;the recommended way is to install Log Scale Connector.&nbsp;Log Scale Connector listens for incoming Syslog traffic from Panorama, then Palo Alto Networks Data Connector will send logs to Crowdstrike Next-Gen SIEM.</P> <P>&nbsp;</P> <P>Alternatively, I can think of to set up in Panorama HTTP log forwarding profile:&nbsp;<A href="https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/forward-logs-to-an-https-destination" target="_self">forward-logs-to-an-https-destination</A>&nbsp;and HTTP Event Connector on Crowdstrike side:&nbsp;<A href="https://falcon.crowdstrike.com/documentation/page/bdded008/hec-http-event-connector-guide" target="_self">hec-http-event-connector-guide</A>.</P> <P>&nbsp;</P> <P>Kind Regards</P> <P>Pavel&nbsp;</P> Mon, 02 Sep 2024 04:48:50 GMT https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/596515#M2462 PavelK 2024-09-02T04:48:50Z https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/1222196#M2791 <P>Quick question, where do you install the Log Scale Connector on a separate server that will collect the logs from PAN?</P> Thu, 27 Feb 2025 17:59:41 GMT https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/1222196#M2791 N.Robertson767642 2025-02-27T17:59:41Z https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/1222212#M2793 <P><SPAN>There are two options either to use existing Log Scale Connector or can build a seperate&nbsp;Log Scale Connector which integrate with CS SIEM.&nbsp;</SPAN></P> <P>&nbsp;</P> <P><SPAN>Both will work</SPAN></P> Fri, 28 Feb 2025 00:29:18 GMT https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/1222212#M2793 Naga_Chaturvedi 2025-02-28T00:29:18Z https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/1222288#M2795 <P>I did check within CrowdStrike and we don't have any Log Scale Connector build. That means I have to download Log Scale Connector from CrowdStrike on my Log server and install it then configure it. That logs sever will communicate with palo alto to forward logs to CrowdStrike.&nbsp;</P> Fri, 28 Feb 2025 15:12:37 GMT https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/1222288#M2795 N.Robertson767642 2025-02-28T15:12:37Z https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/1222391#M2797 <P>Hi Robert,</P> <P>In CS Dwwnloads page download "<SPAN>LogScale Collector For Ubuntu - X64, v1.7.3", Install this file in a ubuntu server as per the instructions in the link "<A href="https://falcon.crowdstrike.com/documentation/page/bb227624/paloalto-next-gen-firewall" target="_blank">Palo Alto Next Gen Firewall | Next-Gen SIEM Third-Party Integrations | Third-Party Integration and Data Connectors | Falcon Next-Gen SIEM | Documentation | Support and resources | Falcon</A>"&nbsp;</SPAN></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Naga_Chaturvedi_0-1740992138572.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/66277i5ABE30F7E3855F7C/image-size/medium?v=v2&amp;px=400" role="button" title="Naga_Chaturvedi_0-1740992138572.png" alt="Naga_Chaturvedi_0-1740992138572.png" /></span></P> <P>&nbsp;</P> Mon, 03 Mar 2025 08:55:58 GMT https://live.paloaltonetworks.com/t5/panorama-discussions/log-forwarding-to-crowdstrike-siem/m-p/1222391#M2797 Naga_Chaturvedi 2025-03-03T08:55:58Z