https://live.paloaltonetworks.com/t5/panorama-discussions/panorama-splunk-logs-forwarding/m-p/1229120#M2878 <P>Hello&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/1052669929">@B.Dagdelen</a>&nbsp;,</P> <P>&nbsp;</P> <P>If you want to export past logs:</P> <P><A href="https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-xml-api-request-types/retrieve-logs-api/example-use-the-api-to-retrieve-traffic-logs" target="_blank">https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-xml-api-request-types/retrieve-logs-api/example-use-the-api-to-retrieve-traffic-logs</A></P> <P>&nbsp;</P> <P>For real time/new logs, I think you should configure the log forwarding from your firewalls or the Panorama to your splunk directly.</P> <P>&nbsp;</P> <P>Olivier</P> Thu, 15 May 2025 04:10:14 GMT ozheng 2025-05-15T04:10:14Z https://live.paloaltonetworks.com/t5/panorama-discussions/panorama-splunk-logs-forwarding/m-p/1228634#M2867 <P>Hello all, when I try to forward logs from Panorama to Splunk I couldn't see the logs for the past 15 days. I wanna export these logs manually and add them to Splunk but even though I set the row limit on Panorama CSV to 1 million I still only see the logs for the past 4 hours. And when I try to export these logs on the CLI via SCP/FTP, I can't get past the 1 million row limitation. Is there any other way to export logs? Below are the methods I've already tried.<BR /><BR /></P> <P><SPAN><A title="Original URL: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clj3. Click or tap if you trust this link." href="https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail%3Fid%3DkA10g000000Clj3&amp;data=05%7C02%7Cbaran.dagdelen%40tdsynnex.com%7C8ac689da0ec0423fec9308dd8e2798cd%7C7fe14ab68f5d413984bfcd8aed0ee6b9%7C1%7C0%7C638823022966379335%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;sdata=Gm3C0xaoPACoeN8hyrht846Zg%2BCtLq9Ixwde4lxaXhM%3D&amp;reserved=0" data-auth="NotApplicable" data-linkindex="0" data-olk-copy-source="MessageBody" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clj3</A></SPAN><BR /><BR /><BR /></P> <P><SPAN><A title="Original URL: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-cli-quick-start/use-the-cli/use-secure-copy-to-import-and-export-files/export-and-import-a-complete-log-database-logdb. Click or tap if you trust this link." href="https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.paloaltonetworks.com%2Fpan-os%2F11-1%2Fpan-os-cli-quick-start%2Fuse-the-cli%2Fuse-secure-copy-to-import-and-export-files%2Fexport-and-import-a-complete-log-database-logdb&amp;data=05%7C02%7Cbaran.dagdelen%40tdsynnex.com%7C8ac689da0ec0423fec9308dd8e2798cd%7C7fe14ab68f5d413984bfcd8aed0ee6b9%7C1%7C0%7C638823022966404976%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;sdata=yjPQIkct74WB92SqhiIf2AUMKjgOJUksTa41Upk7bEY%3D&amp;reserved=0" data-auth="NotApplicable" data-linkindex="1" data-olk-copy-source="MessageBody" target="_blank">https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-cli-quick-start/use-the-cli/use-secure-copy-to-import-and-export-files/export-and-import-a-complete-log-database-logdb</A></SPAN></P> Fri, 09 May 2025 09:48:30 GMT https://live.paloaltonetworks.com/t5/panorama-discussions/panorama-splunk-logs-forwarding/m-p/1228634#M2867 B.Dagdelen 2025-05-09T09:48:30Z https://live.paloaltonetworks.com/t5/panorama-discussions/panorama-splunk-logs-forwarding/m-p/1229120#M2878 <P>Hello&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/1052669929">@B.Dagdelen</a>&nbsp;,</P> <P>&nbsp;</P> <P>If you want to export past logs:</P> <P><A href="https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-xml-api-request-types/retrieve-logs-api/example-use-the-api-to-retrieve-traffic-logs" target="_blank">https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-xml-api-request-types/retrieve-logs-api/example-use-the-api-to-retrieve-traffic-logs</A></P> <P>&nbsp;</P> <P>For real time/new logs, I think you should configure the log forwarding from your firewalls or the Panorama to your splunk directly.</P> <P>&nbsp;</P> <P>Olivier</P> Thu, 15 May 2025 04:10:14 GMT https://live.paloaltonetworks.com/t5/panorama-discussions/panorama-splunk-logs-forwarding/m-p/1229120#M2878 ozheng 2025-05-15T04:10:14Z