https://live.paloaltonetworks.com/t5/general-topics/threat-syslog-forwarding-panorama-gt-ossim/m-p/34587#M25383 <HTML><HEAD></HEAD><BODY><P>Bumping this thread. Also interested if anyone has seen this. Thanks.</P></BODY></HTML> Wed, 01 Aug 2012 18:25:27 GMT opiedrah 2012-08-01T18:25:27Z https://live.paloaltonetworks.com/t5/general-topics/threat-syslog-forwarding-panorama-gt-ossim/m-p/34584#M25380 <HTML><HEAD></HEAD><BODY><P>HI,</P><P></P><P>I have some problems with forwarding threat syslog events from Panorama to OSSIM.</P><P></P><P>We have several PA and they forward their threat logs to our Panorama Appliance via SSL</P><P>Now we need this Threatlogs at our OSSIM System as well.</P><P></P><P>Because of, Policy restrictions we can not syslog directly from our PAs to our OSSIM System,</P><P>so i want use the Panorama instead.</P><P></P><P>But the only syslog information i got are general information logs</P><P></P><P>How do i get my Panorama to forward the threatlogs to our OSSIM System?</P><P></P><P>thx</P><P>Pascal</P></BODY></HTML> Wed, 11 Jul 2012 11:55:41 GMT https://live.paloaltonetworks.com/t5/general-topics/threat-syslog-forwarding-panorama-gt-ossim/m-p/34584#M25380 LCMember436 2012-07-11T11:55:41Z https://live.paloaltonetworks.com/t5/general-topics/threat-syslog-forwarding-panorama-gt-ossim/m-p/34585#M25381 <HTML><HEAD></HEAD><BODY><P>First make sure your device is sending all severities to panorama.&nbsp; Next check to make sure panorama is sending all log forwarding to the configured syslog under the objects tab and log forwarding.</P></BODY></HTML> Mon, 16 Jul 2012 19:06:26 GMT https://live.paloaltonetworks.com/t5/general-topics/threat-syslog-forwarding-panorama-gt-ossim/m-p/34585#M25381 nayubi 2012-07-16T19:06:26Z https://live.paloaltonetworks.com/t5/general-topics/threat-syslog-forwarding-panorama-gt-ossim/m-p/34586#M25382 <HTML><HEAD></HEAD><BODY><P>Under Objects-&gt;Log Forwarding--&gt;Log Type-&gt;Threat</P><P>For all Severenity there ist the Syslog Server and Panorama configured.</P><P>So the PA send all Logs to the Panorama and the syslog server, but because of Firewall policies between the PAs and the syslog server it is not allowed to forwoard syslog through the firewall</P><P>And the PAs communicate over ssl witch the panorma which is allowed</P><P></P><P>there are no firewall restrictions between Panorama and the syslog server</P><P>So I want the Panorama to forward the threat logs from all our PAs to the syslog server,</P><P>but the only syslogs the Panorama forwards are System logs from the Panorama itself but not any of the logs which the PAs send to the Panorama</P><P></P><P>So my Problem is how to configure the log forwarding of the threatlogs, which where send over ssl to the panorama, </P><P>now from the panorama to the syslog server</P></BODY></HTML> Tue, 17 Jul 2012 16:12:07 GMT https://live.paloaltonetworks.com/t5/general-topics/threat-syslog-forwarding-panorama-gt-ossim/m-p/34586#M25382 LCMember436 2012-07-17T16:12:07Z https://live.paloaltonetworks.com/t5/general-topics/threat-syslog-forwarding-panorama-gt-ossim/m-p/34587#M25383 <HTML><HEAD></HEAD><BODY><P>Bumping this thread. Also interested if anyone has seen this. Thanks.</P></BODY></HTML> Wed, 01 Aug 2012 18:25:27 GMT https://live.paloaltonetworks.com/t5/general-topics/threat-syslog-forwarding-panorama-gt-ossim/m-p/34587#M25383 opiedrah 2012-08-01T18:25:27Z