topic Re: Syslog-Messages only for some security rules? in General Topics https://live.paloaltonetworks.com/t5/general-topics/syslog-messages-only-for-some-security-rules/m-p/13437#M9852 <HTML><HEAD></HEAD><BODY><P>You can do it by applying the log forwarding profile to specific rules. If you want only system logs to be forwarded to the syslog server then don't apply log forarding profile to any security policy.</P><P></P><P>Log Forwarding profile can be created by going to objects&gt;log forwarding add a new profile select appropriate logs option that you want.</P><P></P><P>If you want only system logs that it can be achieved by going to Device&gt; Log setting</P><P></P><P>In both cases you need sys log server profile Device&gt;server profile&gt; syslog</P><P></P><P>Rate the helpful answers</P></BODY></HTML> Thu, 23 Jul 2015 09:53:47 GMT pankaku 2015-07-23T09:53:47Z Syslog-Messages only for some security rules? https://live.paloaltonetworks.com/t5/general-topics/syslog-messages-only-for-some-security-rules/m-p/13436#M9851 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>I want to distribute our syslog-messages to different servers. Since we are using the Palo Alto system as Internet Security Gateway, a lot of traffic gets logged. But I only want to forward special services (systems more important than usual webtraffic) to our syslog servers. Is there a way to filter which targets/sources gets logged via syslog?</P></BODY></HTML> Thu, 23 Jul 2015 09:06:08 GMT https://live.paloaltonetworks.com/t5/general-topics/syslog-messages-only-for-some-security-rules/m-p/13436#M9851 it_sicherheit 2015-07-23T09:06:08Z Re: Syslog-Messages only for some security rules? https://live.paloaltonetworks.com/t5/general-topics/syslog-messages-only-for-some-security-rules/m-p/13437#M9852 <HTML><HEAD></HEAD><BODY><P>You can do it by applying the log forwarding profile to specific rules. If you want only system logs to be forwarded to the syslog server then don't apply log forarding profile to any security policy.</P><P></P><P>Log Forwarding profile can be created by going to objects&gt;log forwarding add a new profile select appropriate logs option that you want.</P><P></P><P>If you want only system logs that it can be achieved by going to Device&gt; Log setting</P><P></P><P>In both cases you need sys log server profile Device&gt;server profile&gt; syslog</P><P></P><P>Rate the helpful answers</P></BODY></HTML> Thu, 23 Jul 2015 09:53:47 GMT https://live.paloaltonetworks.com/t5/general-topics/syslog-messages-only-for-some-security-rules/m-p/13437#M9852 pankaku 2015-07-23T09:53:47Z