Log Forwarding App for Cortex XDR Analytics

Community Team Member

Read about the new Log Forwarding App for Cortex XDR Analytics. Learn about the new features of Cortex XDR and see what's need to activate. Got Questions? Get Answers on Live Community!

 

Today's blog is going to be a short one. We will be bringing your attention to the release of the talked about, but not yet released feature of "Log Forwarding App" for Cortex XDR Analytics.

 

This is a great new feature that people have been asking for, and now it's here to help improve your company's detection and response features with Cortex XDR.

 

The logs stored on the Logging Service are available for queries and reports using Panorama and the Application Framework. If you need to fulfill your organization's legal compliance requirements, the Log Forwarding app enables you to easily forward logs stored on the Logging Service to external destinations.*

 

The Logging Service is a cloud-based offering for network logs generated by Palo Alto Networks security products. Use the Log Forwarding app—included with each Logging Service instance you purchase—to forward logs from the Logging Service to an external syslog receiver to obtain your long-term archive, SoC, or audit compliance goals.

 

Log Forwarding is included with Logging Service and does not require any additional licensing. Before you can use Log Forwarding, you must activate it on the Cloud Services Portal. After you activate the app, you can add a Log Forwarding app instance to the Cloud Services Portal. Although you need only to activate the Log Forwarding app one time, you must add a separate Log Forwarding app instance for each instance of the Logging Service you have purchased. Each instance of the Log Forwarding app can forward logs to a single destination, and you can associate it with only one instance of the Logging Service.**

 

Screenshot of cloud services interface to activate Log forwarding app

 

Screenshot of form to Activate Log forwarding


For more info on the new features with Log Forwarding, please see the release notes here:
Log Forwarding App Release Notes

For more forward on the general use and information about Log Forwarding and how to use it, please see:
Log Forwarding App

Or for more information on Cortex XDR - Analytics Logs please see:
Cortex XDR – Analytics Logs


Thanks for taking time to read my blog.

 

If you enjoyed this, please hit the like (thumbs up) button. Don't forget to subscribe to the Live Community Blog area.
As always, we welcome all comments and feedback in the comments section below.

 

Stay Secure,
Joe Delio
End of line

 

References:

*  https://docs.paloaltonetworks.com/cloud-services/apps/log-forwarding/log-forwarding-app-getting-star...
** https://docs.paloaltonetworks.com/cloud-services/apps/log-forwarding/log-forwarding-app-getting-star...

1,135 Views
Ask Questions Get Answers Join the Live Community
Labels