HTTP Log Forwarding was introduced in PAN-OS 8.0 to enable better integration between your firewall and IT infrastructure by triggering an action or initiating a workflow on an external HTTP-based service when a log is generated on the firewall.
The goal of this page is to share different integration amongst the community. We want to hear from you! Please add any integrations that you come up with in the discussion area below.
Note: Support for HTTP Log Forwarding scripts/templates is provided via the Live Community discussion board on this page. Requests for technical support by phone or web will be redirected to this page.
Hi,
I have a client (PA 5220 version 8.0.9) who continuously (every hour) is getting this error message in Monitor -> System: "Number of hints on disk has exceeded 5000 due to log forward failures."
At first we thought it was due to the parameter con
...
Our firewalls cannot send to hooks.slack.com since they refreshed their cert yesterday (3/14/2023).
I suspect a problem with the way their chain is signing X1 root CA but until they fix it, is there a way to allow the log forwarding service to ignore
...
Hi all,
i have a requirement of configuring Email Log forwarding, when ever a users tries to access unauthorized websites or resources within our network.
NOTE :
The mail forwarding should have the source IP address, source user, unauthorized website
...
Hello Community Champs,
I configured two syslog server profiles and forwarding the logs to both servers, here my question is I am recieving traffic logs on both syslog servers but system logs are not recieving on second syslog server (thinking, for s
...
Can I set palo alto to check if syslog server is up before forwarding the log, and if the main syslog server is down then forward log to another server?
I have issues that I need palo alto to not forwarding logs to both servers at the same time.
This is the configuration we did to create incidents with HTTP log forwarding and i wanted to share it to see if someone sees it as useful or wants to share an opinion
Hello,
As per title, I have this problem on a HA scenario with two VM-100 installed on VMware. Practically every 20 min in the system logs appears:"Syslog connection broken to server". After 0 sec appears:"Syslog connection is established to server".
...
This document assumes that you have already created a Slack team. This sample integration was done with a free Slack account.
Once you have created your Slack team, login to your slack account and add a
...
Hi All,
We had configured SNMP V3 to forward all the logs to SNMP V3.
Is username/Engine ID/Auth and Private Password need to be configured for SNMP v3 to work properly
When checking the Logrcvr process log I could see the below error in the Log rcv
...
Hi !
we have configured Netflow server and the profile is attached to Inside interface, we are getting Netflow records and it seems working fine. but what we have observed is, we are seeing the Netflows for the traffic which is getting denied by Firew
...
Hi All,
We are having issue with management plane CPU going high. Upon checking we had identified the Logrcvr process is consuming more memory during the issue time.
We are having syslog forwarding profile and Net flow profile configured on the fire
...
If you're using Cortex Data Lake with Panorama, does it make more sense to have Panorama in management-only mode, instead of Panorama mode?
There is a flaw in the Palo Alto ‘category’ field reported to Splunk.
Description:
Build your own visual alert DUCKhickey that integrates with the Palo Alto Networks platform using the HTTP Log Forwarding feature in PAN-OS 8.X and above. I configured the SOC Duck in the Black Hat NOC to trigger and light up with th
