on 10-17-2016 12:19 PM - edited on 08-26-2019 12:50 PM by Retired Member
Palo Alto Networks and IBM have partnered to deliver advanced security reporting and analytics to the the widely used IBM® QRadar® SIEM. Integrate QRadar seamlessly with the Palo Alto Networks platform to streamline operations and improves security. The Palo Alto Networks app for QRadar enables these capabilities by allowing the security operations team to reduce, prioritize, and correlate Palo Alto Networks events using the QRadar dashboard, and leverage offenses and offense workflows created automatically, enabling rapid response to the most critical threats from a single dashboard.
LEEF log format is the recommended setup however, if your company can not use LEEF logging standard for QRadar, we have an extension available for PAN-OS standard log format available here:
No further configuration is needed. Logs sent from the Palo Alto Networks firewall in the default syslog format are automatically identified by QRadar and the app.
See Getting Support for IBM Security QRadar products in the IBM Support site
Palo Alto Networks firewall support
Open a ticket with Palo Alto Networks TAC at:
Opening a Case with Customer Support