Read about the new Log Forwarding App for Cortex XDR Analytics. Learn about the new features of Cortex XDR and see what's need to activate. Got Questions? Get Answers on Live Community!
Today's blog is going to be a short one. We will be bringing your attention to the release of the talked about, but not yet released feature of "Log Forwarding App" for Cortex XDR Analytics.
This is a great new feature that people have been asking for, and now it's here to help improve your company's detection and response features with Cortex XDR.
The logs stored on the Logging Service are available for queries and reports using Panorama and the Application Framework. If you need to fulfill your organization's legal compliance requirements, the Log Forwarding app enables you to easily forward logs stored on the Logging Service to external destinations.*
The Logging Service is a cloud-based offering for network logs generated by Palo Alto Networks security products. Use the Log Forwarding app—included with each Logging Service instance you purchase—to forward logs from the Logging Service to an external syslog receiver to obtain your long-term archive, SoC, or audit compliance goals.
Log Forwarding is included with Logging Service and does not require any additional licensing. Before you can use Log Forwarding, you must activate it on the Cloud Services Portal. After you activate the app, you can add a Log Forwarding app instance to the Cloud Services Portal. Although you need only to activate the Log Forwarding app one time, you must add a separate Log Forwarding app instance for each instance of the Logging Service you have purchased. Each instance of the Log Forwarding app can forward logs to a single destination, and you can associate it with only one instance of the Logging Service.**