Can Cortex XDR proactively log Global Protect client debug?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can Cortex XDR proactively log Global Protect client debug?

L3 Networker

We have several hundred Global Protect users using Auto VPN. It would be nice to 

see their global protect logs, ipconfig /all, netstat -rn information before calling them

back on a filed ticket. Can Cortex collect these logs on a regular basis without 

user involvement? What has to be enabled at the GP client and/or PAN to 

allow this log collection to occur?

2 REPLIES 2

L3 Networker

Hi Palomed,

 

If you have a Cortex Data Lake license, Global Protect logs can be forwarded to the Cortex Data Lake for stitching from your PAN firewall. Please refer to your PAN-OS TechDocs Documentation for how to configure. 

 

Thanks

If you found this answer helpful, please select Accept as Solution.

L3 Networker

You may forward Global Protect logs to the Cortex Data Lake for stitching from your PANW firewall. If you need assistance with configuring please open a support case. 

If you found this answer helpful, please select Accept as Solution.
  • 1780 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!