- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
07-15-2024 08:46 AM
Hello, was reviewing Globalprotect VPN Logs in Panorama and am currently stumped on how to even create an alert or find the logs in which to send to XSOAR. I reviewed the PAN-OS integration, and I can link it to Panorama, but it will collect logs based on specific queries into the logs. None of which go directly to Global protect. Anyone out there run into the same issue or is there something I'm overlooking?
07-16-2024 05:06 PM
Hi @STeegarden – There is no way to have the integration fetch GlobalProtect logs into XSOAR (short of customizing the integration), but you should be able to query for GP logs. Then you could set up a job to periodically query the logs and take action accordingly.
Please test and see if the following command works to return GP logs. If not, please attach a screenshot of the error and debug log.
!pan-os-query-logs log-type=globalprotect query=<QUERY> debug-mode=true
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!