Best way to apply log Forwarding setting to multiple security policies in Panorama

cancel
Showing results for 
Search instead for 
Did you mean: 

Best way to apply log Forwarding setting to multiple security policies in Panorama

L0 Member

I recently migrated a few HA pairs into Panorama in my environment. Historically, our security policies were configured to only send traffic logs from deny rules to our syslog. Any allows were only logged on the local firewall (due to costs of Splunk ingesting logs). It was simple to also send those to Panorama. However, I also want to now send all my allow rules to Panorama. I created a new Log Forwarding profile for sending just to Panorama. What is the easiest way to now apply that action to my hundreds of security policies? I would prefer it be in the GUI, but I'm guessing that's not the case. Is there at least a way to do this within Panorama CLI?

2 REPLIES 2

Community Team Member

Hi @Daryl_B ,

 

I believe this exact topic was discussed here:

https://live.paloaltonetworks.com/t5/general-topics/log-forwarding-profile-in-all-security-policies/... 

 

Hope it helps !

-Kiwi.

 

Cyber Elite
Cyber Elite

@Daryl_B,

There's a lot of ways to do this, but you can use Expedition if you really want a way to do this directly in a GUI environment. It would probably be faster to just script it through the CLI though.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!