04-18-2021 03:59 PM
Hi All, we are running 9.0.12. I've got data filtering with the patterns etc all set up. The logs appear fine on the firewall. And logging profile is set to forward all to Panorama, but none appear in Panorama. It's empty. Logging profiles is set to forward log type Data to Panorama.
Any help would be appreciated. Panorama is forwarding all events to our SIEM, where alarms are set. So we are missing out on Data Filtering alarms.
Thank for help in advance
04-18-2021 08:52 PM - edited 04-18-2021 08:53 PM
Data Filtering logs are part of the Informational severity of the Threat log database.
Turn on Informational Threat log forwarding and the firewall will forward Data Filtering events to Panorama.
04-18-2021 09:29 PM
thank you MP.
I've seen that article. It's for PAN-OS 7.1 and below.
there is no threat settings in out log forwarding profile
04-18-2021 09:55 PM
04-18-2021 10:33 PM
checked for all log types (including "data"). I am really puzzled this time.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!