03-15-2018 10:15 AM
I have a doubt about syslog server profile in 8.0.
This is the scenario.
One panorama cluster running like a panorama and collector. All firewalls send your logs to panorama and panorama send to our syslog server.
When the syslog profile server was in PANOS 7.1.x, the Custome Log Format for all log type was "default".
With this configuration the syslog received the logs and parse the logs as expected, by month and day.
But, now we upgraded the Panorama to 8.0.8 and the logs are not parse in our syslog as expected, the server is not received any log from the panorama.
The value parameters were changes are "MSSTimestamp" and "DevTime", the new values are making issues in our syslog server.
The syslog server does not matching correctly the time and date.
So my concern here is, Did custom log format change something from 7.1 to 8.0?.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!