1. Panorama Version 10.0.1 Model VMware ESXi
2. Palo Alto Cluster Active/Passive Version: 10.0.1 Model: VMware ESXi VM License: VM-100
Logs that send from Palo alto to panorama cant be seen under the monitor Traffic tab and cant be sent to the Syslog server.
directly from the Palo alto, we can see the logs under monitor tab traffic and also if we config that Palo alto will send the logs directly to the Syslog server we can see the logs in the Syslog server.
I look in Panorama > Log Settings and I can't see the "Traffic" tab in the old PAN version 9 there was a "Traffic" tab that all the logs that match there can be seen in the monitor section.
Did the Syslog config in PAN 10 been a change or there is a special config for Palo Alto Cluster that sends logs to panorama?
Hope you are doing great!
Have you checked the configuration in the firewall?
1. Server Profile (to send logs to Panorama, doesn't apply).
2. Log Forwarding Configuration (in the same profile you can configure to send logs to Panorama and Syslog Server).
3. Have you attached the Log Forwarding option to Security Policies?
4. Also, have you verified if the Firewall is managed by the Panorama Server after the upgrading?
Panorama > Log Settings does not apply because these are logs from Panorama, that you want to send to external services:
I manage to found out what was the problem.
the problem was that mode of the panorama device was config as Management Only mode I have to change the mode to
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!