02-08-2014 12:03 PM
Per 6.0's syslog listener feature (pasted below), can you please provide the list of current vendor filters?
" Determine whether there is a pre-defined syslog filter for your particular syslog sender(s).
Palo Alto Networks provides several
pre-defined syslog filters, which are
delivered as Application content updates and are therefore updated dynamically as new filters are developed."
02-08-2014 01:35 PM
Hello Sir,
The Filters will be provided through content updates as they become available. At this time, there are not any pre-defined Filters so you would need to manually create them.
Thanks
02-08-2014 01:45 PM
So if I understand correctly, you released the feature and documented it yet have yet to develop or release any pre-defined filters? <sigh>
You would have had a day 1 win if you had launched this feature with at least a few pre-defined filters. This is why your customers are so weary of new feature releases - they feel half-baked.
If you're seeking any advice on which predefined filters to create, allow me to selfishly ask for Cisco Wireless Controller (authenticated users), Cisco ASA (VPN users), Cisco IOS, Arista network switches, etc.
02-08-2014 01:53 PM
Give me some time to test and i will update you soon.
Thanks
02-08-2014 02:09 PM
Great, thanks! Looking forward to it!
02-08-2014 07:03 PM
Hopefully this helps. App Content version 418 or higher is needed. Thanks.
02-09-2014 04:18 PM
Thanks, it does! Now just hoping for CIsco Wireless Controller to be added..... but a great start!
02-10-2014 10:19 PM
Any chance you can supply those as filter updates in a format that the 6.0 UserID agent can use ? We are a long way off updating to 6.0.0 on the gateways so getting this feature in the UserID agent is great...its just getting it to work is a problem.
Cisco ISE filters would be great as well 
.
02-11-2014 07:54 AM
Has APP content 418 been released yet? I clicked "checked now" on a PAN 6.0 and it shows 417.
02-11-2014 08:01 AM
Content version 418 is not yet released. Most probably, it will be available before today EOD.
Thanks
03-11-2014 11:44 AM
version 418 has been released and the filters are now available under Device > User Identification > User Mapping
03-11-2014 03:25 PM
Cisco Wireless controller does not send username and ip information via syslog. Can send information via SNMP trap or collect information snmp walk.
See cisco document regarding getting information from wireless controller.
03-11-2014 06:48 PM
There is also now a official tech document on the configuration of Predefined syslog filters.
How to Locate the Predefined Syslog Filters in PAN-OS
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
