HTTP Log Forwarding was introduced in PAN-OS 8.0 to enable better integration between your firewall and IT infrastructure by triggering an action or initiating a workflow on an external HTTP-based service when a log is generated on the firewall.
The goal of this page is to share different integration amongst the community. We want to hear from you! Please add any integrations that you come up with in the discussion area below.
Note: Support for HTTP Log Forwarding scripts/templates is provided via the Live Community discussion board on this page. Requests for technical support by phone or web will be redirected to this page.
Activity in HTTP Log Forwarding
Freshservice ticket creation with HTTP Log Forwarding
This is the configuration we did to create incidents with HTTP log forwarding and i wanted to share it to see if someone sees it as useful or wants to share an opinion
Syslog connection broken to server Palo Alto every 20 min
Hello,
As per title, I have this problem on a HA scenario with two VM-100 installed on VMware. Practically every 20 min in the system logs appears:"Syslog connection broken to server". After 0 sec appears:"Syslog connection is established to server".
...PAN-OS 8.0 HTTP Log Integration with Slack
PAN-OS 8.0 HTTP Log Integration with Slack
This document assumes that you have already created a Slack team. This sample integration was done with a free Slack account.
Once you have created your Slack team, login to your slack account and add a
...
Resolved! "Number of hints on disk has exceeded 5000 due to log forward failures."
Hi,
I have a client (PA 5220 version 8.0.9) who continuously (every hour) is getting this error message in Monitor -> System: "Number of hints on disk has exceeded 5000 due to log forward failures."
At first we thought it was due to the parameter con
...Resolved! How to set selective syslog server?
Can I set palo alto to check if syslog server is up before forwarding the log, and if the main syslog server is down then forward log to another server?
I have issues that I need palo alto to not forwarding logs to both servers at the same time.
Resolved! Getting Error with SNMP Traps
Hi All,
We had configured SNMP V3 to forward all the logs to SNMP V3.
Is username/Engine ID/Auth and Private Password need to be configured for SNMP v3 to work properly
When checking the Logrcvr process log I could see the below error in the Log rcv
...
How to avoid Netflow record for denied traffic
Hi !
we have configured Netflow server and the profile is attached to Inside interface, we are getting Netflow records and it seems working fine. but what we have observed is, we are seeing the Netflows for the traffic which is getting denied by Firew
...Resolved! Interpreting debug log-receiver statistics command output
Hi All,
We are having issue with management plane CPU going high. Upon checking we had identified the Logrcvr process is consuming more memory during the issue time.
We are having syslog forwarding profile and Net flow profile configured on the fire
...Cortex Data Lake with Panorama
If you're using Cortex Data Lake with Panorama, does it make more sense to have Panorama in management-only mode, instead of Panorama mode?
Palo Alto Networks App for Splunk - URL Category Logging Issue
There is a flaw in the Palo Alto ‘category’ field reported to Splunk.
- PA began support for multiple categories in 2019. A given URL can be part of multiple categories. This was done to support parallel data models.
- Legacy model: by industry (educati
SOC Duck
Description:
Build your own visual alert DUCKhickey that integrates with the Palo Alto Networks platform using the HTTP Log Forwarding feature in PAN-OS 8.X and above. I configured the SOC Duck in the Black Hat NOC to trigger and light up with th
SCP log export not exporting whole timeframe
Hi,
I am facing an error during scp log export:
When trying to export with a query, it only exports about 2 or 3 hours of log entries instead of the whole day. I am using the max log count parameter and it is also set on the device. Also it doesn't see
...PA Packet Capture
If I needed to take a packet capture of a devices traffic for a week, how would I accomplish that? Enterprise network with PA 5050 on 8.0.12 code version. Not really interested on how to use the packet capture tool itself, I am looking more specifica
...Scheduled logs export on a Palo Alto.
Folks, can we have some scheduling done on logs which are being sent to a syslog server?
The traffic logs are so huge that they consume too much bandwidth when we send them to a central syslog.
It seems that they are all being sent when some buffer f
...Send logs to Panorama without Panorama managing the firewall
This might be a really weird question and I expect people to ask why I want to do this. If that is going to be your response, then please don't respond. I have a couple PA-220s at a remote location. I want to send logs from the PA-220s to Panroram
...
Copyright 2007 - 2022 - Palo Alto Networks
