HTTP Log Forwarding was introduced in PAN-OS 8.0 to enable better integration between your firewall and IT infrastructure by triggering an action or initiating a workflow on an external HTTP-based service when a log is generated on the firewall.
The goal of this page is to share different integration amongst the community. We want to hear from you! Please add any integrations that you come up with in the discussion area below.
Note: Support for HTTP Log Forwarding scripts/templates is provided via the Live Community discussion board on this page. Requests for technical support by phone or web will be redirected to this page.
This is the configuration we did to create incidents with HTTP log forwarding and i wanted to share it to see if someone sees it as useful or wants to share an opinion
Hello,
As per title, I have this problem on a HA scenario with two VM-100 installed on VMware. Practically every 20 min in the system logs appears:"Syslog connection broken to server". After 0 sec appears:"Syslog connection is established to server".
...
This document assumes that you have already created a Slack team. This sample integration was done with a free Slack account.
Once you have created your Slack team, login to your slack account and add a
...
Hi,
I have a client (PA 5220 version 8.0.9) who continuously (every hour) is getting this error message in Monitor -> System: "Number of hints on disk has exceeded 5000 due to log forward failures."
At first we thought it was due to the parameter con
...
Can I set palo alto to check if syslog server is up before forwarding the log, and if the main syslog server is down then forward log to another server?
I have issues that I need palo alto to not forwarding logs to both servers at the same time.
Hi All,
We had configured SNMP V3 to forward all the logs to SNMP V3.
Is username/Engine ID/Auth and Private Password need to be configured for SNMP v3 to work properly
When checking the Logrcvr process log I could see the below error in the Log rcv
...
Hi !
we have configured Netflow server and the profile is attached to Inside interface, we are getting Netflow records and it seems working fine. but what we have observed is, we are seeing the Netflows for the traffic which is getting denied by Firew
...
Hi All,
We are having issue with management plane CPU going high. Upon checking we had identified the Logrcvr process is consuming more memory during the issue time.
We are having syslog forwarding profile and Net flow profile configured on the fire
...
If you're using Cortex Data Lake with Panorama, does it make more sense to have Panorama in management-only mode, instead of Panorama mode?
There is a flaw in the Palo Alto ‘category’ field reported to Splunk.
Description:
Build your own visual alert DUCKhickey that integrates with the Palo Alto Networks platform using the HTTP Log Forwarding feature in PAN-OS 8.X and above. I configured the SOC Duck in the Black Hat NOC to trigger and light up with th
Hi,
I am facing an error during scp log export:
When trying to export with a query, it only exports about 2 or 3 hours of log entries instead of the whole day. I am using the max log count parameter and it is also set on the device. Also it doesn't see
...
If I needed to take a packet capture of a devices traffic for a week, how would I accomplish that? Enterprise network with PA 5050 on 8.0.12 code version. Not really interested on how to use the packet capture tool itself, I am looking more specifica
...
Folks, can we have some scheduling done on logs which are being sent to a syslog server?
The traffic logs are so huge that they consume too much bandwidth when we send them to a central syslog.
It seems that they are all being sent when some buffer f
...
This might be a really weird question and I expect people to ask why I want to do this. If that is going to be your response, then please don't respond. I have a couple PA-220s at a remote location. I want to send logs from the PA-220s to Panroram
...