For details on cookie usage on our site, read our Privacy Policy
IoT Security, Does not Require Data Lake | Without Panorama | Setup
- LIVEcommunity
- Discussions
- Cloud Delivered Security Services
- IoT Security Discussions
- IoT Security, Does not Require Data Lake | Without Panorama | Setup
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
IoT Security, Does not Require Data Lake | Without Panorama | Setup
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-16-2023 07:52 AM
Hi,
I am currently in the process of setting up IoT Security, Does not Require Data Lake service but I am running into issues. I have managed to setup the portal and that is reachable. The problem seems to be sending the logs from the A/P units to the IoT service. As stated, we purchased the IoT without the use of Data Lake, therefore, what will be the process to send logs to the IoT service or put it simply, what must I specify within the log forwarding configuration? As the options are Panorama (not using), SNMP, Email, Syslog or HTTP?
The IoT administration guide states the following "Enhanced application logging requires a Cortex Data Lake subscription...". My second question would be, how can I enable this if I do not have a CDL subscription?
I've look into the IoT Security Administration guide but it unfortunately doesn't mention much this sort of configuration.
Any help would be appreciated.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-23-2023 01:35 PM - edited 01-23-2023 01:36 PM
I am also new to this but as the logs still go to a cloud then you will need some integration with the IoT cloud (Cortex is still used but just to analyze the logs and they are not saved on the Cortex Data Lake) and to streem the logs to your siem, example splunk streaming:
IoT Security is cloud-hosted so logs are retrieved by Splunk using the IoT Security logging API. Logs are pulled down in JSON format with sourcetype="pan:iot_alert", sourcetype="pan:iot_device" and eventtype="pan_iot_device", eventtype="pan_iot_alert".
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-23-2023 11:27 PM
Hello,
Did you manage to find the resolution of this issue?
- Security Profiles in Threat & Vulnerability Discussions
- Student extensive use of VPNs. in Threat & Vulnerability Discussions
- Palo Alto IoT security and Home Assistant or AWS IoT Core/Azure IoT hub possible future integaration in IoT Security Discussions
- Is Palo Alto Enterprise DLP integration with Microsoft Purview Information Protection (AIP) on the roadmap? in Enterprise Data Loss Prevention Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
