Has anyone tried to connect multiple Palo Alto devices to Azure OMS for the purpose of using Log Analytics? We currently have a server configured to forward Palo Alto syslog files to OMS, but from what I can see there doesn't appear to be any OMS solutions that deal with the kind of data that is coming from the Palo Alto devices. What we are looking for is a way to view potential threats or patterns on the basis of data that is coming into OMS across multiple devices. The idea is to avoid having to log into each device to check for user activity. A centralized dashboard which shows activity across devices would be ideal.
Does anyone have any suggestions or experience with regard to this type of scenario?