This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Strata Logging Service Discussions
Strata Logging Service (formerly known as Cortex Data Lake) enables AI-based innovations for cybersecurity with the industry’s only approach to normalizing and stitching together your enterprise’s data. Join the discussion now.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Strata Logging Service Discussions
Strata Logging Service (formerly known as Cortex Data Lake) enables AI-based innovations for cybersecurity with the industry’s only approach to normalizing and stitching together your enterprise’s data. Join the discussion now.
About Strata Logging Service Discussions
Welcome to the Strata Logging Service discussion area! Here, you can engage in conversations about Strata Logging Service, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on Strata Logging Service.

Discussions

Start a conversation

Welcome to the Strata Logging Service Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4498 Views
  • 0 replies
  • 1 Likes

Forward NGFW logs stored in Strata Logging Service to Microsoft Sentinel

I'm trying to forward my NGFW logs that are stored in Strata Logging Service to our SIEM, Microsoft Sentinel. This setup is documented in PAN docs linked here: https://docs.paloaltonetworks.com/prisma-access/integration/microsoft-integrations-with-prisma-access/set-up-https-log-forwarding-to-microsoft-sentinel The issue we are running into ...

Detect RC4 traffic

How do we detect RC4 traffic without decrypting using the Palo Alto toolset (NGFW, SCM, SLS, IoT, etc.)? In SLS, I can currently filter down to: Application Subcategory = 'auth-service' AND Application = 'active-directory-base' However, there is no option to identify the use of weak ciphers (e.g., RC4).

How to activate and associate firewall PA410 to the inventory of strata logging instance

yesterday I found that my PA410 has no logging service at management page for enable cloud logging.and CLI have no command to support PSK code to add firewall to inventory of strata logging instance.then copilot replied that it may need CSP provide OTP .but I do not know the command to enter OTP and do not know where to generate OTP , because PS...

can-not-activate-with-auth-code-in-hub-page-2.png
can-not-activate-with-auth-code-in-hub-page.png
click-activate-but-no-response.png
common-service-still-disabled.png

Forwarding Palo Alto Logs to s3

Hi Team, We did palo alto network firewall set up via AWS market place and want to forward traffic, threat and other logs to s3 for our internal logs analysis. But we don't see the option to forward the logs. Is this option not available for this AWS market place version ? And also, could you please share us the sample logs which are pushing i...

Strata HTTPS Log Forwarding

Hello World! We've just hit a problem with HTTPS Log Forwarding out of Strata Logging Service to Microsoft Sentinel. We have an existing forwarder working, but want to replace it with one forwarding to a new workspace, so we have set up a new listener, collected the ID and Secret, but when we configure in Strata we get "An error occured while...

SLS License Included?

Plan to ingest my NGFW logs to Cortex XDR portal, we need SLS license in Firewall and Pro per GB license in XDR. My questions 1) is the SLS license included in my PA-series firewall or do we need to purchase separately? 2) if included, which model is included? PA-400, PA-1400 series, PA-3400 series? thanksStrata Logging Service

Defining "field type" in the Strata Logging Service

Strata Logging Service https://docs.paloaltonetworks.com/strata-logging-service/log-reference/network-logs/network-traffic-log/network-traffic-leef-fieldsDoes anyone know the definition of “Field Type” in the above document?Does this mean that the “log field” that is ‘Predefined’ does not need to be set in the “strata logging service” in the wa...

keito-y by L0 Member
  • 3997 Views
  • 0 replies
  • 0 Likes

Prisma Access: Log Forwarding CEF Syslog

Hello Community, I am part of an MSSP team supporting Prisma Access with Panorama and the Strata Logging Service in the default CSV format. I noticed that the Strata Logging Service also supports the CEF option, and I have the configuration details for it. However, I need guidance on the following: How to configure log forwarding from Prisma Ac...

Welcome to the Strata Logging Service Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4498 Views
  • 0 replies
  • 1 Likes

Logging to Cortex Data Lake

I have a 3tb subscription to CDL..First off is this service now called "strata logging service"? Can I send logs from all my firewalls to panorama and the setup panorama to send all those logs to CDL? Is there some license needed for this? I have CDL because of Prisma Access but not using all that space for just that so was looking to get mor...

Strata Log Forwarding Email Profile. Customized email subject

Hi, I need to create and 1 email profile, sending messages/alerts generated by diferent devices in diferent locations. How can I add to the subject, the device name, or any other info, that can distinguish from where the alert are coming from or who generated them for easy reading/filtering when reading the emails list? Thanks

  • 33 Posts
  • 38 Subscriptions
Top Liked Posts
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks