I recently migrated a few HA pairs into Panorama in my environment. Historically, our security policies were configured to only send traffic logs from deny rules to our syslog. Any allows were only logged on the local firewall (due to costs of Splunk ingesting logs). It was simple to also send those to Panorama. However, I also want to now send all my allow rules to Panorama. I created a new Log Forwarding profile for sending just to Panorama. What is the easiest way to now apply that action to my hundreds of security policies? I would prefer it be in the GUI, but I'm guessing that's not the case. Is there at least a way to do this within Panorama CLI?
... View more