Hi evrey one, I'am new to Paloalto and I have a problem with the threath log. I am currently using ELK stack to store and visualize all log from paloalto. When I send the traffic log to logstash there is no problem (there are all field explained in the documentation), but when i send the threat log all the field explained in the documentation are missing, the only field are ip (source and destination), severity and the domain. Is that normal or I have to implement something?
... View more