This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About tbarnhart
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About tbarnhart
11-05-2021
1Post
0Likes
0Solutions
Nov 05, 2021Last Visited
User
Activity
User
Profile
Latest posts by tbarnhart
| Subject | Views | Posted |
|---|---|---|
| 3666 | 11-05-2021 09:25 AM |
User Badges
Community Statistics
| Member Since | 11-05-2021 08:53 AM |
| Date Last Visited | 11-05-2021 12:51 PM |
| Posts | 1 |
11-05-2021
09:25 AM
We're on v.9.1.8 for Panorama.
I've configured both ways in the MCAS Log collector settings - "PA Series Firewall" & "PA Series Firewall LEEF".
We've built the MCAS Log Collector based on the Ubuntu/Docker.
The Palos are successfully sending to the MCAS-LogCollector server. The MCAS-LogCollector is successfully sending "message" files upto MCAS, but it's not successfully parsing the file.
See the sample logs that M$ provides with each of these - that I've attached here. These don't match our formats.
Looks like we'll need to build a Custom Format on the Palo side???
https://docs.microsoft.com/en-us/cloud-app-security/custom-log-parser
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/monitoring/use-syslog-for-monitoring.html
https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/configure-palo-alto-panorama-for-cloud-app-discovery/m-p/1816949
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
11-05-2021
12:51 PM
|
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks