Professional Documents
Culture Documents
How To Forward Traffic Logs To Syslog Server - Live Community
How To Forward Traffic Logs To Syslog Server - Live Community
Topics Resources
Configuration Articles
Customer Advisory: Read the notice on PAN-OS SSL Certificate Expiration.Click Here >
Community Search
App-ID (12)
Labels: Configuration, Logs
Authentication (24)
Forwarding traffic logs to a syslog server requires four steps
Certificates (20)
Create a syslog server profile
Configure the log-forwarding profile to select the traffic logs to be forwarded to syslog server Cloud (2)
Use the log forwarding profile in the security rules
Commit the changes Configuration (404)
Integration (4)
Learning (12)
Logs (53)
Management (182)
Migration (1)
NAT (33)
Network (144)
Log forwarding profile Go to Objects > Log forwarding Select the syslog server profile for forwarding traffic logs to the configured server. Panorama (40)
Policies (81)
Next
Contributors
ppatel
Security Rule Go to Policies > Security Rule Select the rule for which the log forwarding needs to be applied. Go to Actions > Log forwarding and select the log
forwarding profile from drop down list.
Recommendations
How to Setup Log Forwarding
From Log Collector To ...
https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Forward-Traffic-Logs-to-Syslog-Server/ta-p/62154 1/3
1/28/2016 How to Forward Traffic Logs to Syslog Server - Live Community
from Panorama through...
owner: ppatel
/servlet/JiveServlet/downloadImage/102-3817-5-4163/syslog-server-profile.PNG
Everyone's Tags: configuration doc-3836 faq forward how-to View All (12)
Article Options
Hide Comments
Comments
by edwinchristopher on
09-04-2013 03:14 AM
those steps i know ....but my question is does palo alto support syslog over tcp?
Permalink
by kfindlen on
09-04-2013 08:04 AM
Permalink
by rivkin on
05-16-2014 07:53 AM
So, is there a way to do this for all rules at once, or does it have to be applied one at a time? If so, a feature request to be able to apply to
multiple at once would be nice.
Secondly, is there a guide to parsing the sys logs, in order to set up alerts using something like ELM, or Kiwi Syslogd, etc.? The PIX/ASA
comes with a large document of all the possible system messages, and what categories they are all in so admins can decide which to
alert on.
Permalink
by timothyyip on
07-17-2014 12:30 AM
Permalink
https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Forward-Traffic-Logs-to-Syslog-Server/ta-p/62154 2/3
1/28/2016 How to Forward Traffic Logs to Syslog Server - Live Community
by jkim2 on
07-17-2014 04:30 AM
Easiest way to set logging options on all rules is to export the config in set format, add the log parameters then add it back in . should
take only a few minutes.
For alertings there are severity levels for both system and threat logs.
I would also review the CEF(Common event format) log format as it has some information that is useful even though your using
Documentation
Permalink
by jkim2 on
07-17-2014 04:32 AM
Permalink
Copyright 2007 - 2016 - Palo Alto Networks Privacy Policy Terms of Use
https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Forward-Traffic-Logs-to-Syslog-Server/ta-p/62154 3/3