Table of Contents
Advertisement
Manage Log Collection
Qradar) for archiving, use a template to define a Syslog server profile (
). The following table describes these logs and associated forwarding requirements.
Syslog
Log type
System Logs
Config Logs
HIP Match Logs
Configure Log Forwarding to Panorama
For details about the options and requirements associated with forwarding logs to Panorama, see Log
Forwarding to Panorama: Workflows by Log Type.
© Palo Alto Networks, Inc.
Description and Forwarding Requirements
System logs show system events such as HA failures, link status changes, and
administrative access to the firewall. For each severity level for which you want to forward
logs, select forwarding to Panorama and (if required) to an email server, SNMP trap server,
or Syslog server.
Configuration logs record changes to the firewall configurations. To enable forwarding of
config logs, you must select forwarding to Panorama and (if required) to an email server,
SNMP trap server, or Syslog server.
To enable forwarding of Host Information Profile (HIP) match logs, you must select
forwarding to Panorama and (if required) to an email server, SNMP trap server, or Syslog
server.
PAN‐OS uses HIP match logs to compile information on GlobalProtect clients. PAN‐OS
generates a HIP match log when a firewall sends a HIP report and a HIP profile specifies
HIP objects (for example, OS version, patch level, disk encryption, and antivirus version)
that match on the firewall.
Enable Log Forwarding to Panorama
Device > Server Profiles >
Panorama 6.1 Administrator's Guide • 109
- Quick Links:
- Panorama Overview
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the Panorama 6.1 and is the answer not in the manual?