On This Page
Configuring Palo Alto Syslogs
|
This topic is intended for TOS Administrators. |
Overview
For a general overview about syslogs, see Sending Additional Information via Syslog.
To show revision accountability and report on rule and object usage, each of your Palo Alto firewall devices must send syslogs to SecureTrack. You can only send non-encrypted syslogs over UDP. Panorama syslogs can be sent over TCP. PAN‑OS syslogs cannot.
Syslog proxy is supported for specific devices. For more information on syslog proxy support for supported devices, see Configuring Devices to Send Logs.
Only rules that are marked for logging in the device are included in the syslogs.
This procedure applies to both Panorama management devices and PAN-OS stand-alone firewalls.
Prerequisites
-
If you want to send syslogs over TCP, first Configure your device for TCP.
-
Allow communication between TOS and your devices, see Device-Related Ports.
Configure Your Device
To receive accountability data, make sure that your Palo Alto syslog profile is configured to use the default log format for all log types. This ensures that SecureTrack receives complete information, including which user made each change.
For detailed steps, see the Palo Alto Networks documentation.
Was this helpful?
Thank you!
We’d love your feedback
We really appreciate your feedback
Send this page to a colleague