I followed the instructions for setting up the Palo Alto app, and things seem to be working OK with the exception of certain logs. I have nothing showing up for threats and/or web filtering. I know for a fact that the rule I am logging has blocked certain websites.
I have a similar issue but with the Content and Wildfire dashboards not showing any data. I have data on the Overview, Traffic and Threat dashboards.
Any ideas?
The problem was that I didn't enable the threat logs on the PA, just traffic logs. Thanks for the follow up!
can you find the threat log or the web traffic log when you do search ? e.g. what do you get results when you run the following search in the search bar
index=pan_logs threat | head 100
if you don't get any results then a change has to be made on the firewall side to send the appropriate logs. if you do get results and you are not seeing anything in a dashboard, then please share a couple of log lines so we can confirm that they match what the app expects.