All Apps and Add-ons

How to configure the Splunk for Palo Alto Networks app to index Palo Alto logs in Splunk?

pavanae
Builder

I had already installed the Splunk for Palo Alto Networks app in Splunk. Can anyone please tell what were the steps to proceed to get those logs and how to configure this in a detailed answer?

0 Karma
1 Solution

kent_farries
Path Finder

The documentation in the app is really good so I would start there and if your having troubles after following those detailed steps post the issue here.

https://splunkbase.splunk.com/app/491/#/documentation

If you are using Panorama to collected all your logs from all the PAN's then it is best to have Panorama forward the logs to the UDP port that you have configured in Splunk. If you don't have Panorama then you will need to configure each PAN Firewall to forward the logs to Splunk.

View solution in original post

kent_farries
Path Finder

The documentation in the app is really good so I would start there and if your having troubles after following those detailed steps post the issue here.

https://splunkbase.splunk.com/app/491/#/documentation

If you are using Panorama to collected all your logs from all the PAN's then it is best to have Panorama forward the logs to the UDP port that you have configured in Splunk. If you don't have Panorama then you will need to configure each PAN Firewall to forward the logs to Splunk.

Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...