All Apps and Add-ons

Global Protect Logs are not showing

ssubhani
Explorer

Once PaloAlto firewall was upgraded to Version 9.1.6 , Our PaloAlto App Version 6.2.0 stopped showing the Global Protect logs . I Upgraded the Palo Alto Networks Add-on for Splunk and  Palo Alto Networks App for Splunk to 6.5.0 .  I installed the App+Add-on on Search Heads whereas I installed the Add-on on Indexers and Heavy Forwarders . All the dashboards under Operations are Working but The dashboard for GlobalProtect (PANOS >= 9.1)  is not working at all .

The App documentation does not mention on what changes were done for Global protect logs and what to do if you are unable to see it . 

Please note that data model pan_firewall is fully build and has data . All other data models are disable as we do not have those products .

Any Ideas .

Labels (1)
0 Karma
1 Solution

ssubhani
Explorer

Update 

======

Earlier I had upgraded from 6.2.0 to 6.5.1 and then rolled back to 6.5.0 . I guess that caused some Problem . So I uninstalled the App and Add on from the Server . Installed them again from Scratch and Populated the data model from scratch . Now it is is showing perfectly .

View solution in original post

ssubhani
Explorer

Update 

======

Earlier I had upgraded from 6.2.0 to 6.5.1 and then rolled back to 6.5.0 . I guess that caused some Problem . So I uninstalled the App and Add on from the Server . Installed them again from Scratch and Populated the data model from scratch . Now it is is showing perfectly .

richgalloway
SplunkTrust
SplunkTrust

That add-on is supported by the developer.  Contact them at splunkapp@paloaltonetworks.com

---
If this reply helps you, an upvote would be appreciated.
0 Karma

ssubhani
Explorer

This is a good suggestion and I was thinking about it . But I thought to try it here first . 

0 Karma
Get Updates on the Splunk Community!

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...

Reminder! Splunk Love Promo: $25 Visa Gift Card for Your Honest SOAR Review With ...

We recently launched our first Splunk Love Special, and it's gone phenomenally well, so we're doing it again, ...