Why no support for the Global Protect logs in pan:system logs? Shouldn't these get extracted and tagged for authentication datamodel?
Take a look at this answer as well. It is related. Coming in a future version was the response.
View solution in original post
Yes, that is what we are looking for, sometimes searching Splunk answers can be bit challenging.