All Apps and Add-ons

Pros and Cons for forwarding logs to Splunk cloud from Palo Alto Firewall v/s Panorama

dmenon
Explorer

Hi All - We are implementing Panorama here and I was wondering if there are any benefit in forwarding logs from Panorama, if the logs are already coming in from firewalls. Are Panorama logs better correlated compared to logs directly coming in from Palo firewalls?

0 Karma

adonio
SplunkTrust
SplunkTrust

its been a long time sunce i worked with PAN data, however, it seems like they are redundant.
After all, Panorama is the console for PAN
read in detail here:
https://splunk.paloaltonetworks.com/dashboards.html
and here:
https://splunk.paloaltonetworks.com/tune-or-reduce-firewall-logs.html
will recommend to read all the docs all the way through (not only the links)

hope it helps

0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.