Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Palo Alto Networks config logs not showing before and after info

heathramos
Path Finder
‎12-02-2020 10:49 AM

We forward all config logs from our Palo Alto Networks firewall directly into Splunk

I can see that the config logs show up in Splunk but I don't see any info on the before and after change fields

when I look at the source within Splunk, that info isn't in it but it shows in the PAN config logs on the firewall itself

I want to create a report that within Splunk that shows all firewall config changes, including the before and after (kind of pointless without it).

any idea what is wrong?

Heath

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...