Solved: Help with splunk Cloud with palo alto firewall con...

raje1 · ‎03-04-2020

Hi,

I have installed a app of palo alto firewall in my splunk cloud. an someone please help me how an i connect splunk and palo alto firewall with each other. what are the steps. I am confused.
which permission do i need to do this configuration.
In splunk cloud documentation, a lots of material is for the splunk enterprise not for splunk cloud.

thanks!

richgalloway · ‎03-04-2020

Palo Alto can't send directly to Splunk Cloud. Direct your PAN logs to a Splunk forwarder (perhaps on a syslog server) that sends the data to Splunk Cloud.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

richgalloway · ‎03-04-2020

Palo Alto can't send directly to Splunk Cloud. Direct your PAN logs to a Splunk forwarder (perhaps on a syslog server) that sends the data to Splunk Cloud.

---
If this reply helps you, Karma would be appreciated.

raje1 · ‎03-05-2020

Can you give me instructions how to direct PAN logs to splunk forwarder. I am new in splunk.

dkroen17 · ‎07-10-2022

Check Panorama documentation and create a syslog destination. You'll need a distinct syslog server. Use Rsyslog or syslog-NG. Install a universal forwarder on the same machine that forwards the collected panorama logs to your Splunk syslog installation. Good Luck!

richgalloway · ‎03-06-2020

That's not a Splunk question. Consult the instructions for your PAN device to learn how to direct the logs to an external location.

---
If this reply helps you, Karma would be appreciated.

Help with splunk Cloud with palo alto firewall configuration

configuration

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

.conf24 | Session Scheduler is Live!!

Introducing the Splunk Community Dashboard Challenge!