Help with Palo Alto Network and Splunk

Splunk Search

Good afternoon!

I have Palo Alto generating logs and redirecting them to Splunk, I am wanting to use Palo Alto Networks but I can't get it to work correctly, due to the configurations followed, the only thing I just got is that it shows me the logs by Realtime Event Feed, but I I would like to understand and understand how Splunk and this Add from Palo Alto work, how to configure it, how to manage it since I cannot find a documentation that explains it very well, one of the things I would like to do is that the information of Palo Alto also appear in GlobalProtect etc, but I would like to understand how it works and how to redirect the information to the GlobalProtect window or well, understand concepts, thank you very much in advance!

Get Updates on the Splunk Community!

Help with Palo Alto Network and Splunk

metadata

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation

Help with Palo Alto Network and Splunk

metadata

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future