Good afternoon! I have Palo Alto generating logs and redirecting them to Splunk, I am wanting to use Palo Alto Networks but I can't get it to work correctly, due to the configurations followed, the only thing I just got is that it shows me the logs by Realtime Event Feed, but I I would like to understand and understand how Splunk and this Add from Palo Alto work, how to configure it, how to manage it since I cannot find a documentation that explains it very well, one of the things I would like to do is that the information of Palo Alto also appear in GlobalProtect etc, but I would like to understand how it works and how to redirect the information to the GlobalProtect window or well, understand concepts, thank you very much in advance!   ... View more

Hola, he conseguido enlazar Splunk con LDAP, el problema es que cuando salgo de Splunk he intentado acceder de nuevo pero con algunos de los nuevos usuarios introducidos por LDAP. Además, cuando conseguí la configuración en la sección Asignación de grupos, los usuarios aparecen como si fueran grupos, ¿es así? ... View more

Hi, I have a problem with splunk that is getting too long as I can't find the problem. I have a laboratory in which I want to access Splunk through the users I have in LDAP, as it is a laboratory, I have only created the "Admin" by default and another called "Josemaría" if necessary, but I always see myself with this trouble. My configuration is as follows.     And if it helps, my tree in LDAP which is very small for that reason, because it is for testing. I need help and would greatly appreciate those who try to help me. Thank you very much in advance, greetings! ... View more