Does anyone have any recommendations on how to tune the logs for the App for Palo Alto?
I found the following Splunk Answers article that I've applied:
But with this change, a few dashboards just don't display events. I'm thinking that maybe I need to apply some filtering to the different sourcetype instead of the global pan:log.
... View more