BindPlane Documentation

Palo Alto Networks

Suggest Edits

Logs Collected

The information being sent to Google Stackdriver Logging is collected from Palo Alto

  • General Logs
  • System Logs
  • Threat Logs
  • Traffic Logs
  • User Error Logs
  • User Info Logs
    Below are examples of some of these being displayed in Google Stackdriver Logging using the BindPlane Log Agent.
1170

Palo Alto General Logs

1172

Palo Alto Threat Logs

1172

Palo Alto Traffic Logs

Log Collection Setup

Follow these steps to setup log collection from Palo Alto
##Pre-requisites

  • Bind Address for FluentD to listen on
  • Port the agent will listen for logs on.

Configure a Palo Alto Source

  1. Install the BindPlane Log Agent on the host system.
  2. Login to BindPlane and select the Logs tab.
284

Logs Tab

  1. Select the Sources tab.
249

Sources Tab

  1. In the top-right portion of the screen, click on the Add Source Configuration button
576

Add Source Configuration Button

  1. Choose Palo Alto
  2. Fill out the Palo Alto log configuration options.
496

Palo Alto Log Configuration Form

Updated over 3 years ago