From 5a5e88394547f18a209c95d7d3ed423f1a8c959c Mon Sep 17 00:00:00 2001
From: Jagadisha V <129049263+JV0812@users.noreply.github.com>
Date: Wed, 18 Jun 2025 14:15:03 +0530
Subject: [PATCH 1/2] Update palo-alto-networks-11.md

---
 .../cloud-security-monitoring-analytics/palo-alto-networks-11.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/integrations/cloud-security-monitoring-analytics/palo-alto-networks-11.md b/docs/integrations/cloud-security-monitoring-analytics/palo-alto-networks-11.md
index afcf513966..c30142098a 100644
--- a/docs/integrations/cloud-security-monitoring-analytics/palo-alto-networks-11.md
+++ b/docs/integrations/cloud-security-monitoring-analytics/palo-alto-networks-11.md
@@ -105,6 +105,7 @@ To create a server profile specifying  the log destination, do the following:
 
 To configure syslog forwarding for traffic and threat logs, follow the steps to [Configure Log Forwarding](https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/monitoring/configure-log-forwarding) as described in the Palo Networks documentation.
 
+As of March 24, 2022, some Palo Alto Network systems have experienced troubles with validating the Sumo Logic certificate due to their OCSP checking logic. If you encounter this problem, try disabling OCSP checking logic in the firewall. If you continue to have issues, contact Palo Alto’s support, and if needed, contact Sumo Logic’s support for the related Palo Alto case number. [Learn more](https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000wlXXCAY).
 
 ### Step 4. Verify logs in Palo Alto Networks
 

From 3156649819695927833cf3abd4cadc4f1117cce8 Mon Sep 17 00:00:00 2001
From: Jagadisha V <129049263+JV0812@users.noreply.github.com>
Date: Thu, 19 Jun 2025 10:49:31 +0530
Subject: [PATCH 2/2] Update palo-alto-networks-11.md

---
 .../cloud-security-monitoring-analytics/palo-alto-networks-11.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/integrations/cloud-security-monitoring-analytics/palo-alto-networks-11.md b/docs/integrations/cloud-security-monitoring-analytics/palo-alto-networks-11.md
index c30142098a..d707284e16 100644
--- a/docs/integrations/cloud-security-monitoring-analytics/palo-alto-networks-11.md
+++ b/docs/integrations/cloud-security-monitoring-analytics/palo-alto-networks-11.md
@@ -220,3 +220,4 @@ import AppUninstall from '../../reuse/apps/app-uninstall.md';
 
 - If you have any issue with Cloud Syslog collection, refer to the [Cloud Source Troubleshooting](/docs/send-data/hosted-collectors/cloud-syslog-source/#troubleshooting).
 - If you are successfully ingesting the logs and if you are unable to see any data in the app dashboards, then ensure [Traffic](https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/traffic-log-fields) and [Threat](https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/threat-log-fields) fields are in accordance with Palo Alto Networks 11 log format as configured in the [Step 2 of Collection Logs for Palo Alto](#step-2-define-the-destination-for-the-logs).
+- If you have trouble with validating the Sumo Logic certificate due to their OCSP checking logic, try disabling OCSP checking logic in the firewall. If you continue to have issues, contact Palo Alto’s support, and if needed, contact Sumo Logic’s support for the related Palo Alto case number. [Learn more](https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000wlXXCAY).