Skip to content

Update palo-alto-networks-11.md #5484

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Jun 19, 2025
Merged

Update palo-alto-networks-11.md #5484

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
5a5e883
Update palo-alto-networks-11.md
JV0812 Jun 18, 2025
3156649
Update palo-alto-networks-11.md
JV0812 Jun 19, 2025
b107775
Merge branch 'main' into JV0812-patch-2
JV0812 Jun 19, 2025
23196e6
Merge branch 'main' into JV0812-patch-2
JV0812 Jun 19, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions docs/integrations/cloud-security-monitoring-analytics/palo-alto-networks-11.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,7 @@ To create a server profile specifying the log destination, do the following:

To configure syslog forwarding for traffic and threat logs, follow the steps to [Configure Log Forwarding](https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/monitoring/configure-log-forwarding) as described in the Palo Networks documentation.

As of March 24, 2022, some Palo Alto Network systems have experienced troubles with validating the Sumo Logic certificate due to their OCSP checking logic. If you encounter this problem, try disabling OCSP checking logic in the firewall. If you continue to have issues, contact Palo Alto’s support, and if needed, contact Sumo Logic’s support for the related Palo Alto case number. [Learn more](https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000wlXXCAY).

### Step 4. Verify logs in Palo Alto Networks

Expand Down Expand Up @@ -219,3 +220,4 @@ import AppUninstall from '../../reuse/apps/app-uninstall.md';

- If you have any issue with Cloud Syslog collection, refer to the [Cloud Source Troubleshooting](/docs/send-data/hosted-collectors/cloud-syslog-source/#troubleshooting).
- If you are successfully ingesting the logs and if you are unable to see any data in the app dashboards, then ensure [Traffic](https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/traffic-log-fields) and [Threat](https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/threat-log-fields) fields are in accordance with Palo Alto Networks 11 log format as configured in the [Step 2 of Collection Logs for Palo Alto](#step-2-define-the-destination-for-the-logs).
- If you have trouble with validating the Sumo Logic certificate due to their OCSP checking logic, try disabling OCSP checking logic in the firewall. If you continue to have issues, contact Palo Alto’s support, and if needed, contact Sumo Logic’s support for the related Palo Alto case number. [Learn more](https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000wlXXCAY).