Graylog is a brilliant (and Open Source) tool to easily capture logs from a variety of systems including good old fashioned syslog.

In the screenshot guide below you will learn how to use a set of extractors I constructed to parse out useful information from PAN NGFW syslog.

The link to the source files mentioned is: https://github.com/jamesfed/PANOSGraylogExtractor

VN:F [1.9.22_1171]
Thumbs up if this article helped you 🙂
Rating: +2 (from 2 votes)
Extracting TRAFFIC, THREAT, CONFIG and SYSTEM syslog from a Palo Alto Networks Next Generation Firewall with Graylog, 100% based on 2 ratings

Leave a Reply

Your email address will not be published. Required fields are marked *