Graylog is a brilliant (and Open Source) tool to easily capture logs from a variety of systems including good old fashioned syslog.

In the screenshot guide below you will learn how to use a set of extractors I constructed to parse out useful information from PAN NGFW syslog.

The link to the source files mentioned is: https://github.com/jamesfed/PANOSGraylogExtractor

VN:F [1.9.22_1171]
Thumbs up if this article helped you 🙂
Rating: +1 (from 1 vote)
Extracting TRAFFIC, THREAT, CONFIG and SYSTEM syslog from a Palo Alto Networks Next Generation Firewall with Graylog, 100% based on 1 rating

Leave a Reply

Your email address will not be published.