Graylog is a brilliant (and Open Source) tool to easily capture logs from a variety of systems including good old fashioned syslog.
In the screenshot guide below you will learn how to use a set of extractors I constructed to parse out useful information from PAN NGFW syslog.
The link to the source files mentioned is: https://github.com/jamesfed/PANOSGraylogExtractor
Thumbs up if this article helped you 🙂 Extracting TRAFFIC, THREAT, CONFIG and SYSTEM syslog from a Palo Alto Networks Next Generation Firewall with Graylog,
Leave a Reply