View Only
last person joined: 2 days ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

PANW Ingress Events Not Recognized

This thread has been viewed 14 times
  • 1.  PANW Ingress Events Not Recognized

    Posted Aug 23, 2019 03:31 PM

    I have my Palo Alto firewall sending threat logs to ClearPass, but they aren't being recognized by the ingress dictionaries. I've tried the ones posted here, but they did not help.

  • 2.  RE: PANW Ingress Events Not Recognized
    Best Answer

    Posted Aug 28, 2019 07:24 AM

    I figured this out, you need a custom log format set in PAN-OS.




    CPPM Custom Log Format.png

  • 3.  RE: PANW Ingress Events Not Recognized

    Posted Nov 24, 2023 10:16 AM


    Im trying to do the integration with Palo Alto as well using the IEE Threat. I followed your syslog format in Palo Alto. However, CPPM v.6.9.11 still cannot parse the logs. I tried everything already from the Integration guide up to the discussion forums. Is somebody at this point perfected it?