Are there any examples of extract_array for palo alto firewalls for config and system logs?
Sorry I don't think I understand your question 
extract_array is a filebeat processor: https://www.elastic.co/guide/en/beats/filebeat/7.8/extract-array.html
If you want to use the panw module, you can use ./filebeat modules enable panw and then you should see panw.yml in modules.d folder, which looks like https://github.com/elastic/beats/blob/master/x-pack/filebeat/modules.d/panw.yml.disabled
Currently the panw module only parses Traffic and threat logs. I need to also parse config and system logs which are sent to Elastic Search.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.