Palo alto logs

rcowart · March 13, 2020, 6:14pm

@david-vazquez you will not be able to use the Filebeat Palo Alto module. The ingest pipeline is designed to only handle the default Palo Alto log formats. From the example above I can see that your Palo Alto device is configured to send logs using LEEF formatting, which are not supported by the ingest pipeline.

Rob

How to install Elasticsearch & Kibana on Ubuntu
What is the best storage technology for Elasticsearch?

david-vazquez · March 13, 2020, 10:54pm

Thank you very much for your answer
I will try with Logstash

system · April 10, 2020, 10:54pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Palo Alto (a.k.a. panos or panw) Filebeat Compatibility with Palo Alto Version 10.1? Beats filebeat	3	534	August 24, 2021
Filebeat Module won't process incomming syslogs Beats beats-module , filebeat	3	634	September 16, 2020
Filebeat PANW Module Not Working (continued) Beats filebeat	3	737	April 30, 2020
Using filebeat syslog input for PANW. Logs not publishing to Kibana Beats filebeat	5	1477	November 26, 2019
Filebeat AWS Module problem Beats beats-module , filebeat	5	1420	June 16, 2020

Palo alto logs

Related topics