The logs stored on the Logging Service are available for queries and reports using Panorama and the Application Framework. If you need to fulfill your organization's legal compliance requirements, the Log Forwarding app enables you to easily forward logs stored on the Logging Service to external destinations. For example, you can forward logs using Syslog to a SIEM for long term storage, SOC, or internal audit obligations, and forward email notifications for critical events to an email address. Here, you'll find what you need to start forwarding your GlobalProtect cloud service, Traps Management Service, and Palo Alto next-generation firewall logs that are stored on the Logging Service.

The Log Forwarding App Release Notes details the latest Log Forwarding App features, and issues that we're working on.

What's New

Log Forwarding App Essentials

Featured Topics

Tech Docs: You'll Want to Forward This!


Get Started with the Log Forwarding App


Get started with the Palo Alto Networks Log Forwarding app and begin forwarding logs from the Logging Service to a Syslog server.

Logging Service Privacy Datasheet


Recommended Topics

Logging Service Getting Started


Palo Alto Networks Cortex Data Lake is a cloud-based offering for context-rich enhanced network logs generated by our security products, including our next-generation firewalls, GlobalProtect cloud service, and Traps management service. The cloud-based Cortex Data Lake lets you collect ever-expanding volumes of data without needing to plan for local compute and storage, and is ready to scale from the start. Use the topics in this site to get started with the Cortex Data Lake.

Logging Service License Activation


Determine whether to you need to activate your Cortex Data Lake (formerly called the Logging Service) license on the CSP or on the Cloud Services portal.

TCP Ports and FQDNs Required for Cortex Data Lake


List of FQDNs and ports that you must allow to ensure connectivity to the Cortex Data Lake.