Next-Generation Firewall
Forward Logs to an HTTP/S Destination
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
Cloud Management of NGFWs
- PAN-OS 11.1 & Later
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- Cloud Management of NGFWs
-
-
-
- Configure a Filter Access List
- Configure a Filter Prefix List
- Configure a Filter Community List
- Configure a BGP Filter Route Map
- Configure a Filter Route Maps Redistribution List
- Configure a Filter AS Path Access List
- Configure an Address Family Profile
- Configure a BGP Authentication Profile
- Configure a BGP Redistribution Profile
- Configure a BGP Filtering Profile
- Configure an OSPF Authentication Profile
- Configure a Logical Router
- Configure a Static Route
- Configure OSPF
- Configure BGP
- Configure an IPSec Tunnel
- Web Proxy
- Cheat Sheet: GlobalProtect for Cloud Management of NGFWs
-
PAN-OS 11.1 & Later
- PAN-OS 11.1 & Later
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
-
- Tap Interfaces
-
- Layer 2 and Layer 3 Packets over a Virtual Wire
- Port Speeds of Virtual Wire Interfaces
- LLDP over a Virtual Wire
- Aggregated Interfaces for a Virtual Wire
- Virtual Wire Support of High Availability
- Zone Protection for a Virtual Wire Interface
- VLAN-Tagged Traffic
- Virtual Wire Subinterfaces
- Configure Virtual Wires
- Configure a PPPoE Client on a Subinterface
- Configure an IPv6 PPPoE Client
- Configure an Aggregate Interface Group
- Configure Bonjour Reflector for Network Segmentation
- Use Interface Management Profiles to Restrict Access
-
- DHCP Overview
- Firewall as a DHCP Server and Client
- Firewall as a DHCPv6 Client
- DHCP Messages
- Dynamic IPv6 Addressing on the Management Interface
- Configure an Interface as a DHCP Server
- Configure an Interface as a DHCPv4 Client
- Configure an Interface as a DHCPv6 Client with Prefix Delegation
- Configure the Management Interface as a DHCP Client
- Configure the Management Interface for Dynamic IPv6 Address Assignment
- Configure an Interface as a DHCP Relay Agent
-
- DNS Overview
- DNS Proxy Object
- DNS Server Profile
- Multi-Tenant DNS Deployments
- Configure a DNS Proxy Object
- Configure a DNS Server Profile
- Use Case 1: Firewall Requires DNS Resolution
- Use Case 2: ISP Tenant Uses DNS Proxy to Handle DNS Resolution for Security Policies, Reporting, and Services within its Virtual System
- Use Case 3: Firewall Acts as DNS Proxy Between Client and Server
- DNS Proxy Rule and FQDN Matching
-
- NAT Rule Capacities
- Dynamic IP and Port NAT Oversubscription
- Dataplane NAT Memory Statistics
-
- Translate Internal Client IP Addresses to Your Public IP Address (Source DIPP NAT)
- Create a Source NAT Rule with Persistent DIPP
- PAN-OS
- Strata Cloud Manager
- Enable Clients on the Internal Network to Access your Public Servers (Destination U-Turn NAT)
- Enable Bi-Directional Address Translation for Your Public-Facing Servers (Static Source NAT)
- Configure Destination NAT with DNS Rewrite
- Configure Destination NAT Using Dynamic IP Addresses
- Modify the Oversubscription Rate for DIPP NAT
- Reserve Dynamic IP NAT Addresses
- Disable NAT for a Specific Host or Interface
-
- Network Packet Broker Overview
- How Network Packet Broker Works
- Prepare to Deploy Network Packet Broker
- Configure Transparent Bridge Security Chains
- Configure Routed Layer 3 Security Chains
- Network Packet Broker HA Support
- User Interface Changes for Network Packet Broker
- Limitations of Network Packet Broker
- Troubleshoot Network Packet Broker
-
- Enable Advanced Routing
- Logical Router Overview
- Configure a Logical Router
- Create a Static Route
- Configure BGP on an Advanced Routing Engine
- Create BGP Routing Profiles
- Create Filters for the Advanced Routing Engine
- Configure OSPFv2 on an Advanced Routing Engine
- Create OSPF Routing Profiles
- Configure OSPFv3 on an Advanced Routing Engine
- Create OSPFv3 Routing Profiles
- Configure RIPv2 on an Advanced Routing Engine
- Create RIPv2 Routing Profiles
- Create BFD Profiles
- Configure IPv4 Multicast
- Configure MSDP
- Create Multicast Routing Profiles
- Create an IPv4 MRoute
-
-
PAN-OS 11.2
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 8.1 (EoL)
- Cloud Management and AIOps for NGFW
Forward Logs to an HTTP/S Destination
Create an HTTP server profile to forward logs to an HTTP/S destination from cloud
management.
Contact your account team to enable Cloud Management for NGFWs using
Strata Cloud Manager.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
Create a HTTP/S server profile to forward all logs or specific logs to trigger an
action on an external HTTP-based service when an event occurs. When forwarding logs
to an HTTP server, configure the firewall to send an HTTP-based API request directly
to a third-party service to trigger an action that is based on the attributes in a
firewall log. You can configure the firewall to work with any HTTP-based service
that exposes an API and you can modify the URL, HTTP header, parameters, and the
payload in the HTTP request to meet your integration needs.
- Log in to cloud management.
- Select ManageConfigurationNGFW and Prisma AccessObjectsLog ForwardingHTTPS Server Profile and select the Configuration Scope where you want to create the HTTP/S server profile.You can select a folder or firewall from your Folders or select Snippets to configure the HTTP/S server profile in a snippet.
- Add HTTP.
- Enter a descriptive Name
- (Optional) check (enable) Tag Registration to add or remove a tag on a source or destination IP address in a log entry and register the IP address and tag mapping to the User-ID agent on the firewall using HTTP/S.You can then define Dynamic Address Groups that use these tags as a filtering criteria to determine its members, and enforce policy rules to an IP address based on tags. To register tags to the User-ID agent on Panorama, you don’t need a server profile. Additionally, you can’t use the HTTP server profile to register tags to a User-ID agent running on a Windows server.
- Add and configure the HTTP/S server profile to forward logs to an HTTP/S destination.
- Enter a Name for the HTTP/S destination.
- Enter the HTTP/S destination IP Address.
- Select the Protocol.You can select HTTP or HTTPS.
- Select the Port number the HTTP/S destination listens to.Default for HTTP is 80. Default for HTTPS is 443.
- Select the supported TLS Version.You can select 1.0, 1.1, or 1.2. HTTP has no default TLS Version. HTTPS default TLS Version is 1.2.
- Select the Certificate Profile to use for the TLS connection with the HTTP/S destination.
- Select the HTTP Method that the third-party service supports.You can select DELETE, GET, POST, or PUT. Default is POST.
- (Optional) Enter the Username and Password for authentication the HTTP/S destination, if needed.
- (Optional) Select the Payload Format for the HTTP/S request.
- Select the Log Type link for each log type for you want to define the HTTP/S request format.
- Select the Pre-defined Formats or create a custom format.If you create a custom format, the URI is the resource endpoint on the HTTP/S service. The firewall appends the URI to the IP address you defined earlier to construct the URL for the HTTP/S request. Ensure that the URI and payload format matches the syntax that your third-party vendor requires. You can use any attribute supported on the selected log type within the HTTP Header, the Parameter and Value pairs, and in the request payload.
- Configure log forwarding to the HTTP/S destination.
- Select ManageConfigurationNGFW and Prisma AccessObjectsLog ForwardingLog Forwarding Profile and select the Configuration Scope where you want to create the Log Forwarding profile.You can select a folder or firewall from your Folders or select Snippets to configure the Log Forwarding profile in a snippet.
- Add Log Forwarding Profile.
- Enter a descriptive Name.
- Add the profile match list for the Log Forwarding profile.A match list profile specifies the log query filter, forwarding destinations, and automatic actions to take. Multiple profile match lists can be added to the same Log Forwarding profile to allow you to add different profile match lists for different log types in the same Log Forwarding profile.
- Enter a descriptive Name.
- Select the Log Type.Only one log type can be added per profile match list.
- (Optional) Configure the log query Filter. Default is All Logs.
- Add the HTTP Server Profile you created in the previous step.
- Save.
- Repeat this step for all the log types you want to forward to your HTTP/S destination.
- Save.