Focus

Next-Generation Firewall

Device > Scheduled Log Export

Table of Contents

Filter

Expand All | Collapse All

Next-Generation Firewall Docs

Getting Started
Administration
Networking
Quick Start
Reference
Incidents & Alerts
Release Notes
Select a Document
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 8.1 (EoL)
Help
Select a Document
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 10.2
- PAN-OS 10.1

Device > Local User Database > User Groups

Device > Software

Device > Scheduled Log Export

You can schedule exports of logs

and save them in CSV format to a File Transfer Protocol (FTP) server or use Secure Copy (SCP) to securely transfer data between the firewall and a remote host. Log profiles contain the schedule and FTP server information. For example, a profile may specify that the previous day’s logs are collected each day at 3AM and stored on a particular FTP server.

Click Add and fill in the following details:

Scheduled Log Export Settings	Description
Name	Enter a name to identify the profile (up to 31 characters). The name is case-sensitive and must be unique. Use only letters, numbers, spaces, hyphens, and underscores. You cannot change the name after the profile is created.
Description	Enter an optional description (up to 255 characters).
Enable	Select this option to enable the scheduling of log exports.
Log Type	Select the type of log (traffic, threat, gtp, sctp, tunnel, userid, auth, url, data, hipmatch, or wildfire). Default is traffic.
Scheduled Export Start Time (Daily)	Enter the time of day (hh:mm) to start the export using a 24-hour clock (00:00 - 23:59).
Protocol	Select the protocol to use to export logs from the firewall to a remote host: FTP—This protocol is not secure. SCP—This protocol is secure. After completing the remaining fields, you must click Test SCP server connection to test connectivity between the firewall and the SCP server and you must verify and accept the host key of the SCP server.
Hostname	Enter the host name or IP address of the FTP server that will be used for the export.
Port	Enter the port number that the FTP server will use. Default is 21.
Path	Specify the path located on the FTP server that will be used to store the exported information.
Enable FTP Passive Mode	Select this option to use passive mode for the export. By default, this option is selected.
Username	Enter the user name for access to the FTP server. Default is anonymous.
Password / Confirm Password	Enter the password for access to the FTP server. A password is not required if the user is anonymous.
Test SCP server connection (`SCP protocol only`)	(`PAN-OS 10.1.8 and earlier releases`) If you set the Protocol to SCP, you must click this button to test connectivity between the firewall and the SCP server and then verify and accept the host key of the SCP server. (`PAN-OS 10.1.9 and later releases`) If you set the Protocol to SCP, a pop-up window is displayed requiring you to enter the SCP server clear text Password and then Confirm Password. If you use a Panorama template to configure the log export schedule, you must perform this step after committing the template configuration to the firewalls. After the template commit, log in to each firewall, open the log export schedule, and click Test SCP server connection.

Device > Local User Database > User Groups

Device > Software

Next-Generation Firewall Docs

Device > Scheduled Log Export

Next-Generation Firewall Docs

Device > Scheduled Log Export

Activation and Onboarding

Next-Generation Firewalls

SASE

Cloud-Delivered Security Services

Network Security

Endpoints

Visibility & Monitoring

FedRAMP

Hardware Reference

Hardware Quick Start Guides

Virtual ION Deployment

3rd Party Integrations

Best Practices

Experts Corner