: Forward Logs to Cortex Data Lake
Focus
Focus

Forward Logs to Cortex Data Lake

Table of Contents

Forward Logs to
Cortex Data Lake

Cortex Data Lake
is Palo Alto Networks’ cloud-based logging infrastructure. Before you can configure your managed firewalls to send logs to
Cortex Data Lake
(previously called the Logging Service), you need to purchase a license for the volume of logs in your deployment, and install the cloud services plugin. If you already have on premise Log Collectors, you can use
Cortex Data Lake
to complement and augment your existing setup.
  1. For firewalls running PAN-OS 8.1 or later releases, you can opt to send logs to both the
    Cortex Data Lake
    and to your Panorama and on premise log collection setup when you select
    Enable Duplicate Logging (Cloud and On-Premise)
    . When enabled, the firewalls that belong to the selected Template will save a copy of the logs to both locations. You may select either
    Enable Duplicate Logging (Cloud and On-Premise)
    or
    Enable Logging Service
    , but not both.
    When you
    Enable Duplicate Logging (Cloud and On-Premise)
    , managed firewalls save a copy of all log data to both the Log Collector and
    Cortex Data Lake
    except for system and configuration logs, which are sent to the Log Collector only.

Recommended For You