Cortex Data Lake Getting Started
    : Retrieving Logs
    Focus
    Download PDF
    Focus
    1. Home
    2. Security Operations
    3. Cortex Data Lake
    4. Cortex Data Lake Getting Started
    5. Explore Logs
    6. Retrieving Logs
    Download PDF

    Cortex Data Lake Getting Started

    Retrieving Logs

    Table of Contents

    Retrieving Logs

    Use the
    Explore
     tab to retrieve log records by providing the log type and time range.
    Use the
    Explore
     tab to retrieve log records stored in your Cortex Data Lake.
    In the
    Explore
     tab, you can retrieve and export all Firewall (PAN-OS), Common (System and Configuration), and Endpoint logs.
    Each page displays 100 logs.
    For details on the exact log types you can retrieve, and for a definition of each of their log fields, see the Schema Reference guide.
    To retrieve log records, you use the user interface to identify the following:
    • The log record type that you want to retrieve.
    • A time range over which you want to perform the retrieval.
    • (optional)
       A query which identifies the data that should or should not be present in the log records. If you do not provide a query string, the search will return every log record of the type you specify that was created during the time range that you provide.

    Recommended For You

    © 2023 Palo Alto Networks, Inc. All rights reserved.