Schema Overview

Log data stored in Palo Alto Networks Cortex Data Lake are defined by their log type and field definitions. Collectively, this is called the schema.
You can query for log records stored in Palo Alto Networks Cortex Data Lake. Logs can be written to the data lake by many different appliances and applications. This book describes the logs and log fields that you can retrieve and forward.
In November 2020, Cortex Data Lake log forwarding underwent an upgrade. Log forwarding profiles created before the upgrade were migrated to the new version. The default syslog field order described in this guide applies only to log filters that were migrated from the previous version. For log filters created since the migration, you specify field order using the columns when you add a log filter.
For information on how to retrieve log records, see Explore Logs.
For information on how to forward logs, see Forwarding Logs from Cortex Data Lake.
You can work with log records in the following categories:

