Log data stored in Palo Alto Networks Cortex Data Lake
are defined by their log type and field definitions. Collectively,
this is called the schema.
You can query for log records stored in Palo Alto Networks Cortex
Data Lake. Logs can be written to the data lake by many different appliances
and applications. This book describes the logs and log fields that you
can retrieve and forward.
In November 2020, Cortex Data Lake log forwarding underwent an upgrade.
Log forwarding profiles created before the upgrade were migrated to
the new version. The default syslog field order described in this
guide applies only to log filters that were migrated from the previous
version. For log filters created since the migration, you specify
field order using the columns when you add a log filter.
For information on how to retrieve log records, see Explore Logs.