Millisecond Granularity for PAN-OS Log Forwarding

Timestamps providing millisecond granularity for all PAN-OS
®
logs.
There is a new field for all forwarded PAN-OS
®
logs that contains a timestamp with millisecond granularity to display when a log was received at the management plane when exported in CSV format. With millisecond granularity for all logs, you can now more accurately correlate PAN-OS logs with logs from other sources that use similar granularity when you investigate network and security events and threats. Millisecond granularity for all PAN-OS logs forwarded to Panorama™, Dedicated Log Collectors, Cortex™ Data Lake, syslog, email, SNMP and HTTP from firewalls, Panorama, and the Cortex log forwarding app where supported.
The new field is displayed only in the exported CSV log and is not available in the
Monitor
or
ACC
tabs or in generated reports.
The format for this new field is YYYY-MM-DDThh:ss:sssTZD:
  • YYYY
    —Four digit year
  • MM
    —Two-digit month
  • DD
    —Two-digit day of the month (01 through 31)
  • T
    —Indicator for the beginning of the timestamp
  • hh
    —Two-digit hour using 24-hour time (00 through 23)
  • mm
    —Two-digit minute (00 through 59)
  • ss
    —Two-digit second (00 through 60)
  • sss
    —One or more digits for millisecond
  • TZD
    —Time zone designator (+hh:mm or -hh:mm)
  1. Select
    Monitor
    Logs
    and select the desired log.
  2. Filter the log as needed and
    Export to CSV
    .
  3. Navigate to the end of the exported CSV and locate the
    high_res_timestamp
    .
  4. (
    Optional
    ) Configure log forwarding.

Recommended For You