API Log Retrieval Parameters
Specify the log type with additional optional parameters to retrieve logs from a firewall.
The type of logs to retrieve:
(Optional) Specify the match criteria for the logs. This is similar to the query provided in the web interface under the Monitor tab when viewing the logs. The query must be URL encoded.
(Optional) Specify the number of logs to retrieve. The default is 20 when the parameter is not specified. The maximum is 5000.
(Optional) Specify the number of logs to skip when doing a log retrieval. The default is 0. This is useful when retrieving logs in batches where you can skip the previously retrieved logs.
(Optional) Specify whether logs are shown oldest first (forward) or newest first (backward). Default is backward.
(Optional) Log data sizes can be large so the API uses an asynchronous job scheduling approach to retrieve log data. The initial query returns a Job ID (job-id) that you can then use for future queries with the action parameter:
Export Technical Support Data
Export Technical Support Data Debug log data sizes are large, so the API uses an asynchronous job scheduling approach to retrieve technical support data. Learn ...
Retrieve Logs (API)
Retrieve Logs (API) Retrieve logs from a firewall using the API. API Log Retrieval Parameters Example: Use the API to Retrieve Traffic Logs ...
Example: Use the API to Retrieve Traffic Logs
Example: Use the API to Retrieve Traffic Logs Follow these steps to use the API retrieve traffic logs. Create a job to retrieve all traffic ...
Automated Correlation Engine Concepts
Automated Correlation Engine Concepts The automated correlation engine uses correlation objects to analyze the logs for patterns and when a match occurs, it generates a ...
Correlation Object A correlation object is a definition file that specifies patterns to match against, the data sources to use for the lookups, and time ...
Correlated Events A correlated event is logged when the patterns and thresholds defined in a correlation object match the traffic patterns on your network. To ...
Monitor > Automated Correlation Engine
Monitor > Automated Correlation Engine The automated correlation engine tracks patterns on your network and correlates events that indicate an escalation in suspicious behavior or ...
Ingest Traps ESM Logs on Panorama
Ingest Traps ESM Logs on Panorama Visibility is a critical first step in preventing and reducing the impact of an attack. To help you meet ...
Use the Automated Correlation Engine
Use the Automated Correlation Engine The automated correlation engine is an analytics tool that uses the logs on the firewall to detect actionable events on ...