Configure Email Alerts
You can configure email alerts for System, Config, HIP Match, Correlation, Threat, WildFire Submission, and Traffic logs.
an Email server profile.You can use separate profiles to send email notifications for each log type to a different server. To increase availability, define multiple servers (up to four) in a single profile.
- Select DeviceServer ProfilesEmail.
- Click Add and then enter a Name for the profile.
- If the firewall has more than one virtual system (vsys), select the Location (vsys or Shared) where this profile is available.
- For each Simple Mail Transport Protocol (SMTP) server
(email server), click Add and define the
- Name—Name to identify the SMTP server (1-31 characters). This field is just a label and doesn’t have to be the hostname of an existing email server.
- Email Display Name—The name to show in the From field of the email.
- From—The email address from which the firewall sends emails.
- To—The email address to which the firewall sends emails.
- Additional Recipient—If you want to send emails to a second account, enter the address here. You can add only one additional recipient. For multiple recipients, add the email address of a distribution list.
- Email Gateway—The IP address or hostname of the SMTP gateway to use for sending emails.
- (Optional) Select the Custom Log Format tab and customize the format of the email messages. For details on how to create custom formats for the various log types, refer to the Common Event Format Configuration Guide.
- Click OK to save the Email server profile.
- Configure email alerts for Traffic, Threat, and WildFire
- See Step Create
a Log Forwarding profile.
- Select ObjectsLog Forwarding, click Add, and enter a Name to identify the profile.
- For each log type and each severity level or WildFire verdict, select the Email server profile and click OK.
- See Step Assign the Log Forwarding profile to policy rules and network zones.
- See Step Create a Log Forwarding profile.
- Configure email alerts for System, Config, HIP Match,
and Correlation logs.
- Select DeviceLog Settings.
- For System and Correlation logs, click each Severity level, select the Email server profile, and click OK.
- For Config and HIP Match logs, edit the section, select the Email server profile, and click OK.
- Click Commit.
Device > Server Profiles > Email
Device > Server Profiles > Email Select Device Server Profiles Syslog or Panorama Server Profiles Syslog to configure a server profile for forwarding logs as ...
Set Up Alerts for Malware
Set Up Alerts for Malware You can configure a Palo Alto Networks firewall to send an alert when WildFire identifies a malicious or phishing sample. ...
Configure Syslog Monitoring
Configure Syslog Monitoring To Use Syslog for Monitoring a Palo Alto Networks firewall, create a Syslog server profile and assign it to the log settings ...
Generate, Schedule, and Email Reports
Generate, Schedule, and Email Reports You can configure reports to run immediately or schedule them to run at specific intervals. You can save and export ...
Device > Server Profiles > Syslog
Device > Server Profiles > Syslog Select Device Server Profiles Syslog or Panorama Server Profiles Syslog to configure a server profile for forwarding firewall, Panorama, ...
Collector Group Configuration
Collector Group Configuration To configure a Collector Group , click Add and complete the following fields. Collector Group Settings Configured In Description Name Panorama Collector ...
Monitor > PDF Reports > Email Scheduler
Monitor > PDF Reports > Email Scheduler Use the Email scheduler to schedule reports for delivery by email. Before adding a schedule, you must define ...
Configure Log Forwarding
Configure Log Forwarding In an environment where you use multiple firewalls to control and analyze network traffic, any single firewall can display logs and reports ...
Panorama > Log Settings
Panorama > Log Settings Use the Log Settings page to forward the following log types to external services: System, Configuration, User-ID, and Correlation logs that ...