Device > Server Profiles > Syslog
to configure a server profile for forwarding firewall, Panorama, and Log Collector logs as syslog messages to a syslog server. To define a syslog server profile, click
Addand specifying the New Syslog Server fields.
- To select the Syslog Server profile for System, Config, User-ID, HIP Match, and Correlation logs, see Device > Log Settings.
- To select the Syslog Server Profile For Traffic, Threat, Wildfire, URL Filtering, Data Filtering, Tunnel Inspection, Authentication, and GTP logs, see Objects > Log Forwarding.
- You cannot delete a server profile that the firewall uses in any System or Config log settings or Log Forwarding profile.
Syslog Server Settings
Enter a name for the syslog profile (up to 31 characters). The name is case-sensitive and must be unique. Use only letters, numbers, spaces, hyphens, and underscores.
Select the scope in which the profile is available. In the context of a firewall that has more than one virtual system (vsys), select a vsys or select
Shared(all virtual systems). In any other context, you can’t select the
Location; its value is predefined as Shared (
firewalls) or as Panorama. After you save the profile, you can’t change its
Addand enter a name for the syslog server (up to 31 characters). The name is case-sensitive and must be unique. Use only letters, numbers, spaces, hyphens, and underscores.
Enter the IP address or FQDN of the syslog server.
Select whether to transport the syslog messages over UDP, TCP, or SSL.
SSLto encrypt and secure data sent to a syslog server. Data is sent over UDP or TCP in cleartext and is readable in transit.
Enter the port number of the syslog server (the standard port for UDP is 514; the standard port for SSL is 6514; for TCP you must specify a port number).
Specify the syslog format to use: BSD (the default) or IETF.
Custom Log Format Tab
Click the log type to open a dialog box that allows you to specify a custom log format. In the dialog box, click a field to add it to the Log Format area. Other text strings can be edited directly in the Log Format area. Click
OKto save the settings. View a description of each field that can be used for custom logs .
For details on the fields that can be used for custom logs, see Device > Server Profiles > Email.
Specify escape sequences.
Escaped charactersis a list of all the characters to be escaped without spaces.
Device > Server Profiles > Email
Device > Server Profiles > Email Select Device Server Profiles Syslog or Panorama Server Profiles Syslog to configure a server profile for forwarding logs as ...
Configure Syslog Monitoring
Configure Syslog Monitoring To Use Syslog for Monitoring a Palo Alto Networks firewall, create a Syslog server profile and assign it to the log settings ...
Configure the PAN-OS Integrated User-ID Agent as a Syslog L...
Configure the PAN-OS Integrated User-ID Agent as a Syslog Listener To configure the PAN-OS Integrated User-ID agent to create new user mappings and remove outdated ...
Configure the Windows User-ID Agent as a Syslog Listener
Configure the Windows User-ID Agent as a Syslog Listener To configure the Windows-based User-ID agent to create new user mappings and remove outdated mappings through ...
Configure Access to Monitored Servers
Configure Access to Monitored Servers Use the Server Monitoring section to Add server profiles that specify the servers (up to 100) the firewall will monitor. ...
Syslog Filters Device User Identification User Mapping Palo Alto Networks User-ID Agent Setup Syslog Filters The User-ID agent uses Syslog Parse profiles to filter syslog ...
Configure Log Forwarding from Panorama to External Destinat...
Configure Log Forwarding from Panorama to External Destinations Panorama enables you to forward logs to external services, including syslog, email, SNMP trap, and HTTP-based services. ...
Custom Log/Event Format
Custom Log/Event Format To facilitate the integration with external log parsing systems, the firewall allows you to customize the log format; it also allows you ...
Panorama > Log Settings
Panorama > Log Settings Use the Log Settings page to forward the following log types to external services: System, Configuration, User-ID, and Correlation logs that ...