A Dedicated Log Collector can receive user mappings from up to
100 User-ID agents. The agents can be PAN-OS integrated User-ID
agents that run on firewalls or Windows-based User-ID agents. On
a firewall with multiple virtual systems, each virtual system can
serve as a separate User-ID agent. The Log Collector can then redistribute
the user mappings to firewalls or the Panorama management server.
To configure a Dedicated Log Collector to connect to a User-ID
one and configure the settings
as described in the following table.
User-ID Agent Settings
Enter a name (up to 31 characters) to identify
the User-ID agent. The name is case-sensitive, must be unique, and
can contain only letters, numbers, spaces, hyphens, and underscores.
a firewall serving as a User-ID agent, this field does not have to
match the Collector
Windows-based User-ID agent
the IP address of the Windows host on which the User-ID agent is
Firewall (PAN-OS integrated User-ID agent)
host name or IP address of the interface that the firewall uses
to redistribute user mappings.
Enter the port number on which the User-ID
agent will listen for User-ID requests. The default is port 5007
but you can specify any available port. Different User-ID agents
can use different ports.
Some earlier versions of the
User-ID agent use port 2010 as the default.
The collector that these
fields refer to is the User-ID agent, not the Log Collector. The
fields apply only if the agent is a firewall or virtual system that
redistributes user mappings to the Log Collector. Enter the
identify the firewall or virtual system as a User-ID agent. You
must enter the same values as you did when configuring the firewall
or virtual system to serve as a User-ID agent (see Redistribution).