IBM QRadar

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Palo Alto Panorama - Custom Log Format (LEEF) for PAN OS 10.0.4

  • 1.  Palo Alto Panorama - Custom Log Format (LEEF) for PAN OS 10.0.4

    Posted Wed June 09, 2021 02:15 PM

    Hello there,

    a Customer is trying to configure the Custom Log Format (LEEF), but their Palo Alto Panorama OS is running in 10.0.4 (firmware version), but the official QRadar Documentation https://www.ibm.com/docs/en/dsm?topic=SS42VS_DSM/t_dsm_guide_palo_alto_syslog_dest.html only specifies the Log Event Extended Format (LEEF) only until version 9.1

    Will the same config also work for 10.0.4?

    How shall I proceed with configuring the Custom Log Format on the PA?

    Does anyone have any experience with PAN OS 10.0.4 so far?

    best regards,

    theresa



    #QRadar
    #Support
    #SupportMigration


  • 2.  RE: Palo Alto Panorama - Custom Log Format (LEEF) for PAN OS 10.0.4

    Posted Mon June 14, 2021 09:52 AM

    Hello,

    Sorry for not adding anything of value. Just to mention that we are facing the same issue, so if anyone can help with this, it would be much appreciated.

    Thanks

    Jorge



    #QRadar
    #Support
    #SupportMigration