#BeyondtheDSMGuide: Quick Update! QRadar support for Palo Alto Networks PanOS version 10 via Cortex Data Lake!

View Only

#BeyondtheDSMGuide: Quick Update! QRadar support for Palo Alto Networks PanOS version 10 via Cortex Data Lake!

By Wendy Willner posted Thu September 23, 2021 01:02 PM

Like

Hi QRadar Community!

I have an exciting update for you! IBM Security and Palo Alto Networks have worked together to provide integrations to our communities for several years and we’ve recently updated our integration with Palo Alto Network’s PanOs (here) to support version 10 and we announced that a few weeks ago (here)! Today I’m writing to update you that we’ve added support for Palo Alto’s Cortex Data Lake (here).

With this new update users will have the option to send their PanOS logs either directly to QRadar or via Palo Alto’s Cortex Data Lake. Please review the formal documentation for configuration details.

As part of this update we have included support for new ‘recorded log types’ including ‘Global Protect’! This integration will extend QRadar’s visibility and ability to correlate activity on Palo Alto Next Generation Firewalls!

Huge shout out to Harsh Patel from the IBM Development Team for leading this effort and big thanks to our colleagues at Palo Alto, Anubhav Gupta and Naitik Dani for the support.

Questions? Please reach out (wendy.willner@ibm.com).

Thanks,

Wendy Willner

1 comment

22 views

Permalink

Comments

Andrea Matasci

Tue October 12, 2021 08:34 AM

Hello @Wendy Willner, any plan to support Palo Alto Cortex data (ex. XDR Incidents/alerts) through the Palo Alto API? Or should we use the Universal Cloud REST API protocol for that?

IBM Security QRadar