Device | Details |
---|---|
Vendor | Palo Alto Networks |
Device Type | Endpoint Security |
Connection Type | Syslog |
Data Source Name | Paloalto-traps |
Data Source ID | 1919 |
From the ESM Console, select Settings > ESM > Syslog, and then select Enable Syslog.
Configure Palo Alto Networks Traps to send logs from ESM components to an external logging platform, Sheriff CSM, by specifying the following settings:
Click the rule that needs to be forwarded to open its policy rule settings window.
In the Security Policy Rule window, click the Actions tab.
In the Log Forwarding drop-down, select the profile you created and make sure that the Log at Session End box is checked.