How to Setup Log Forwarding From Log Collector To Syslog Server
Resolution
PAN-OS 6.0
Details About Log Forwarding
This document describes how to setup log forwarding from Log Collector in logger mode to Syslog Server. An M-100 log collector is always managed by a Panorama management server. The Panorama management server can either be a VM or an M-100 in Panorama mode.
To access the Panorama Management server, perform the steps outlined below:
Step 1
– Go to Panorama > Server Profiles > Syslog, click Add and create a syslog profile, as shown below:
Step 2
Add a Collector Group.
– Go to Panorama > Collector Groups and click Add.
– There are four tabs in the Collector Group window. For this configuration, go to Collector Log Forwarding.
– For details on adding devices to Collector Group and adding collectors to the group, please refer to this document:
How to Configure an M-100 to Function as Both a Log Collector and Panorama.
– The Syslog Server profile can also be associated with Config, HIP Match, Traffic, Threat and WildFire.
Step 3
After the above step is done, proceed with the commit.
– First commit the changes to Panorama and then commit to the Collector Group. This is shown in the screenshot below.
For more information about Log Forwarding, please see the following documents:
Configure Log Forwarding – https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/monitoring/configure-log-forwarding
Objects > Log Forwarding – https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-web-interface-help/objects/objects-log-forwarding
Get Started with the Log Forwarding App – https://docs.paloaltonetworks.com/cloud-services/apps/log-forwarding/log-forwarding-app-getting-started/get-started-with-log-fowarding-app
owner: sodhegba