Is it possible to forward logs from Cortex Data Lake to a Syslog Receiver using UDP protocol?

Is it possible to forward logs from Cortex Data Lake to a Syslog Receiver using UDP protocol?

2851
Created On 02/08/24 12:55 PM - Last Modified 05/31/24 03:55 AM


Question


Is it possible to forward logs from Cortex Data Lake (CDL) to a Syslog Receiver using UDP protocol?

Environment


  • Cortex Data Lake (CDL or Strata Logging Service)
  • Any Syslog Receiver

Answer


  1. No, it's not possible to forward logs from Cortex Data Lake to Syslog receiver using UDP protocol. 
  2. Cortex Data Lake use TLS communication to establish connection with syslog receiver, and UDP protocol does not support TLS communication.
  3. As an alternative, one can forward logs directly to a Syslog Receiver from the firewall using UDP.

Additional Information


Generally UDP is not used to send sensitive information like traffic logs over the internet to an external Syslog Receiver since UDP uses clear text format.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000Xhl4CAC&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail