Strata Logging Service is not forwarding Prisma Access logs

Strata Logging Service is not forwarding Prisma Access logs

5148
Created On 12/24/24 21:45 PM - Last Modified 03/11/25 23:24 PM


Symptom


  • The log receiver (example: Microsoft Sentinel or any Syslog receivers) does not receive any logs that are forwarded from Strata Logging Service.
  • In log forwarding profile, Test Connection is successful.
  • There are no issues with networking.

Environment


  • Prisma Access 
  • Prisma access logs are sent to Strata Logging Service 
  • Strata logging service is configured to send logs to Syslog Server

Cause


Missing log filters for Prisma Access logs in the log forwarding profile

 

Resolution


  1. Configure the Log forwarding profile with the mandatory filters and attrributes of  is_prisma_mobile and  is_prisma_branch.
  2. The field information is found here.

     
    Other users also viewed:
    Actions
    • Print
    • Copy Link

      https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000sd8lCAA&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

    Choose Language