How to configure Log Forwarding for LPC on PA-7000 series firewall

How to configure Log Forwarding for LPC on PA-7000 series firewall

18127
Created On 04/30/19 03:17 AM - Last Modified 12/18/23 22:51 PM


Objective


  • Configure Log Forwarding for Log Processing Card (LPC)
  • Verify LPC is detected by PA-7000 series firewall
  • Traffic logs are forwarding correctly by LPC

Environment


  • PA-7000 series firewall with LPC card
  • Log Forwarding
  • Syslog

Procedure


 

  1. Configure the Syslog forwarding profile.
Device > Server Profiles > Syslog 
User-added image
  1. Configure the Log Forwarding Profile under Objects and point to the Syslog Profile.
Objects > Log Forwarding and Add a profile
User-added image
  1. Assign the Log Forwarding profile to the security policy rules.
Policies > Security > Add Log Forwarding to policy.
User-added image
  1.  Configure the log forwarding interface.
User-added image
 
Or if the log traffic needs to be tagged with a VLAN. (This example uses VLAN 74)
User-added image

Note: By default the Service Route is set to default. Traffic will be sent directly from the log card and not use service routes.
Device > Setup > Services > click "Service Route Configuration"
Service Route Configuration
 

Additional Information


Refer to the technical documentation for more information on LPC configuration:

Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/kcsArticleDetail?id=kA10g000000PLrx&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FkcsArticleDetail

Choose Language