I downloaded 2.3 but it unpacked to 2.2.1
hi all! i downloaded PA App 2.3 but when i unpacked it only 2.2.1 ? Link wrong? Pls helpme!
View ArticleTraffic Dashboard displays no Data
We have the latest version of Splunk for PaloAlto (upgraded a week or two ago) on a Linux system. We are are trying to repair a lot of our dashboards, which have never worked. Originally Splunk was...
View ArticleNo Data with Version 3.0 of Palo App and Version 5.0.2 of Splunk
Hi ,I installed the palo alto app on a fresh splunk. followed the instructions in the readme and saw Events coming from the PA firewall. But PAN Overview didn't show any counter or the Google...
View ArticleReceived event for unconfigured/disabled/deleted
I have configured the above settings as described, I see the below msg. Are there are any more settings that needs to be done to capture the events.received event for unconfigured/disabled/deleted...
View ArticleQuestion about Palo Alto Network
Dear Splunkers, I have installed Splunk for Palo Alto Network app, Do you have a manual how to install. Should I have to configure syslog on Palo Alto Device?Regards,Jose Rivera
View ArticleDashboard does not show anything
I can see sourcetype=pan_log but the dashboard isnt showing anything? I cant see any of the other sourcetypes. What am I missing?
View ArticleSplunk for Palo Alto Networks - PAN Overview
I am using Splunk for Palo Alto Networks App version 3.0. When viewing the PAN overview I see:0 PAN Reporting 0 Events 0 Block-URL N/A Top CategoryI checked the pan_* sources and we are receiving data...
View ArticlePalo Alto Networks - threats and webfiltering
I followed the instructions for setting up the Palo Alto app, and things seem to be working OK with the exception of certain logs. I have nothing showing up for threats and/or web filtering. I know for...
View ArticlePointing a Palo Alto Firewall to the free local version of Splunk?
Just need help getting our company's Panorama logs into the free download of Splunk on my machine. Need to use it as a test case.Thanks,Travis Fitzgerald
View Articlesize of tsidx files
Is there a way to define a maximum size for all tsidx files generated in tsidxstats directory using tscollect command. Could find any settings in indexes.conf or any other config file. According to the...
View Articlepanupdate command
I am trying to use the panupdate command to feed user/ip mapping data from splunk to PA. I have a search that is getting the addruser and addrip fields successfully. When I pipe my search to panupdate,...
View ArticlePalo Alto for Splunk error.
Here is what I am trying to accomplish. We have our wireless controllers forwarding syslog information to splunk, this works quite well. I now want Splunk to forward part of the syslog message(user...
View ArticleHow to Deploy Palo Alto Apps under Forwarder and Indexer environment
Hi,I follow the instruction to set up the data input config in inputs.conf of Forwarder server and install the Palo Alto Apps in Indexer server. I found the Indexer can receive the log successfully but...
View ArticleNo data showing on Splunk Palo Alto Networks App
Hi,I recently installed Splunk (5.0.3 trial version) with Palo Alto Apps version 3.2.1. When I connect to the PA-200 (ver 5.0) and set up PA box to send syslog to Splunk, I cannot see any data showing...
View ArticleThreat (Searches and Report)
hi,I installed Splunk for Palo Alto Networks app and i can see all the threat, content, wildfire and traffic logs fine. All the dashboard work fine as well. My question is when i click on the drop down...
View ArticlePalo Alto data not showing up
Running Splunk on RHEL x64 with the latest version of the Palo Alto app. On the over view screen I can see 1 pan reporting and events showing up nothing in the block-url and N/A on the top category...
View ArticleSplunk for Palo Alto HELP with Initial Configuration
We're trying to deploy the SPLUNK FOR PALO ALTO app in our environment (Windows). The app seems to have loaded correctly, as well as the required resources from the apps page. We setup the configs on...
View ArticleHow to completely remove remote data functionality in Splunk for Palo Alto...
Environment: Windows Splunk 5.0.4 Splunk for Palo Alto Networks 3.3.1I am looking to install the Splunk for Palo Alto networks in an environment where Splunk has no access to the outside world. That...
View ArticleHow to have “Splunk for Palo Alto Networks” read from the default index?
According to the setup documentation, the input for Splunk for Palo Alto Networks should write to the pan_logs index, however, I would prefer that it write to the default index. My hope is that making...
View ArticlePalo Alto for Splunk App and analyzing the System log auth-fail and auth-success
I want to be able to automate some of our security teams morning audit point and receive more real time results. We review each morning the System log auth-fail and auth-success events by querying...
View Article