Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE
Trusted Contributor.. jhyao Trusted Contributor..
Trusted Contributor..
1157 views

Is there configuration guide for PaloAlto PAN-OS 8.x CEF?

PaloAlto had announce PAN-OS 8.0

In this version , there are new log type in the syslog format config GUI

Besides "Traffic、ThreatConfigSystemHIP Match",  there are new type : "URL、DataWildFireTunnelAuthenticationUser-IDCorrelation"

And is there any configuration guide for PaloAlto PAN-OS 8.x CEF? 

 

3 Replies
dmiller7896
New Member.

Re: Is there configuration guide for PaloAlto PAN-OS 8.x CEF?

The configuration guide for 7 works for Traffic (tested in my environment and verified). In Palo's syslog guide for 8.0, it says wildfire and URL (I don't have a use case or req't for data, tunnel, User-ID yet) should be subsets of Threat, so it may just be taking the Threat configuration and adding mapping to some of the specific alerts or parameters. I haven't gotten that far yet. 

0 Likes
Visitor.. kk24
Visitor..

Re: Is there configuration guide for PaloAlto PAN-OS 8.x CEF?

I've confirmed that the 7.0 CEF THREAT format will work for URL in 8.0. I'm guessing it will work for Wildfire too. 

Also note that if you're copying the format out of the PDF guide, it does not copy the second hyphen in the field $number-of-severity, so make sure to include it manually.

0 Likes
Highlighted
salvatore.alba@ Super Contributor.
Super Contributor.

Re: Is there configuration guide for PaloAlto PAN-OS 8.x CEF?

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.