Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

Home > Success Center > Log & Event Manager (LEM) > Integrate Palo Alto firewalls with LEM

Integrate Palo Alto firewalls with LEM

Created by Karen Valdellon, last modified by MindTouch on Jun 23, 2016

Views: 94 Votes: 1 Revisions: 3

Overview

This article describes how to configure Palo Alto firewalls and the following Palo Alto Networks to connect to your LEM appliance:

  • PA-2000 Series
  • PA-4000 Series

Environment

All LEM versions

Steps

Palo Alto firewall

Consult the following sections of the Palo Alto Administrator's Guide to configure your firewall to send syslog messages to your LEM appliance:

  • Defining Configuration and System Log Settings
  • Defining Log Forwarding Profiles

Note: The default logging facility used in the LEM connector for Palo Alto firewalls is local5. If you choose an alternate logging facility during your firewall configuration, note if for use in the next procedure.

PA-2000 Series and PA-4000 Series

  1. Open the LEM Console and log in to the LEM Manager as an administrator.
  2. Click the gear icon next to your LEM Manager and then select Connectors.
  3. In the Connector Configuration window, enter Palo Alto in the search box at the top of the Refine Results pane.
  4. Click the gear icon next to the Palo Alto Networks PA-2000 Series and PA-4000 Series Firewall connector, and then select New.
  5. Enter a custom Alias or accept the default.
  6. Verify that the Log File value matches the Facility value you selected when defining LEM as a syslog server for your firewall.
  7. Click Save.
  8. Click the gear icon next to the new connector, and then click Start.
  9. Click Close. 

 

Last modified
20:02, 22 Jun 2016

Tags

Classifications

Public