Submit a ticketCall us

Announcing NPM 12.2
With NPM 12.2 you can monitor your Cisco ASA firewalls, to monitor VPN tunnels for basic visibility and troubleshooting tunnels. NPM 12.2 also uses the SolarWinds Orion Installer so you can easily install and upgrade one or more Orion Platform products simultaneously.
See new features and improvements.

Home > Success Center > Log & Event Manager (LEM) > Integrate Palo Alto firewalls with LEM

Integrate Palo Alto firewalls with LEM

Created by Karen Valdellon, last modified by MindTouch on Jun 23, 2016

Views: 437 Votes: 1 Revisions: 3


This article describes how to configure Palo Alto firewalls and the following Palo Alto Networks to connect to your LEM appliance:

  • PA-2000 Series
  • PA-4000 Series


All LEM versions


Palo Alto firewall

Consult the following sections of the Palo Alto Administrator's Guide to configure your firewall to send syslog messages to your LEM appliance:

  • Defining Configuration and System Log Settings
  • Defining Log Forwarding Profiles

Note: The default logging facility used in the LEM connector for Palo Alto firewalls is local5. If you choose an alternate logging facility during your firewall configuration, note if for use in the next procedure.

PA-2000 Series and PA-4000 Series

  1. Open the LEM Console and log in to the LEM Manager as an administrator.
  2. Click the gear icon next to your LEM Manager and then select Connectors.
  3. In the Connector Configuration window, enter Palo Alto in the search box at the top of the Refine Results pane.
  4. Click the gear icon next to the Palo Alto Networks PA-2000 Series and PA-4000 Series Firewall connector, and then select New.
  5. Enter a custom Alias or accept the default.
  6. Verify that the Log File value matches the Facility value you selected when defining LEM as a syslog server for your firewall.
  7. Click Save.
  8. Click the gear icon next to the new connector, and then click Start.
  9. Click Close. 


Last modified
20:02, 22 Jun 2016