How to Pull and View Logs Using Automation for Palo Alto Networks Firewalls

Many network monitoring tools on the market today are just good at that: monitoring. They fail to go in depth and dig deep into devices to pull the gritty data important to IT teams. We build indeni with those users in mind. Our goal is to simplify network management, not just monitor it. For example:

There are two sets of log “components” in Palo Alto Networks firewalls:

• The easily accessible logs (for lack of better name):

• indeni@Peanut(active)> show log > alarm Show alarm logs > appstat Show appstat logs > configShow config logs > dailythsumShow dailythsum logs > dailytrsumShow dailytrsum logs > dataShow data logs > hipmatchShow hipmatch logs > hourlythsum Show hourlythsum logs > hourlytrsum Show hourlytrsum logs > iptag Show iptag logs > mdm Show mdm logs > systemShow system logs > threatShow threat logs > thsum Show thsum logs > traffic Show traffic logs > trsum Show trsum logs > url Show url logs > useridShow userid logs > weeklythsum Show weeklythsum logs > weeklytrsum Show weeklytrsum logs > wildfireShow wildfire logs  indeni@Peanut(active)>

indeni is now capable of accessing the SSH-only logs and analyzing those. So, if you have certain log lines you’d like to automatically collect and analyze from these files, please feel free to email us at [email protected] and share your needs. We’ll be sure to include those in our software, in addition to the thousands of other log lines that are already on our list.