Palo Alto Firewall Data
App Installation
| App | Search Head | Indexer | Heavy Forwarder | UF / Deployment Server | Additional Details |
|---|---|---|---|---|---|
| Palo Alto Add-on for Splunk | Required | - | Required | - | Installation Guide & Configuration Guide |
Important sourcetypes to be collected
- pan:config
- pan:globalprotect
- pan:system
- pan:threat
- pan:traffic
Note : Create an index named pan_log or update the cs_palo macro definition from Cyences app configuration page (Cyences Settings > Cyences App Configuration > Products Setup).
Estimated Data Size
The Palo Alto Add-on consumes around 8-10GB of license usage per day.
The total amount of data varies based on the size of your organization (our calculations are based on organizations with around fifty regular users).