I’m using Graylog 3.0 (enterprise version) to collect log messages from Palo Alto firewalls (PANOS version 8.1). It’s working fine with SYSTEM, THREAT and TRAFFIC logs. When adding the input for the PA firewalls on the Graylog web UI, I see three blocks for the message fields mapping (SYSTEM, THREAT and TRAFFIC). I would like to add field mappings also for CONFIG messages. How can I do this?
Thank you in advance,