Graylog content pack for Palo Alto firewalls. The dashboards are based on a previous content-pack for Palo Alto that went out of date. The extractors have been generated dynamically using Palo Alto documentation as reference (using a script located here: Daan / Graylog-Extractor-Template-Generator · GitLab).
Extractors can probably be simplified. Feel free to make a pull request to fix/improve something.
This content pack contains:
- Extractors for THREAT and SYSTEM category logs;
- Dashboards for threats and URL filtering.