The dashboards use the datamodel to pull logs quickly for visualization. The Palo Alto Networks App for Splunk contains a datamodel and dashboards. Common high-volume low-value candidates are traffic start logs, non-container URL logs, benign WildFire logs, and logs from policy rules that pass a lot of traffic that is not highly relevant (eg. If the compute resources of the servers are oversubscribed, the firewall administrator can reduce the volume of logs sent from the firewall by turning off unnecessary logs. The more logs sent to Splunk, the more visibility is available into the traffic on the network. The firewall administrator has granular control over the quantity of logs sent. The Palo Alto Networks App and Add-on for Splunk has varying system requirements depending on the number of logs sent to Splunk.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |