Palo Alto PA DSM specifications
The following table identifies the specifications for the Palo Alto PA Series DSM:
| Specification | Value |
|---|---|
| Manufacturer | Palo Alto Networks |
| DSM name | Palo Alto PA Series |
| RPM file name | DSM-PaloAltoPaSeries-QRadar_version-build_number.noarch.rpm |
| Event format |
LEEF for PAN-OS v3.0 to v10.2, and Prisma Access v2.1 CEF for PAN-OS v4.0 to v6.1. (CEF:0 is supported) |
| QRadar recorded log types |
Traffic Threat Config System HIP Match Data WildFire Authentication Tunnel Inspection Correlation URL Filtering User-ID SCTP File Data GTP HIP Match IP-Tag Global Protect
Important: To use the Global Protect log type, you must enable the
EventStatus/Status field in Palo Alto.
Decryption |
| Automatically discovered? | Yes |
| Includes identity? | Yes |
| Includes custom properties? | No |
| More information | Palo Alto Networks website (http://www.paloaltonetworks.com) |