General Log Collector Settings
Table of Contents
Expand all | Collapse all
-
- Objects > Addresses
- Objects > Address Groups
- Objects > Regions
- Objects > Dynamic User Groups
- Objects > Application Groups
- Objects > Application Filters
- Objects > Services
- Objects > Service Groups
- Objects > Devices
- Objects > External Dynamic Lists
- Objects > Custom Objects > Spyware/Vulnerability
- Objects > Custom Objects > URL Category
- Objects > Security Profiles > Antivirus
- Objects > Security Profiles > Anti-Spyware Profile
- Objects > Security Profiles > Vulnerability Protection
- Objects > Security Profiles > File Blocking
- Objects > Security Profiles > WildFire Analysis
- Objects > Security Profiles > Data Filtering
- Objects > Security Profiles > DoS Protection
- Objects > Security Profiles > Mobile Network Protection
- Objects > Security Profiles > SCTP Protection
- Objects > Security Profile Groups
- Objects > Log Forwarding
- Objects > Authentication
- Objects > Decryption > Forwarding Profile
- Objects > Schedules
-
-
- Firewall Interfaces Overview
- Common Building Blocks for Firewall Interfaces
- Common Building Blocks for PA-7000 Series Firewall Interfaces
- Tap Interface
- HA Interface
- Virtual Wire Interface
- Virtual Wire Subinterface
- PA-7000 Series Layer 2 Interface
- PA-7000 Series Layer 2 Subinterface
- PA-7000 Series Layer 3 Interface
- Layer 3 Interface
- Layer 3 Subinterface
- Log Card Interface
- Log Card Subinterface
- Decrypt Mirror Interface
- Aggregate Ethernet (AE) Interface Group
- Aggregate Ethernet (AE) Interface
- Network > Interfaces > VLAN
- Network > Interfaces > Loopback
- Network > Interfaces > Tunnel
- Network > Interfaces > SD-WAN
- Network > VLANs
- Network > Virtual Wires
-
- Network > Network Profiles > GlobalProtect IPSec Crypto
- Network > Network Profiles > IPSec Crypto
- Network > Network Profiles > IKE Crypto
- Network > Network Profiles > Monitor
- Network > Network Profiles > Interface Mgmt
- Network > Network Profiles > QoS
- Network > Network Profiles > LLDP Profile
- Network > Network Profiles > SD-WAN Interface Profile
-
-
- Device > Setup
- Device > Setup > Management
- Device > Setup > Interfaces
- Device > Setup > Telemetry
- Device > Setup > Content-ID
- Device > Setup > WildFire
- Device > Setup > DLP
- Device > Log Forwarding Card
- Device > Config Audit
- Device > Administrators
- Device > Admin Roles
- Device > Access Domain
- Device > Authentication Sequence
- Device > Device Quarantine
-
- Security Policy Match
- QoS Policy Match
- Authentication Policy Match
- Decryption/SSL Policy Match
- NAT Policy Match
- Policy Based Forwarding Policy Match
- DoS Policy Match
- Routing
- Test Wildfire
- Threat Vault
- Ping
- Trace Route
- Log Collector Connectivity
- External Dynamic List
- Update Server
- Test Cloud Logging Service Status
- Test Cloud GP Service Status
- Device > Virtual Systems
- Device > Shared Gateways
- Device > Certificate Management
- Device > Certificate Management > Certificate Profile
- Device > Certificate Management > OCSP Responder
- Device > Certificate Management > SSL/TLS Service Profile
- Device > Certificate Management > SCEP
- Device > Certificate Management > SSL Decryption Exclusion
- Device > Certificate Management > SSH Service Profile
- Device > Response Pages
- Device > Server Profiles
- Device > Server Profiles > SNMP Trap
- Device > Server Profiles > Syslog
- Device > Server Profiles > Email
- Device > Server Profiles > HTTP
- Device > Server Profiles > NetFlow
- Device > Server Profiles > RADIUS
- Device > Server Profiles > TACACS+
- Device > Server Profiles > LDAP
- Device > Server Profiles > Kerberos
- Device > Server Profiles > SAML Identity Provider
- Device > Server Profiles > DNS
- Device > Server Profiles > Multi Factor Authentication
- Device > Local User Database > Users
- Device > Local User Database > User Groups
- Device > Scheduled Log Export
- Device > Software
- Device > Dynamic Updates
- Device > Licenses
- Device > Support
- Device > Policy Recommendation
-
- Network > GlobalProtect > MDM
- Network > GlobalProtect > Clientless Apps
- Network > GlobalProtect > Clientless App Groups
- Objects > GlobalProtect > HIP Profiles
-
- Use the Panorama Web Interface
- Context Switch
- Panorama Commit Operations
- Defining Policies on Panorama
- Log Storage Partitions for a Panorama Virtual Appliance in Legacy Mode
- Panorama > Setup > Interfaces
- Panorama > High Availability
- Panorama > Administrators
- Panorama > Admin Roles
- Panorama > Access Domains
- Panorama > Device Groups
- Panorama > Plugins
- Panorama > Log Ingestion Profile
- Panorama > Log Settings
- Panorama > Server Profiles > SCP
- Panorama > Scheduled Config Export
End-of-Life (EoL)
General Log Collector Settings
- Panorama > Managed Collectors > General
Configure the settings as described in the following table to
identify a Log Collector and define its connections to the Panorama
management server, DNS servers, and NTP servers.
Log Collector General Settings | Description |
|---|---|
Collector S/N | (Required) Enter the serial number
of the Panorama appliance that functions as the Log Collector. If
the Log Collector is local, enter the serial number of the Panorama
management server. |
Collector Name | Enter a name to identify this Log Collector
(up to 31 characters). The name is case-sensitive, must be unique,
and can contain only letters, numbers, spaces, hyphens, and underscores. This
name displays as the Log Collector hostname. |
Inbound Certificate for Secure Syslog | Select the certificate that the managed
collector must use to securely ingest logs from the Traps™ ESM server.
This certificate is called an inbound certificate because the Panorama/
Managed Collector is the server to which the Traps ESM (client)
is sending logs; the certificate is required if the Transport protocol
for the log ingestion profile is SSL. |
Certificate for Secure Syslog | Select a certificate for secure forwarding
of syslogs to an external Syslog server. The certificate must have
the Certificate for Secure Syslog option
selected (see Manage
Firewall and Panorama Certificates). When you assign a Syslog
server profile to the Collector Group that includes this Log Collector
(see Panorama
> Collector Groups, PanoramaCollector GroupsCollector Log
Forwarding), the Transport protocol
of the server profile must be SSL (see Device
> Server Profiles > Syslog). |
Panorama Server IP | Specify the IP address of the Panorama management
server that manages this Log Collector. |
Panorama Server IP 2 | Specify the IP address of the secondary
peer if the Panorama management server is deployed in a high availability
(HA) configuration. |
Domain | Enter the domain name of the Log Collector. |
Primary DNS Server | Enter the IP address of the primary DNS
server. The Log Collector uses this server for DNS queries (for
example, to find the Panorama management server). |
Secondary DNS Server | (Optional) Enter the IP address
a secondary DNS server to use if the primary server is unavailable. |
Primary NTP Server | Enter the IP address or host name of the
primary NTP server, if any. If you do not use NTP servers, you can
set the Log Collector time manually. |
Secondary NTP Server | (Optional) Enter the IP address
or host name of secondary NTP servers to use if the primary server
is unavailable. |
Timezone | Select the time zone of the Log Collector. |
Latitude | Enter the latitude (-90.0 to 90.0) of the
Log Collector. Traffic and threat maps use the latitude for App
Scope. |
Longitude | Enter the longitude (-180.0 to 180.0) of
the Log Collector. Traffic and threat maps use the longitude for
App Scope. |