Strata Logging Service
Forward Logs to an Email Server
Table of Contents
Expand All
|
Collapse All
Strata Logging Service Docs
Forward Logs to an Email Server
Learn how to forward logs from Strata Logging Service to an
email server.
Where Can I Use This? | What Do I Need? |
---|---|
| One of these:
|
To get email notifications whenever critical
issues occur on your network, you can configure Strata Logging Service
to send notifications to an email destination. Strata Logging Service
uses the Palo Alto Networks SMTP server to forward log information
in an email format, and all emails are sent from noreply@cs.paloaltonetworks.com. The
communication between Strata Logging Service and the email destination
uses SMTP over TLS, and SMTP server certificate is signed by a trusted
root CA.
- Sign In to the hub.Select the Strata Logging Service instance that you want to configure for email forwarding.If you have multiple Strata Logging Service instances, hover over the Strata Logging Service tile and then select an instance from the list of available instances.If you are using Strata Cloud Manager to manage Strata Logging Service, click SettingsStrata Logging ServiceLog Forwarding to manage log forwarding from Strata Logging Service instance to an external server.Configure email forwarding.You cannot add your SMTP server to Strata Logging Service currently.
- Select Log ForwardingAdd to add a new email forwarding profile.Enter a descriptive Name for the profile.Enter the email address of the administrator To whom you want to send email.You can enter up to ten additional email addresses, separated by commas, to add as BCC.Enter the Email Subject to clearly identify the purpose of the notification.Select the logs you want to forward.
- Add a new log filter.
- Select the Log Type.
- (Optional) Create a log filter to forward only the logs that are most critical to you.You can either write your own queries from scratch or use the query builder. You can also select the query field to choose from among a set of common predefined queries.
- No double quotes (“”).
- No subnet masks. To return IP addresses with subnets, use the LIKE operator. Example: src_ip.value LIKE “192.1.1.%”.
If you want to forward all logs of the type you selected, do not enter a query. Instead, proceed to the next step. - Save your changes.
- Add other log types for which you’d like to receive email notifications.
Save your changes.Email forwarding is rate limited to allow 10 emails per second.Acknowledge to reach out to your Palo Alto Networks team to enable log forwarding from Strata Logging Service in China to an external log server. Be aware that configuring log forwarding profiles to send logs to servers outside China can result in personally identifiable information leaving China.Verify that the Status of your email forwarding profile is Running ((Optional) You can use the running Email forwarding profile to forward past logs spanning up to 3 days.