Splunk Version Compatibility

Splunk Version App Version
Splunk 7 Palo Alto Networks App 5.4 and 6.x
Splunk 6 Palo Alto Networks App 4.x, 5.x, 6.x
Splunk 5 Palo Alto Networks App 3.x

Compatibility between App and Add-on (TA):

App Add-on (TA)
Version 6.0 Splunk_TA_paloalto 6.0
Version 5.4 Splunk_TA_paloalto 3.8
Version 5.3 Splunk_TA_paloalto 3.7
Version 5.2 Splunk_TA_paloalto 3.6
Version 5.1 Splunk_TA_paloalto 3.6
Version 5.0 Splunk_TA_paloalto 3.5 or 3.6
Version 4.x No Add-on required
Version 3.x No Add-on required


The Add-on (TA) called TA_paloalto is deprecated and should be replaced with Splunk_TA_paloalto.

Firewall and Panorama Support

Firewall/Panorama App / Add-on
PAN-OS 8.0 and higher Add-on 6.0.0 and higher
PAN-OS 7.0 Add-on 3.5.1 and higher
PAN-OS 4.0 - 6.1 Any Add-on version

Correlation logs are supported from PAN-OS 7.1.10 and higher. Prior to 7.1.10, the correlation logs had a different format which is not supported.

Traps Advanced Endpoint Security Support:

Traps App / Add-on
Traps 5.x Coming soon
Traps 3.4 and 4.x Add-on 3.8 and higher
Traps 3.3.2 and higher Add-on 3.6 and higher
Traps 3.3.0 and 3.3.1 Not supported
Traps 3.2.x App 4.2 or Add-on 3.5.x with App 5.0

MineMeld Support

Starting in App/Add-on 6.0.0, MineMeld 0.9.34 and higher are supported. MineMeld hosted in AutoFocus by Palo Alto Networks is above this version, so it is supported.

results matching ""

    No results matching ""