Getting Data Into Splunk
Splunk can collect data from all Palo Alto Networks products, each providing a wealth of visibility and control.
Firewall and Panorama
Secure the network domain. Syslog network and system health events to Splunk.
- More information about Next-generation Firewall
- More information about Panorama
- Bring Firewall and Panorama data into Splunk
Cortex Data Lake via HTTP Event Collector(HEC)
Cloud based log management. Collect events directly from Cortex Data Lake using HTTP Event Collector(HEC).
Comprehensive IOT security. Collect IoT alerts and vulnerabilities via API.
Traps Endpoint Protection
Secure the endpoint domain. Syslog endpoint security and operations events to Splunk.
Secure your enterprise SaaS application. Splunk reaches out to the Aperture logging API to collect incidents and activity from your SaaS apps.
WildFire prevents highly evasive zero-day exploits and malware. Bring context and indicators from WildFire reports into Splunk. Splunk reaches out to the WildFire report API to collect the reports of any malware seen in your network.
AutoFocus and MineMeld
Threat Intelligence to help prioritize and contextualize the rest of your data in Splunk. AutoFocus tags are collected via the AutoFocus API and threat indicators are collected from a MineMeld output feed.