Interesting logs found for Palo Alto Networks

Vendor

Palo Alto Networks

Description

For each supported device, Indeni will look for logs that are deemed "interesting" and alert when these are found.

Remediation Steps

For each line, extended information is included with specific remediation steps.

How does this work?

This alert logs into the Palo Alto Networks device through SSH and runs "grep" on multiple different mp-log files, looking for known issues. When found, these log lines are passed on to analysis and alerting.

Why is this important?

This alert logs into the Palo Alto Networks device through SSH and runs "grep" on multiple different mp-log files, looking for known issues. When found, these log lines are passed on to analysis and alerting.

Without Indeni how would you find this?

An administrator is required to log into the Palo Alto Networks device manually and use the "grep mp-log" and "less mp-log" commands to review the mp-log files manually.


View Source Code