From 2088c366f6324053ea689f106211bf74818832f5 Mon Sep 17 00:00:00 2001 From: Sebastien Quioc Date: Wed, 8 Jan 2025 11:45:04 +0100 Subject: [PATCH] fix(PaloAlto): rename Palo Alto Cortex DataLake into Palo Alto Strata Logging service, the new name of this product --- .../categories/network_security/paloalto.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/integration/categories/network_security/paloalto.md b/docs/integration/categories/network_security/paloalto.md index c436763b51..288a8dfa88 100644 --- a/docs/integration/categories/network_security/paloalto.md +++ b/docs/integration/categories/network_security/paloalto.md @@ -21,7 +21,7 @@ Palo Alto Networks offers an enterprise cybersecurity platform which provides ne OR - - Palo Alto Cortex Data Lake + - Palo Alto Strata Logging Service (formely Palo Alto Cortex Data Lake) - **Network**: - Outbound traffic allowed @@ -90,22 +90,22 @@ Please follow [Configure Log Forwarding](https://docs.paloaltonetworks.com/pan-o {!_shared_content/integration/forwarder_configuration.md!} -### Option B - Forward events through Palo Alto Cortex Data Lake +### Option B - Forward events through Palo Alto Strata Logging Service #### Configure Palo Alto NGFW 1. In the GUI, go to `Objects > Log Forwarding`. 2. Click `Add`, and enter a `Name` to identify the profile. -3. For each log type (here Traffic, Threat and WileFire Malicious), check the box `Cortex Data Lake` in the Forward Method and click `OK`. +3. For each log type (here Traffic, Threat and WileFire Malicious), check the box `Strata Logging Service` (or `Cortex Data Lake`) in the Forward Method and click `OK`. 4. Select `Policies > Security` and select a policy rule. 5. Select the `Actions` tab and select the `Log Forwarding` profile you created. 6. In the `Profile Type` drop-down, select `Profiles` or `Groups`, and then select the security profiles or `Group Profiles` required to trigger log generation and forwarding. 7. Select both of the `Log at Session Start` and `Log At Session End` check boxes, and click `OK`. -#### Configure Palo Alto Cortex Data Lake +#### Configure Palo Alto Strata Logging Service -1. On the Cortex Data Lake console, got to `Log Forwarding` -2. Create a new HTTPS Profiles +1. On the Strata Logging Service console, go to `Log Forwarding` +2. In the `Https` section, click `+` to create a new HTTPS Profiles 3. Enter a `Name` to identify the profile and set the URL to `https://intake.sekoia.io/jsons?status_code=200` 4. In the Client Authorization section, select `Basic Authorization` as Type, fill `Username` with any string (e.g. `sekoiaio`) and `Password` with your **intake key** (see step "Instruction on Sekoia") 5. Click `Test Connection` then click `Next`