Mappings: Palo Alto System Auth Success Variant 3
| Legacy Parser Grok Patterns |
|---|
| PALO_FW_SYSTEM_AUTH_SUCCESS_3 |
| Output | Value |
|---|---|
| Vendor | Palo Alto Networks |
| Product | Next Generation Firewall |
| Record Type | Authentication |
| Cloud SIEM Schema Field | Original Record Key | Notes |
|---|---|---|
| device_ip | source_ip | |
| severity | severity | |
| srcDevice_ip | source_ip | |
| success | None | The static text true is populated in this schema field. |
| timestamp | generated_time | We expect the orginal record value of generated_time is in the format yyyy/MM/dd HH:mm:ss |
| user_username | username |