Objective
In this lab, we will configure the Palo Alto firewall to forward system logs and traffic logs to an external Syslog server. This is a common requirement in enterprise environments for centralized logging, security auditing, and monitoring.
We’ll assume that a Syslog server (such as a Linux server with Syslog-ng or rsyslog) is running in the DMZ zone.
What You'll Learn?
● How to configure the firewall to forward logs to an external Syslog server.
● How centralized logging supports auditing and monitoring.
● Why external logging is important for log retention and integration with SIEM tools.
Class Sessions
1- Lab 1: Initial Configuration & Access
2- Lab 1: Initial Configuration & Access
3- Session:01
4- Session:01
5- Chapter 2: Configure Static Default Route
6- Chapter 2: Configure Static Default Route
7- Session:02
8- Session:02
9- Session:03
10- Chapter 3: Create Security Zones and Policies
11- Session:03
12- Chapter 3: Create Security Zones and Policies
13- Chapter 4: Configuring Source NAT
14- Session:04
15- Chapter 4: Configuring Source NAT
16- Session:04
17- Session:05
18- Chapter 5: Allowing Internet Access to DMZ Server
19- Chapter 5: Allowing Internet Access to DMZ Server
20- Session:05
21- Chapter 6: Configure Management Profiles
22- Chapter 6: Configure Management Profiles
23- Session:06
24- Session:06
25- Chapter 7: Creating Objects and Groups
26- Session:07
27- Chapter 7: Creating Objects and Groups
28- Session:07
29- Chapter 8: Implement Basic URL Filtering
30- Session:08
31- Chapter 8: Implement Basic URL Filtering
32- Session:08
33- Chapter 9: Configuring User-ID feature
34- Chapter 9: Configuring User-ID feature
35- Session:09
36- Session:09
37- Session:10
38- Session:10
39- Chapter 10: Threat Prevention Profile
40- Chapter 10: Threat Prevention Profile
41- Chapter 11: Logs to External Syslog Server
42- Chapter 11: Logs to External Syslog Server
43- Chapter 12: Capturing Packets Using CLI
44- Chapter 12: Capturing Packets Using CLI
