inputs.conf is configured/time is sync'd.
Realtime feed shows traffic, logs are indexed. There is no Overview dashboard.
Data model audit shows pan_firewall acceleration is enabled and build is 100%.
Firewall configuration and systems dashboards populate.
We are not using/including Aperture, Minemeld, Wildfire, or endpoint feeds.
Query inspections for SaaS look like:
This search has completed in 0.532 seconds, but did not match any events. The terms specified in the highlighted portion of the search: (the whole search criteria) over time range (one hour) did not return any results.
sanctioned_saas.csv is configured.
Query inspections for Web, Users, and File look like:
This search has completed and found 98 matching events in 5.879 seconds. However, the transforming commands in the highlighted portion of the following search: (the whole search criteria) over time range (one hour) did not return any results.
Im testing in the lab on the free version of Enterprise 6.6.3 on Linux and PA-200 v8.0.5 using standard syslog.
Installed 6.0 as an update to App 5.4.2/Add-on 3.8.2
↧