Running the latest PAN FW App and Add On Splunk 7.02
I followed troubleshooting steps to no avail. URLs are reported by a regular search. After a bit of investigation it looks like there's no event type "pan_url", which is used in the datamodel. So, you run a simple query such as
eventtype="pan_threat"
The query returns results, including URLs but `eventtype="pan_url"` comes up empty.
Any idea?
↧