Cloud Data Protection and Security

 View Only

Erro import log CloudSoc Audit

  • 1.  Erro import log CloudSoc Audit

    Posted Jul 02, 2020 11:43 AM
      |   view attached

    Hi,

     

    we have follow the manual for export log palo alto, mandatory fields are present in the logs, but is show import error: "Input file does not contain log messages required by Audit"

    i don't know what's going on, someone help me, please.

    header Traffic:

    Domain,Receive Time,Serial #,Type,Threat/Content Type,Config Version,Generate Time,Source address,Destination address,NAT Source IP,NAT Destination IP,Rule,Source User,Destination User,Application,Virtual System,Source Zone,Destination Zone,Inbound Interface,Outbound Interface,Log Action,Time Logged,Session ID,Repeat Count,Source Port,Destination Port,NAT Source Port,NAT Destination Port,Flags,IP Protocol,Action,Bytes,Bytes Sent,Bytes Received,Packets,Start Time,Elapsed Time (sec),Category,tpadding,Sequence Number,Action Flags,Source Country,Destination Country,cpadding,Packets Sent,Packets Received,Session End Reason,DG Hierarchy Level 1,DG Hierarchy Level 2,DG Hierarchy Level 3,DG Hierarchy Level 4,Virtual System Name,Device Name,Action Source,Source VM UUID,Destination VM UUID,Tunnel ID/IMSI,Monitor Tag/IMEI,Parent Session ID,Parent Session Start Time,Tunnel,SCTP Association ID,SCTP Chunks,SCTP Chunks Sent,SCTP Chunks Received,UUID for rule,HTTP/2 Connection

    header URL:

    Domain,Receive Time,Serial #,Type,Threat/Content Type,Config Version,Generate Time,Source address,Destination address,NAT Source IP,NAT Destination IP,Rule,Source User,Destination User,Application,Virtual System,Source Zone,Destination Zone,Inbound Interface,Outbound Interface,Log Action,Time Logged,Session ID,Repeat Count,Source Port,Destination Port,NAT Source Port,NAT Destination Port,Flags,IP Protocol,Action,URL Filename,Threat/Content Name,Category,Severity,Direction,Sequence Number,Action Flags,Source Country,Destination Country,cpadding,contenttype,pcap_id,filedigest,cloud,url_idx,user_agent,filetype,xff,referer,sender,subject,recipient,reportid,DG Hierarchy Level 1,DG Hierarchy Level 2,DG Hierarchy Level 3,DG Hierarchy Level 4,Virtual System Name,Device Name,file_url,Source VM UUID,Destination VM UUID,http_method,Tunnel ID/IMSI,Monitor Tag/IMEI,Parent Session ID,Parent Session Start Time,Tunnel,thr_category,contentver,sig_flags,SCTP Association ID,Payload Protocol ID,http_headers,URL Category List,UUID for rule,HTTP/2 Connection

    Attachment(s)