An administrator cannot see any Traffic logs from the Palo Alto Networks NGFW in Panorama reports. The configuration problem seems to be on the firewall.
Which settings, if configured incorrectly, most likely would stop only Traffic logs from being sent from the firewall to Panorama?
A.
B.
C.
D.
The correct answer is B. The provided image indicates that Log Forwarding is set to 'None,' which means that no logs, including Traffic logs, are being forwarded to Panorama. This setting affects the forwarding of logs from the firewall to Panorama, and an incorrect configuration here would result in no Traffic logs being sent. Inaccurate settings in the Log Forwarding profile will specifically impact which logs are forwarded, explaining why only Traffic logs might be missing.
The answer is B. Log forwarding in the right is shown "None", Log forwarding profile should be selected.
B is the Answer 100%
Consider option C. This question is still on the PCNSE exam. I've seen it come up twice. I don't know that I'm getting it correct by choosing B. The question specifically says only Traffic logs are missing. If the Log Forwarding Profile is missing, this would affect Threat logs as well. In option C, there is a Syslog server. If you see the "Custom Log Format," you can change just the format for Traffic logs and this could break how Panorama ingests those logs. I couldn't find anything on Palo Alto networks sites, but here's forum where a Palo Alto user was having a similar issue with Splunk. https://community.splunk.com/t5/All-Apps-and-Add-ons/Custom-Log-Format-Parsing-issues/m-p/548818
I get the question, but syslog are normally for external monitoring like Splunk or Solarwinds. The Logging forwarding profile must be configured and it is set to none right now. Under log forwarding you can set different profiles for each log type - threat, traffic etc. This is where the answer really should be.
B & D both showing incorrect configuration, as in B we see log forwarding profiles set to none which means no syslog traffic will be sent, while in D we can no cert file selected for Panorama communication, but B may be better as it "would stop only Traffic logs"
B does make the most sense. A Log Forwarding profile can be configured to filter out certain logs using the Filter Builder.
The answer is B.
Not sure why everyone is picking B. That's config for one rule, not the entire firewall, and there's a URL-Filtering profile added. URL-Filtering logs are different than "only Traffic logs". Look at at the post above which mentioned C and also notice Panorama is checked.
it is definitely B. Security Profiles are not set, so no threat logs can be sent. And there is not log forwarding profile, so no traffic log either
Answer is B. There is no log forwarding profile configured.
A + B. there is another diagram not shown on that question. https://vceguide.com/wp-content/uploads/2018/10/PALO-ALTO-NETWORKS-PCNSE-DATA-10012018_06_Image_0001.jpg
If the traffic log checkbox was not checked when creating the log forwarding profile, other logs will be sent but traffic log. I vote for B.
It is A. This question is missing network diagram with Panorama IP address 10.99.1.2
I think it should be B. There is no need to select a certificate, you can just use predefined, so I think that rules out D.
B is the Answer 100%
I vote for option B, if the log forwarding profile is None, any logs will be sent to Panorama.
\Are you planning to take the exam soon? Have you found any other materials beside from this? I plan to take by end of June
B - forgot to set the Log Forwording Profiles
Log Forwarding