Category: Tag:


Customer is a leading SIEM solution provider.

They provide a platform for companies to aggregate and act upon Threat Intelligence.


Customer requested to build a Connector app to integrate their platform with Palo Alto Networks PAN-OS/Firewall to collect Syslog to present as event after normalization, and perform orchestration action to create dynamic address group , attach IP address with tag so security policy can make use of it.


Technology Solution

PAN‑OS is the software that runs all Palo Alto Networks® next-generation firewalls

Sacumen developed the Connector app to integrate Palo Alto Networks using java, and Apache REST.

The Connector app performs the following actions:

Set up the prerequisites

Setup Palo Alto firewall

Create a service account

Authenticate using API (XML or REST) with API Key

Show the Syslog events

A sampling of the records to calculate estimated EPS.

Calculates bandwidth consumption.

Calculates Error rate.

Perform the Orchestration action such as Create Tag to specific IP Address, create Dynamic Address Group and attach tag to the group.

Do you need free Consultation for your security product integration?

    There are no reviews yet.

    Be the first to review “SIEM Integration with Palo Alto PAN-OS”