SourceType Confusion
Opened this issue · 0 comments
shepherdjay commented
Documentation link
https://pan.dev/splunk/docs/universal-forwarder/
Describe the problem
In the firewall setup documentation it states to set the input for post 6.1 devices to pan:firewall
However in the splunk syslog-ng / universal-fowarder documentation it doesn't make any distinction and states the source type as pan:log
Suggested fix
Documentation should clarify whether this to should change for post 6.1 or should be set to the same pan:log for either