Question: Userid logs not consistent

Question

Question: Userid logs not consistent

Closed this issue 6 years ago · 2 comments

Would it be appropriate to have our Palo guys submit a support ticket about the log format of the userid logs. The "Generated Time" field is in a different location than the rest of the log types. Userid has it in the 9th field whereas everything else is in the 7th field.

Thanks!

Answer 1 · 2017-11-02T16:27:12.000Z

Hi, yes please open a support ticket on this and send the ticket ID to splunkapp@paloaltonetworks.com. Thanks!

Answer 2 · 2018-06-07T20:57:00.000Z

Bug PAN-96490 was opened on this. PAN-OS syslog fields for auth logs will be corrected in the next release. Closing this issue for now but let me know if you have any questions.