Palo Alto Networks Firewall
Experience the power of CompassOne
Get a DemoIntegrate. Simplify. Protect.
Collect and store Palo Alto Networks Firewall logs while giving the Blackpoint SOC visibility into network threats and suspicious activity. With OCSF field mapping, advanced search, and included storage, this integration strengthens both your compliance posture and your overall security.
Palo Alto Networks Firewall + CompassOne Overview:
01Collect firewall logs across your environment
Forward traffic, event, VPN, SSL inspection, user authentication, policy, and admin logs from your Palo Alto Networks Firewalls directly into CompassOne for storage, search, and analysis.
02Strengthen SOC threat detection
Integrating Palo Alto Networks Firewall data provides the 24/7 Blackpoint SOC with network-level telemetry to detect suspicious activity, investigate incidents, and support faster response.
03Stay audit-ready
Retain firewall logs to meet compliance standards, satisfy cyber insurance requirements, and support regulatory audits. Retrieve what you need quickly with built-in search.
04Find what you need, fast
Search Palo Alto firewall events using time and field filters, keyword matching, and advanced query syntax — whether you are running an audit, investigating an incident, or reviewing policy changes.
05Standardized data format
CompassOne maps Palo Alto firewall logs to the Open Cybersecurity Schema Framework (OCSF), making them structured, searchable by field, and compatible with third-party tools for parsing, visualization, and analysis.
0612 months of storage included
Get a full year of Palo Alto firewall log storage at no additional cost. Longer retention is available at a flat monthly rate — no data tiers, no surprises.
07Fast, hassle-free setup
The same Blackpoint Agent running your 24/7 MDR also handles log collection. Point your Palo Alto firewall at the agent’s syslog collector and logs start flowing into CompassOne within minutes