Skip to content

Palo Alto Networks

AQtive Guard seamlessly integrates with Palo Alto Networks Next-Generation Firewalls (NGFW) by ingesting and analyzing TLS handshake data directly from firewall log files. By integrating these logs, AQtive Guard provides a centralized platform for analyzing potential cryptographic risks and anomalies within your network traffic.

Prerequisites

  • A valid Comma-Separated Values (CSV) log file exported from a Palo Alto NGFW.

Export a log file from a Palo Alto Networks NGFW

You can export the contents of a log file to a CSV-formatted report. By default, the report contains up to 2,000 rows of log entries.

Set the number of rows to export

  1. Under Device and Setup, select Management.
  2. Select the Log Export and Reporting tab.
  3. Edit the number of Max Rows in CSV Export (up to 1,048,576 rows).
  4. Select OK to save your changes.

Download the log

  1. Select Export to CSV and wait for the progress bar to complete.
  2. Select Download file to save the log to your local folder.

Upload a Palo Alto Networks log file

To upload the log file in AQtive guard, follow these steps:

  1. Navigate to Data Sources from the main menu, then select Palo Alto Networks.
  2. To upload the CSV file, either:
    • Click in the target area and select the file from your local system.
    • Drag and drop the file into the target upload area.
  3. The data will begin uploading automatically.