# Palo Alto Prisma Access (syslog) In this guide, you'll configure Palo Alto Networks Prisma Access to set up Prisma Access to forward logs securely to Radiant Security using syslog TLS. ### Prerequisites * [ ] Access to the **Palo Alto Networks Hub** * [ ] You must have at least one of the following licenses to use Strata Cloud Manager: Prisma Access, AIOps for NGFW Premium, Prisma SD-WAN ### Add the data connector in Radiant Security 1. Log in to [Radiant Security](https://app.radiantsecurity.ai/). 2. From the navigation menu, click **Settings** > **Data Connectors** and click **+ Add Connector**. 3. Search for and select the **Palo Alto Prisma Access** option and then click **Data Feeds**. 4. Under **Select your data feeds**, select the **Palo Alto Prisma Access** data feed and then click **Credentials**. 5. Under **Credential Name**, give the credential an identifiable name (e.g. `PAN Credentials`). If you already have a credential in place, select it from the drop-down menu. Click **Credentials**. 6. In the **Connector tag** field, enter a random value. This value will act as the salt to randomize the unique **Token** you’ll download in the next step. 7. Click **Add Connector**. 8. Save the **Token** value and use the **Download Files** option to download the SSL certificate file. This token will be used in the upcoming section. 9. Click **Done** to save your changes. ### Configure log forwarding in Prisma Access Console 1. Access the [Palo Alto Networks Hub](https://apps.paloaltonetworks.com/apps). 2. Select the **Strata Logging Service** that you want to configure for syslog forwarding. If you are using Strata Cloud Manager to manage **Strata Logging Service**, navigate to **Settings > Strata Logging Service > Log Forwarding**. 3. Select the **Syslog** tab and click **+** to add a new syslog forwarding profile. 4. Fill the fields with the following values: * **Name**: `Radiant Security Syslog Connector` * **Syslog Server**: `primary-k8s.syslog.radiantsecurity.ai` * **Port**: `6514` * **Facility**: `LOG_LOCAL0` * Under **Server Authentication**, click **Upload** and upload the **CA certificate** that you created in the **Add the data connector in Radiant Security** section. 5. Click **Test Connection.** If the test fails, refer to the last section of this guide for instructions on how to contact your Customer Success Manager. 6. Click **Next**. 7. Fill the fields with the following values: 1. **Format**: CEF 2. **Delimiter**: Space 3. **Profile Token**: Enter the **Token** that you generated in the [Add the data connector in Radiant Security](#add-the-data-connector-in-radiant-security) section. 4. **Filters**: Click **Add** and select the following log types: * Traffic * Threat * URL * Data * Authentication * DNS Security * File * **GlobalProtect** * **IPTag** * **URL** * **UserID** * **Remote Browser Isolation** 8. Click **Save** to save the changes. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.radiantsecurity.ai/radiant-connectors/data-connectors/palo-alto-prisma-access-syslog.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.