> For the complete documentation index, see [llms.txt](https://help.radiantsecurity.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://help.radiantsecurity.ai/radiant-connectors/network-security/palo-alto-networks/palo-alto-networks-strata.md). # Palo Alto Networks Strata Palo Alto Networks Strata is Palo Alto's network security platform, and Strata Logging Service is its cloud service for storing and managing firewall logs. Connecting Strata Logging Service forwards firewall traffic and threat logs to Radiant Security over TLS syslog. Radiant uses the log data to triage firewall and threat alerts in context, giving analysts faster verdicts on whether observed traffic reflects a real compromise or routine network activity. ### Prerequisites * [ ] Admin access to Strata Logging Service ### Add the data connector in Radiant Security 1. Log in to [Radiant Security](https://app.radiantsecurity.ai/). 2. From the navigation menu, click **Settings** > **Data Connectors**, then click **+ Add Connector**. 3. Search for and select **Palo Alto Networks Strata (syslog)**, then click **Data Feeds**. 4. Under **Select your data feeds**, select **Palo Alto Networks Strata**, then click **Credentials**. 5. Under **Credential Name**, enter an identifiable name (e.g., `PAN Strata Credentials`). To reuse an existing credential, select it from the drop-down menu. 6. In the **Connector tag** field, enter a random value. This value acts as the salt to randomize the **Token** you download in the next step. 7. Click **Add Connector**. 8. Save the **Token** value, or use **Download Files** to save the token file. You use it in the next section. 9. Click **Done** to save your changes. ### Configure log forwarding in Strata Logging Service 1. Access Strata Logging Service through the Palo Alto Networks Hub. 2. Select the **Strata Logging Service** instance you want to configure for syslog forwarding. 3. Select **Log Forwarding**, then click **Add** to add a new syslog forwarding profile. 4. Configure: * **Name**: `Radiant Security Syslog Server` * **Syslog Server**: `cluster.syslog.radiantsecurity.ai` * **Port**: `6514` * **Facility**: `1 - LOG_USER / User Level` 5. Click **Test Connection**. 6. When the connection succeeds, click **Next**. 7. Configure: * **Format**: CSV * **Delimiter**: comma * **Profile Token**: enter the **Token** you saved during the data connector setup. 8. (Optional) Create a [log filter](https://docs.paloaltonetworks.com/strata-logging-service/administration/forward-logs/create-log-filters) to control which logs are forwarded. 9. Click **Save**, then confirm the syslog forwarding profile **Status** is **Running**. ### Verify ingestion After Palo Alto Networks Strata begins forwarding, confirm alerts and events are reaching Radiant. 1. In Radiant, navigate to [Log Management](https://app.radiantsecurity.ai/logs). 2. Filter by `rs_connectorType:"pan_strata"`. 3. Confirm recent alerts and events appear. {% hint style="info" %} Allow several minutes for alerts and events to be parsed, indexed, and available for search. {% endhint %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.radiantsecurity.ai/radiant-connectors/network-security/palo-alto-networks/palo-alto-networks-strata.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.