Free Preparation Discussions
MENU
Palo Alto Networks Exam PCDRA Topic 6 Question 80 Discussion
Topic #: 6
What functionality of the Broker VM would you use to ingest third-party firewall logs to the Cortex Data Lake?
The Broker VM is a virtual machine that acts as a data broker between third-party data sources and the Cortex Data Lake. It can ingest different types of data, such as syslog, netflow, database, and pathfinder. The Syslog Collector functionality of the Broker VM allows it to receive syslog messages from third-party devices, such as firewalls, routers, switches, and servers, and forward them to the Cortex Data Lake. The Syslog Collector can be configured to filter, parse, and enrich the syslog messages before sending them to the Cortex Data Lake. The Syslog Collector can also be used to ingest logs from third-party firewall vendors, such as Cisco, Fortinet, and Check Point, to the Cortex Data Lake. This enables Cortex XDR to analyze the firewall logs and provide visibility and threat detection across the network perimeter.Reference:
Supported Third-Party Firewall Vendors
Currently there are no comments in this discussion, be the first to comment!