Palo Alto Firewall: Get Log activity

The Palo Alto Firewall: Get Log workflow activity schedules a query on the firewall to retrieve logs and returns a JobID used to retrieve the log data.

Input variables

Input variables determine the initial behavior of the activity.

Table 1. Input variables
Variable Description
FirewallIpAddress [string] The IP address of the firewall. This input variable is mandatory.
FirewallApiKey [string] The API access key of the firewall. This input variable is mandatory.
FirewallLogType [string] The type of log data to be retrieved (set to threat). This input variable is mandatory.
FirewallLogFilterQuery [string] The query to be executed to search for logs on the firewall. This input variable is mandatory.
LogDirection [string] Specifies whether logs are shown oldest first (backward) or newest first (forward) order.
LogNumber [string] Specifies the number of logs to retrieve.
LogSkipCount [string] Specifies the number of logs to skip when doing a log retrieval.

Output variables

The output variables contain data that can be used in subsequent activities. The output consists of data from the firewall configuration, as well as dynamically generated data.

Table 2. Output variables
Variable Description
QueuedJobID [string] The Job ID returned from the firewall.
JobScheduled [string] Specifies (success or failure) whether the job was sent to the firewall.
error [string] Any errors returned.