Michael_Baker
7 months agoNeophyte
Nice little hint! with LM Config
In light of the recent Palo CVE and the meed to check logs and monitor for IOC's we used LM Config with an expect script (Grep is not avail over API).
That would only pull the logs if it matched a IOC and alert us! Simple task but a handy use case for LM Config.
Palo will not let you send those logs to a remote syslog otherwise we would of gone the siem path