ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 8 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 8
Topic #: 1
[All PCNSE Questions]

An administrator cannot see any Traffic logs from the Palo Alto Networks NGFW in Panorama reports. The configuration problem seems to be on the firewall.
Which settings, if configured incorrectly, most likely would stop only Traffic logs from being sent from the firewall to Panorama?
A.

B.

C.

D.

Show Suggested Answer Hide Answer
Suggested Answer: B
by bloodtech at March 12, 2021, 3:21 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
shetoshandasa
Highly Voted 4 years, 1 month ago
The answer is B. Log forwarding in the right is shown "None", Log forwarding profile should be selected.
upvoted 15 times
...
zerox7305
Highly Voted 3 years, 4 months ago
B is the Answer 100%
upvoted 8 times
...
BTSeeYa
Most Recent 9 months, 3 weeks ago
Not sure why everyone is picking B. That's config for one rule, not the entire firewall, and there's a URL-Filtering profile added. URL-Filtering logs are different than "only Traffic logs". Look at at the post above which mentioned C and also notice Panorama is checked.
upvoted 1 times
...
hcir
10 months, 4 weeks ago
it is definitely B. Security Profiles are not set, so no threat logs can be sent. And there is not log forwarding profile, so no traffic log either
upvoted 1 times
...
Marshpillowz
1 year, 3 months ago
Answer is B. There is no log forwarding profile configured.
upvoted 1 times
...
90fa8d0
1 year, 4 months ago
A + B. there is another diagram not shown on that question.
upvoted 2 times
...
Woody
2 years, 4 months ago
If the traffic log checkbox was not checked when creating the log forwarding profile, other logs will be sent but traffic log. I vote for B.
upvoted 1 times
...
lol12
2 years, 6 months ago
It is A. This question is missing network diagram with Panorama IP address 10.99.1.2
upvoted 2 times
...
ashmeow
2 years, 8 months ago
I think it should be B. There is no need to select a certificate, you can just use predefined, so I think that rules out D.
upvoted 1 times
...
JMIB
2 years, 8 months ago
B is the Answer 100%
upvoted 1 times
...
rquintana
2 years, 10 months ago
I vote for option B, if the log forwarding profile is None, any logs will be sent to Panorama.
upvoted 1 times
ChinkSantana
2 years, 10 months ago
\Are you planning to take the exam soon? Have you found any other materials beside from this? I plan to take by end of June
upvoted 1 times
...
...
Meko
2 years, 10 months ago
B - forgot to set the Log Forwording Profiles
upvoted 1 times
...
ThatIT
2 years, 12 months ago
Log Forwarding
upvoted 1 times
...
nostal
3 years ago
B & D both showing incorrect configuration, as in B we see log forwarding profiles set to none which means no syslog traffic will be sent, while in D we can no cert file selected for Panorama communication, but B may be better as it "would stop only Traffic logs"
upvoted 2 times
...
Frightened_Acrobat
3 years ago
B does make the most sense. A Log Forwarding profile can be configured to filter out certain logs using the Filter Builder.
upvoted 2 times
...
Frightened_Acrobat
3 years ago
Consider option C. This question is still on the PCNSE exam. I've seen it come up twice. I don't know that I'm getting it correct by choosing B. The question specifically says only Traffic logs are missing. If the Log Forwarding Profile is missing, this would affect Threat logs as well. In option C, there is a Syslog server. If you see the "Custom Log Format," you can change just the format for Traffic logs and this could break how Panorama ingests those logs. I couldn't find anything on Palo Alto networks sites, but here's forum where a Palo Alto user was having a similar issue with Splunk. https://community.splunk.com/t5/All-Apps-and-Add-ons/Custom-Log-Format-Parsing-issues/m-p/548818
upvoted 3 times
gfontenot10
3 years ago
I get the question, but syslog are normally for external monitoring like Splunk or Solarwinds. The Logging forwarding profile must be configured and it is set to none right now. Under log forwarding you can set different profiles for each log type - threat, traffic etc. This is where the answer really should be.
upvoted 4 times
...
...
AbuHussain
3 years, 1 month ago
The answer is B.
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago