https://community.cloudera.com/t5/Archives-of-Support-Questions/How-to-configure-BasicPaloAltoFirewallParser-any-java-parser/m-p/195915#M65620 <P>The issue was with logs which i was using. When i injected full logs from Paloalto firewall, the logs were being parsed, enriched and indexed.</P><P>Hopefully this will be helpfull for others.</P><P>Thanks,</P><P>Bharath</P> Thu, 03 Aug 2017 15:34:00 GMT bharath_phatak 2017-08-03T15:34:00Z https://community.cloudera.com/t5/Archives-of-Support-Questions/How-to-configure-BasicPaloAltoFirewallParser-any-java-parser/m-p/195914#M65619 <P>Hi All,</P><P>I am followed the steps mentioned in below link and setup SQUID topology. The logs are getting enriched and indexed and visible in Kibana.</P><P>Now i need to add BasicPaloAltoFirewallParser(Paloalto topology). Below is config json file.</P><P>{</P><P>"parserClassName":"org.apache.metron.parsers.paloalto.BasicPaloAltoFirewallParser", </P><P> "sensorTopic":"newPalto", </P><P> "parserConfig": { "timestampField": "timestamp" } </P><P>} </P><P>I dont see any errors, but the logs are not pushed into "enrichments" topic</P><P>Any help would be much appreciated.</P><P>Thanks</P> Thu, 27 Jul 2017 20:07:17 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/How-to-configure-BasicPaloAltoFirewallParser-any-java-parser/m-p/195914#M65619 bharath_phatak 2017-07-27T20:07:17Z https://community.cloudera.com/t5/Archives-of-Support-Questions/How-to-configure-BasicPaloAltoFirewallParser-any-java-parser/m-p/195915#M65620 <P>The issue was with logs which i was using. When i injected full logs from Paloalto firewall, the logs were being parsed, enriched and indexed.</P><P>Hopefully this will be helpfull for others.</P><P>Thanks,</P><P>Bharath</P> Thu, 03 Aug 2017 15:34:00 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/How-to-configure-BasicPaloAltoFirewallParser-any-java-parser/m-p/195915#M65620 bharath_phatak 2017-08-03T15:34:00Z