palo alto syslog lexicon system setup configuration esx storage vmware pan-os firewall mesh windows monitor data custom sourcetype tag identify indexing
Honeycomb Lexicon comes with a large set of knowledge of popular data types and sources.
For data from sources that are unique to your organization or other unrecognized sources, Lexicon still stores and indexes the data, marking it as sourcetype ‘generic’.
This How To article describes the steps to mark this data to any sourcetype you like.
For example, if you have data in log files generated from a custom Web Server Application, the steps below will show you how to tag this data as a ‘webapp’ source type.
Honeycomb Palo Alto Next Generation App!
This post outlines some useful guidelines and best practices prior to installing the Honeycomb Lexicon® and mesh® services.
This post walks through the steps to integrate Palo Alto firewall data into Honeycomb Lexicon. Palo Alto next-generation firewalls provide a vast wealth of protection and visibility right through the network stack. Integrating Palo Alto firewall data into Honeycomb Lexicon leverages this data, and allows you to easily visualize data patterns, as well as correlate its data with the rest of your network.
Today's post talks about the configuration and setup for sending and receiving VMWare ESX host logs and system events into Honeycomb Lexicon.