Palo Alto Networks Cortex
  • 1 minute to read
  • Print
  • Share
  • Dark
    Light

Palo Alto Networks Cortex

  • Print
  • Share
  • Dark
    Light

The Palo Alto Networks Cortex adapter uses the Palo Alto Networks Cortex Hub to get information about Traps and GlobalProtect agents.

To connect the Palo Alto Cortex adapter, the adapter communicates with an Axonius Cloud endpoint that is authorized to get information from the Cortex hub.

The Adapter requires the following parameters:

  1. API Key - An API key given by Axonius Cloud
  2. HTTPS Proxy (optional) - Enter details if the connection to the API requires a proxy.
  3. Choose Instance - If you are using multi-nodes, choose the Axonius node that is integrated with the adapter. By default, the 'Master' Axonius node (instance) is used. For details, see Connecting Additional Axonius Nodes

image.png

How to create an API Key

In order to authorize Axonius to pull data from Cortex Hub, follow these steps:

  1. Log intoCortex Hub, then find the Axonius app and activate it.

  2. After activating it, click on the Axonius app from the main portal
    image.png

  3. You will be redirected to the Axonius Cloud website. Log in or sign up to proceed
    image.png

  4. After logging in for the first time, the Axonius app will request for a readonly access for the logging services. Select 'Read Logging Services' and click Allow
    image.png

  5. In the Axonius Cloud website, click Integrations on the left menu to reach the integrations page. Then copy the API Key for the Palo Alto Networks Cortex integration

image.png

  1. In Axonius, go to the Palo Alto Networks Cortex adapter, then add a new client and paste the API Key.
Was this article helpful?