Palo Alto Networks

Strata Logging Service API

REST APIs for the Strata Logging Service (formerly Cortex Data Lake) providing log forwarding and query capabilities. The Log Forwarding API manages log forwarding profiles for syslog, HTTPS, and email destinations supporting CSV, LEEF, CEF, JSON, and PARQUET formats with up to 200 syslog destinations per instance. The Query Service API enables programmatic log retrieval and pagination across collected security telemetry data.

Documentation GitHub OpenAPI

Documentation

https://pan.dev/cdl/docs/log-forwarding/

Specifications

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/openapi/palo-alto-strata-logging-service-api-openapi-original.yml

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/asyncapi/palo-alto-strata-logging-forwarding-asyncapi-original.yml

Examples

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-forwarding-auth-log-payload-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-forwarding-threat-log-payload-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-forwarding-traffic-log-payload-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-forwarding-url-log-payload-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-forwarding-wildfire-log-payload-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-service-api-email-destination-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-service-api-email-destination-request-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-service-api-forwarding-status-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-service-api-https-destination-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-service-api-https-destination-request-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-service-api-log-forwarding-profile-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-service-api-log-forwarding-profile-request-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-service-api-syslog-destination-example.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/strata-logging-service-api-syslog-destination-request-example.json

Schemas & Data

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-forwarding-auth-log-payload-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-forwarding-threat-log-payload-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-forwarding-traffic-log-payload-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-forwarding-url-log-payload-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-forwarding-wildfire-log-payload-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-service-api-email-destination-request-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-service-api-email-destination-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-service-api-forwarding-status-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-service-api-https-destination-request-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-service-api-https-destination-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-service-api-log-forwarding-profile-request-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-service-api-log-forwarding-profile-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-service-api-syslog-destination-request-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-logging-service-api-syslog-destination-schema.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-forwarding-auth-log-payload-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-forwarding-threat-log-payload-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-forwarding-traffic-log-payload-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-forwarding-url-log-payload-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-forwarding-wildfire-log-payload-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-service-api-email-destination-request-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-service-api-email-destination-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-service-api-forwarding-status-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-service-api-https-destination-request-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-service-api-https-destination-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-service-api-log-forwarding-profile-request-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-service-api-log-forwarding-profile-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-service-api-syslog-destination-request-structure.json

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/strata-logging-service-api-syslog-destination-structure.json

Other Resources

https://pan.dev/cdl/docs/logforwarding/release-notes/relnotes/

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-ld/palo-alto-strata-logging-forwarding-context.jsonld

https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-ld/palo-alto-strata-logging-service-api-context.jsonld

OpenAPI Specification

openapi: 3.1.0
info:
  title: Palo Alto Networks Strata Logging Service API
  description: >-
    Strata Logging Service API (formerly Cortex Data Lake) for log forwarding
    configuration management. Provides programmatic control over log
    forwarding profiles and their destinations including syslog servers,
    HTTPS endpoints, and email recipients. Enables centralized management
    of where SASE and NGFW log data is forwarded for SIEM integration,
    compliance archival, and security operations workflows.
  version: '1.0'
  contact:
    name: Palo Alto Networks Developer Support
    url: https://pan.dev/
  license:
    name: Proprietary
    url: https://www.paloaltonetworks.com/legal
servers:
- url: https://api.sase.paloaltonetworks.com/logging-service/v1
  description: Strata Logging Service API production server.
security:
- oauth2Bearer: []
tags:
- name: Email Destinations
  description: Email forwarding destination management.
- name: HTTPS Destinations
  description: HTTPS forwarding destination management.
- name: Log Forwarding Profiles
  description: Log forwarding profile management.
- name: Syslog Destinations
  description: Syslog forwarding destination management.
paths:
  /log-forwarding-profiles:
    get:
      operationId: listLogForwardingProfiles
      summary: Palo Alto Networks List Log Forwarding Profiles
      description: >-
        Returns the list of log forwarding profiles configured for the
        tenant. Each profile can have multiple destinations of different
        types and defines which log types are forwarded.
      tags:
      - Log Forwarding Profiles
      parameters:
      - name: offset
        in: query
        description: Number of results to skip for pagination.
        schema:
          type: integer
          default: 0
        example: 0
      - name: limit
        in: query
        description: Maximum number of profiles to return.
        schema:
          type: integer
          default: 50
          maximum: 200
        example: 50
      responses:
        '200':
          description: Log forwarding profiles returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  total:
                    type: integer
                  offset:
                    type: integer
                  limit:
                    type: integer
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/LogForwardingProfile'
              examples:
                ListLogForwardingProfiles200Example:
                  summary: Default listLogForwardingProfiles 200 response
                  x-microcks-default: true
                  value:
                    total: 43
                    offset: 34
                    limit: 885
                    items:
                    - profile_id: '960762'
                      name: Branch Sensor 06
                      description: Threat monitoring investigation activity configured rule firewall traffic blocked investigation suspicious monitoring.
                      log_types: &id001
                      - config
                      enabled: false
                      destination_count: 931
                      created_at: '2026-06-18T01:07:29Z'
                      updated_at: '2026-10-01T15:28:36Z'
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                ListLogForwardingProfiles401Example:
                  summary: Default listLogForwardingProfiles 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                ListLogForwardingProfiles403Example:
                  summary: Default listLogForwardingProfiles 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                ListLogForwardingProfiles500Example:
                  summary: Default listLogForwardingProfiles 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    post:
      operationId: createLogForwardingProfile
      summary: Palo Alto Networks Create Log Forwarding Profile
      description: >-
        Creates a new log forwarding profile. After creating a profile,
        add destinations using the destination-specific endpoints.
      tags:
      - Log Forwarding Profiles
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LogForwardingProfileRequest'
            examples:
              CreateLogForwardingProfileRequestExample:
                summary: Default createLogForwardingProfile request
                x-microcks-default: true
                value:
                  name: Staging Gateway 28
                  description: Applied detected endpoint blocked malware detected suspicious Security on investigation configured endpoint.
                  log_types: &id002
                  - auth
                  enabled: true
      responses:
        '201':
          description: Log forwarding profile created successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogForwardingProfile'
              examples:
                CreateLogForwardingProfile201Example:
                  summary: Default createLogForwardingProfile 201 response
                  x-microcks-default: true
                  value:
                    profile_id: '960762'
                    name: Branch Sensor 06
                    description: Threat monitoring investigation activity configured rule firewall traffic blocked investigation suspicious monitoring.
                    log_types: *id001
                    enabled: false
                    destination_count: 931
                    created_at: '2026-06-18T01:07:29Z'
                    updated_at: '2026-10-01T15:28:36Z'
        '400':
          description: Invalid request body.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateLogForwardingProfile400Example:
                  summary: Default createLogForwardingProfile 400 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateLogForwardingProfile401Example:
                  summary: Default createLogForwardingProfile 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateLogForwardingProfile403Example:
                  summary: Default createLogForwardingProfile 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateLogForwardingProfile500Example:
                  summary: Default createLogForwardingProfile 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /log-forwarding-profiles/{profile_id}:
    get:
      operationId: getLogForwardingProfile
      summary: Palo Alto Networks Get Log Forwarding Profile
      description: Returns full details for a specific log forwarding profile.
      tags:
      - Log Forwarding Profiles
      parameters:
      - name: profile_id
        in: path
        required: true
        description: Unique identifier of the log forwarding profile.
        schema:
          type: string
        example: '275381'
      responses:
        '200':
          description: Log forwarding profile details returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogForwardingProfile'
              examples:
                GetLogForwardingProfile200Example:
                  summary: Default getLogForwardingProfile 200 response
                  x-microcks-default: true
                  value:
                    profile_id: '960762'
                    name: Branch Sensor 06
                    description: Threat monitoring investigation activity configured rule firewall traffic blocked investigation suspicious monitoring.
                    log_types: *id001
                    enabled: false
                    destination_count: 931
                    created_at: '2026-06-18T01:07:29Z'
                    updated_at: '2026-10-01T15:28:36Z'
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetLogForwardingProfile401Example:
                  summary: Default getLogForwardingProfile 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetLogForwardingProfile403Example:
                  summary: Default getLogForwardingProfile 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '404':
          description: Log forwarding profile not found.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetLogForwardingProfile404Example:
                  summary: Default getLogForwardingProfile 404 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                GetLogForwardingProfile500Example:
                  summary: Default getLogForwardingProfile 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    put:
      operationId: updateLogForwardingProfile
      summary: Palo Alto Networks Update Log Forwarding Profile
      description: Updates an existing log forwarding profile configuration.
      tags:
      - Log Forwarding Profiles
      parameters:
      - name: profile_id
        in: path
        required: true
        description: Unique identifier of the log forwarding profile to update.
        schema:
          type: string
        example: '711652'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LogForwardingProfileRequest'
            examples:
              UpdateLogForwardingProfileRequestExample:
                summary: Default updateLogForwardingProfile request
                x-microcks-default: true
                value:
                  name: Staging Gateway 28
                  description: Applied detected endpoint blocked malware detected suspicious Security on investigation configured endpoint.
                  log_types: *id002
                  enabled: true
      responses:
        '200':
          description: Log forwarding profile updated successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogForwardingProfile'
              examples:
                UpdateLogForwardingProfile200Example:
                  summary: Default updateLogForwardingProfile 200 response
                  x-microcks-default: true
                  value:
                    profile_id: '960762'
                    name: Branch Sensor 06
                    description: Threat monitoring investigation activity configured rule firewall traffic blocked investigation suspicious monitoring.
                    log_types: *id001
                    enabled: false
                    destination_count: 931
                    created_at: '2026-06-18T01:07:29Z'
                    updated_at: '2026-10-01T15:28:36Z'
        '400':
          description: Invalid request body.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                UpdateLogForwardingProfile400Example:
                  summary: Default updateLogForwardingProfile 400 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                UpdateLogForwardingProfile401Example:
                  summary: Default updateLogForwardingProfile 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                UpdateLogForwardingProfile403Example:
                  summary: Default updateLogForwardingProfile 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '404':
          description: Log forwarding profile not found.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                UpdateLogForwardingProfile404Example:
                  summary: Default updateLogForwardingProfile 404 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                UpdateLogForwardingProfile500Example:
                  summary: Default updateLogForwardingProfile 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    delete:
      operationId: deleteLogForwardingProfile
      summary: Palo Alto Networks Delete Log Forwarding Profile
      description: Deletes a log forwarding profile and all associated destinations.
      tags:
      - Log Forwarding Profiles
      parameters:
      - name: profile_id
        in: path
        required: true
        description: Unique identifier of the log forwarding profile to delete.
        schema:
          type: string
        example: '254293'
      responses:
        '204':
          description: Log forwarding profile deleted successfully.
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                DeleteLogForwardingProfile401Example:
                  summary: Default deleteLogForwardingProfile 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                DeleteLogForwardingProfile403Example:
                  summary: Default deleteLogForwardingProfile 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '404':
          description: Log forwarding profile not found.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                DeleteLogForwardingProfile404Example:
                  summary: Default deleteLogForwardingProfile 404 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                DeleteLogForwardingProfile500Example:
                  summary: Default deleteLogForwardingProfile 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /log-forwarding-profiles/{profile_id}/destinations/syslog:
    get:
      operationId: listSyslogDestinations
      summary: Palo Alto Networks List Syslog Destinations
      description: Returns the syslog destinations configured for a log forwarding profile.
      tags:
      - Syslog Destinations
      parameters:
      - name: profile_id
        in: path
        required: true
        description: Unique identifier of the log forwarding profile.
        schema:
          type: string
        example: '415149'
      responses:
        '200':
          description: Syslog destinations returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  total:
                    type: integer
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/SyslogDestination'
              examples:
                ListSyslogDestinations200Example:
                  summary: Default listSyslogDestinations 200 response
                  x-microcks-default: true
                  value:
                    total: 773
                    items:
                    - destination_id: '414925'
                      name: Staging Firewall 26
                      server: example-server
                      port: 226
                      protocol: TCP
                      format: IETF
                      facility: example-facility
                      enabled: false
                      created_at: '2025-03-07T13:34:55Z'
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                ListSyslogDestinations401Example:
                  summary: Default listSyslogDestinations 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                ListSyslogDestinations403Example:
                  summary: Default listSyslogDestinations 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '404':
          description: Log forwarding profile not found.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                ListSyslogDestinations404Example:
                  summary: Default listSyslogDestinations 404 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                ListSyslogDestinations500Example:
                  summary: Default listSyslogDestinations 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
    post:
      operationId: createSyslogDestination
      summary: Palo Alto Networks Create Syslog Destination
      description: Adds a syslog destination to a log forwarding profile.
      tags:
      - Syslog Destinations
      parameters:
      - name: profile_id
        in: path
        required: true
        description: Unique identifier of the log forwarding profile.
        schema:
          type: string
        example: '907964'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SyslogDestinationRequest'
            examples:
              CreateSyslogDestinationRequestExample:
                summary: Default createSyslogDestination request
                x-microcks-default: true
                value:
                  name: Branch Sensor 93
                  server: example-server
                  port: 20582
                  protocol: SSL
                  format: IETF
                  facility: LOG_USER
                  enabled: true
      responses:
        '201':
          description: Syslog destination created successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SyslogDestination'
              examples:
                CreateSyslogDestination201Example:
                  summary: Default createSyslogDestination 201 response
                  x-microcks-default: true
                  value:
                    destination_id: '414925'
                    name: Staging Firewall 26
                    server: example-server
                    port: 226
                    protocol: TCP
                    format: IETF
                    facility: example-facility
                    enabled: false
                    created_at: '2025-03-07T13:34:55Z'
        '400':
          description: Invalid request body.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateSyslogDestination400Example:
                  summary: Default createSyslogDestination 400 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '401':
          description: Invalid or missing Bearer token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateSyslogDestination401Example:
                  summary: Default createSyslogDestination 401 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '403':
          description: Insufficient permissions.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateSyslogDestination403Example:
                  summary: Default createSyslogDestination 403 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '404':
          description: Log forwarding profile not found.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateSyslogDestination404Example:
                  summary: Default createSyslogDestination 404 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                CreateSyslogDestination500Example:
                  summary: Default createSyslogDestination 500 response
                  x-microcks-default: true
                  value:
                    error: example-error
                    message: Monitoring investigation network on activity investigation blocked malware alert activity rule activity.
                    request_id: 59fcc104-7100-494b-b0c4-09f9dcc477d9
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /log-forwarding-profiles/{profile_id}/destinations/https:
    get:
      operationId: listHTTPSDestinations
      summary: Palo Alto Networks List HTTPS Destinations
      description: Returns the HTTPS destinations configured for a log forwarding profile.
      tags:
      - HTTPS Destinations
      parameters:
      - name: profile_id
        

# --- truncated at 32 KB (66 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/openapi/palo-alto-strata-logging-service-api-openapi-original.yml