Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA) — Question 14

What functionality of the Broker VM would you use to ingest third-party firewall logs to the Cortex Data Lake?

Answer options

• A. Netflow Collector
• B. Syslog Collector
• C. DB Collector
• D. Pathfinder

Correct answer: B

Explanation

The Syslog Collector is specifically designed to receive and process syslog messages, which is the format commonly used by third-party firewalls to send logs. The other options, such as Netflow Collector and DB Collector, serve different purposes, like collecting network flow data or database logs, and are not suitable for this task.