Palo Alto Networks System Engineer – SASE — Question 32

How can a network engineer export all flow logs and security actions to a security information and event management (SIEM) system?

Answer options

• A. Enable syslog on the Instant-On Network (ION) device.
• B. Use a zone-based firewall to export directly through application program interface (API) to the SIEM.
• C. Enable Simple Network Management Protocol (SNMP) on the Instant-On Network (ION) device.
• D. Use the centralized flow data-export tool built into the controller.

Correct answer: A

Explanation

The correct answer is A because enabling syslog on the Instant-On Network (ION) device allows for the export of logs to a SIEM system. Options B and D do not directly export logs in the same manner, and C is incorrect as SNMP is not typically used for exporting flow logs and security actions to a SIEM.