Palo Alto Networks XSIAM Analyst — Question 1

Which dataset should an analyst search when looking for Palo Alto Networks NGFW logs?

Answer options

• A. dataset = pan_dss_raw
• B. dataset = ngfw_threat_panw_raw
• C. dataset = panw_ngfw_traffic_raw
• D. dataset = ngfw*

Correct answer: C

Explanation

The correct answer is C, as 'dataset = panw_ngfw_traffic_raw' specifically pertains to traffic logs from Palo Alto Networks' NGFW. Options A and B do not directly relate to traffic logs, and D is too broad, encompassing all datasets that start with 'ngfw' without specifying the relevant traffic dataset.