ABC: https://docs.paloaltonetworks.com/best-practices/10-1/user-id-best-practices/user-id-best-practices/user-id-best-practices-for-dynamic-user-groups
Identity the user information sources for the tags:
Firewall logs
For Authentication, Data, Threat, Traffic, Tunnel Inspection, URL, and WildFire logs, create a log forwarding profile and use the Built-In Actions.
For User-ID, HIP Match, GlobalProtect, and IP-Tag logs, configure the log settings.
Cortex XSOAR
Security Information and Event Management Systems (SIEMS), such as Splunk
Custom API scripts
Firewall logs: The firewall can use auto-tagging to automatically add or remove members of dynamic user groups based on events in the logs12.
Custom API scripts: To dynamically register tags, you can use the XML API123.
Security Information and Event Management Systems (SIEMS), such as Splunk: While not explicitly mentioned, SIEM systems could potentially interact with the Palo Alto Networks firewall via the XML API to dynamically register tags123.
Therefore, the correct options from your list would be A, B, and C. Options D and E are not typically used as information sources for tagging users to dynamic user groups in Palo Alto PAN-OS
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
BC1c1c
Highly Voted 1 year, 8 months ago[Removed]
Most Recent 1 week agocjace
3 weeks, 1 day agoclaudio392
9 months, 3 weeks agohdrnzienlaoroljol
1 year agokhaled_ellaboudy
1 year, 3 months agoNajmmm
1 year, 7 months ago