Select the syslog server profile for forwarding threat logs to the configured sever.
Now, select the syslog server profile that we created above in the log forwarding profile as show below.
Ensure that you select the log forwarding profile corresponding to Informational Severity.
Logging HTTP Header Fields
Starting PAN-OS 6.1 and later the URL Filtering Log now has a separate column for X-FORWARDED-FOR value from the HTTP header which can used to track the orginal IP address when we proxy for outbound connection.
Go to the Settings tab in a URL Filtering Profile and ensure that all three fields (User-Agent, Referer, and X-forwarded-For) in HTTP Header logging settings are enabled as shown below.
Note: A valid URL filtering license is required to configure and enable URL filtering profile.
In the Security Policy rule, under Action section, select the Log Forwarding Profile and the URL Filtering Profile that we have created in the above steps to bind them in to a security policy.
The demo screenshot is given below.