URL logs uploaded from PAN to SpanVA Receive "Input file does not contain log messages required by Audit" error in the CloudSOC Datasource Details Pane.
SpanVA 1.15.3.151.0 and prior releases
Palo Alto Network firewall generates separate Traffic and URL log files. The URL log files do not have all the headers required to be processed.
The Audit technical documentation specified that both files should be combined in a single archive before upload or transfer to the CloudSOC Audit app. Alternatively, the customer should upload both traffic and URL log files within an hour timeframe.
Please check the Palo Alto log formats techdoc for more info.