Syslog Server Profile Configuration Object
Overview
The SyslogServerProfile class facilitates the management of Syslog Server Profile objects in Palo Alto Networks' Strata Cloud Manager. Syslog Server Profiles define configurations for syslog servers that can receive logs from the Strata Cloud Manager.
The SyslogServerProfile class inherits from the BaseObject class and provides methods for creating, retrieving, updating, listing, and deleting syslog server profile configurations.
Core Methods
| Method | Description | Parameters | Return Type |
|---|---|---|---|
create |
Creates a new syslog server profile | data (Dict[str, Any]): Profile data |
SyslogServerProfileResponseModel |
get |
Retrieves a syslog server profile by ID | object_id (str): Profile ID |
SyslogServerProfileResponseModel |
update |
Updates an existing syslog server profile | syslog_server_profile (SyslogServerProfileUpdateModel): Update data |
SyslogServerProfileResponseModel |
delete |
Deletes a syslog server profile | object_id (str): Profile ID |
None |
list |
Lists syslog server profiles with optional filtering | See list parameters | List[SyslogServerProfileResponseModel] |
fetch |
Retrieves a single syslog server profile by name | See fetch parameters | SyslogServerProfileResponseModel |
List Method Parameters
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
folder |
Optional[str] | No* | None | Folder in which the profiles are defined |
snippet |
Optional[str] | No* | None | Snippet in which the profiles are defined |
device |
Optional[str] | No* | None | Device in which the profiles are defined |
exact_match |
bool | No | False | If True, only return profiles whose container exactly matches |
exclude_folders |
Optional[List[str]] | No | None | List of folder names to exclude |
exclude_snippets |
Optional[List[str]] | No | None | List of snippet values to exclude |
exclude_devices |
Optional[List[str]] | No | None | List of device values to exclude |
**filters |
Any | No | None | Additional filters including transport (List[str]) and format (List[str]) |
* Exactly one of folder, snippet, or device must be provided.
Fetch Method Parameters
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
name |
str | Yes | - | The name of the syslog server profile |
folder |
Optional[str] | No* | None | Folder in which the profile is defined |
snippet |
Optional[str] | No* | None | Snippet in which the profile is defined |
device |
Optional[str] | No* | None | Device in which the profile is defined |
* Exactly one of folder, snippet, or device must be provided.
Syslog Server Profile Attributes
| Attribute | Type | Required | Description |
|---|---|---|---|
name |
str | Yes | The name of the syslog server profile (max length: 31) |
servers |
Dict[str, Any] | Yes | Dictionary of server configurations |
format |
Optional[FormatModel] | No | Format settings for different log types |
folder |
str | No* | The folder in which the resource is defined |
snippet |
str | No* | The snippet in which the resource is defined |
device |
str | No* | The device in which the resource is defined |
id |
UUID | Response only | The UUID of the syslog server profile (response only) |
* Exactly one of folder, snippet, or device must be provided.
Server Configuration Attributes
| Attribute | Type | Required | Description |
|---|---|---|---|
name |
str | Yes | Syslog server name |
server |
str | Yes | Syslog server address |
transport |
Literal["UDP", "TCP"] | Yes | Transport protocol for the syslog server |
port |
int | Yes | Syslog server port (1-65535) |
format |
Literal["BSD", "IETF"] | Yes | Syslog format |
facility |
Literal["LOG_USER", "LOG_LOCAL0", ...] | Yes | Syslog facility |
Exceptions
| Exception | HTTP Code | Description |
|---|---|---|
InvalidObjectError |
400 | Invalid input data (e.g., invalid max_limit, invalid container parameters) |
MissingQueryParameterError |
400 | Required parameter is missing or empty (e.g., empty folder name) |
InvalidObjectError |
500 | Invalid response format from the API |
Basic Configuration
# Import the clientfrom scm.client import Scm
# Create API client instanceclient = Scm(
client_id="your-client-id",
client_secret="your-client-secret",
tsg_id="your-tenant-id",
)
# Access syslog server profiles directly through the client# No need to initialize a separate SyslogServerProfile object# You can customize max_limit for syslog server profiles when initializing the clientclient = Scm(
client_id="your-client-id",
client_secret="your-client-secret",
tsg_id="your-tenant-id",
syslog_server_profile_max_limit=1000 # Default max_limit is 2500 (1-5000)
)
# Create API client instanceclient = Scm(
client_id="your-client-id",
client_secret="your-client-secret",
tsg_id="your-tenant-id",
)
# Access syslog server profiles directly through the client# No need to initialize a separate SyslogServerProfile object# You can customize max_limit for syslog server profiles when initializing the clientclient = Scm(
client_id="your-client-id",
client_secret="your-client-secret",
tsg_id="your-tenant-id",
syslog_server_profile_max_limit=1000 # Default max_limit is 2500 (1-5000)
)
Usage Examples
Creating a Syslog Server Profile
# Create a basic syslog server profile with a single UDP serversyslog_profile = client.syslog_server_profile.create({
"name": "my-syslog-profile",
"servers": {
"server1": {
"name": "server1",
"server": "192.168.1.100",
"transport": "UDP",
"port": 514,
"format": "BSD",
"facility": "LOG_USER"
}
},
"folder": "Prisma Access"
})
# Create a profile with TCP serverstcp_profile = client.syslog_server_profile.create({
"name": "tcp-logging-profile",
"servers": {
"primary": {
"name": "primary",
"server": "logs.example.com",
"transport": "TCP",
"port": 1514,
"format": "IETF",
"facility": "LOG_LOCAL0"
},
"backup": {
"name": "backup",
"server": "backup-logs.example.com",
"transport": "TCP",
"port": 1514,
"format": "IETF",
"facility": "LOG_LOCAL1"
}
},
"format": {
"traffic": "traffic-format",
"threat": "threat-format",
"system": "system-format"
},
"folder": "Prisma Access"
})
# Print the created profile IDprint(f"Created profile with ID: {tcp_profile.id}")
"name": "my-syslog-profile",
"servers": {
"server1": {
"name": "server1",
"server": "192.168.1.100",
"transport": "UDP",
"port": 514,
"format": "BSD",
"facility": "LOG_USER"
}
},
"folder": "Prisma Access"
})
# Create a profile with TCP serverstcp_profile = client.syslog_server_profile.create({
"name": "tcp-logging-profile",
"servers": {
"primary": {
"name": "primary",
"server": "logs.example.com",
"transport": "TCP",
"port": 1514,
"format": "IETF",
"facility": "LOG_LOCAL0"
},
"backup": {
"name": "backup",
"server": "backup-logs.example.com",
"transport": "TCP",
"port": 1514,
"format": "IETF",
"facility": "LOG_LOCAL1"
}
},
"format": {
"traffic": "traffic-format",
"threat": "threat-format",
"system": "system-format"
},
"folder": "Prisma Access"
})
# Print the created profile IDprint(f"Created profile with ID: {tcp_profile.id}")
Retrieving a Syslog Server Profile
# Get profile by IDprofile_id = "123e4567-e89b-12d3-a456-426655440000"
syslog_profile = client.syslog_server_profile.get(profile_id)
# Access profile attributesprint(f"Profile Name: {syslog_profile.name}")
print(f"Number of servers: {len(syslog_profile.servers)}")
for server_name, server_data in syslog_profile.servers.items():
print(f" - {server_name}: {server_data['transport']}://{server_data['server']}:{server_data['port']}")
# Fetch profile by name (requires exactly one container parameter)profile_by_name = client.syslog_server_profile.fetch(
name="tcp-logging-profile",
folder="Prisma Access"
)
syslog_profile = client.syslog_server_profile.get(profile_id)
# Access profile attributesprint(f"Profile Name: {syslog_profile.name}")
print(f"Number of servers: {len(syslog_profile.servers)}")
for server_name, server_data in syslog_profile.servers.items():
print(f" - {server_name}: {server_data['transport']}://{server_data['server']}:{server_data['port']}")
# Fetch profile by name (requires exactly one container parameter)profile_by_name = client.syslog_server_profile.fetch(
name="tcp-logging-profile",
folder="Prisma Access"
)
Updating a Syslog Server Profile
from scm.models.objects import SyslogServerProfileUpdateModel
import uuid
# First, get the current profileexisting_profile = client.syslog_server_profile.get("123e4567-e89b-12d3-a456-426655440000")
# Create an update model with modified serversupdate_data = {
"id": existing_profile.id,
"name": existing_profile.name,
"servers": {
"primary": {
"name": "primary",
"server": "new-logs.example.com", # Updated server address
"transport": "TCP",
"port": 1514,
"format": "IETF",
"facility": "LOG_LOCAL0"
},
"backup": {
"name": "backup",
"server": "backup-logs.example.com",
"transport": "TCP",
"port": 1514,
"format": "IETF",
"facility": "LOG_LOCAL1"
}
},
"folder": "Prisma Access"
}
# Convert to update modelupdate_model = SyslogServerProfileUpdateModel(**update_data)
# Update the profileupdated_profile = client.syslog_server_profile.update(update_model)
import uuid
# First, get the current profileexisting_profile = client.syslog_server_profile.get("123e4567-e89b-12d3-a456-426655440000")
# Create an update model with modified serversupdate_data = {
"id": existing_profile.id,
"name": existing_profile.name,
"servers": {
"primary": {
"name": "primary",
"server": "new-logs.example.com", # Updated server address
"transport": "TCP",
"port": 1514,
"format": "IETF",
"facility": "LOG_LOCAL0"
},
"backup": {
"name": "backup",
"server": "backup-logs.example.com",
"transport": "TCP",
"port": 1514,
"format": "IETF",
"facility": "LOG_LOCAL1"
}
},
"folder": "Prisma Access"
}
# Convert to update modelupdate_model = SyslogServerProfileUpdateModel(**update_data)
# Update the profileupdated_profile = client.syslog_server_profile.update(update_model)
Listing Syslog Server Profiles
# List all profiles in a folderall_profiles = client.syslog_server_profile.list(folder="Prisma Access")
# List profiles with exact container matchexact_profiles = client.syslog_server_profile.list(
folder="Prisma Access",
exact_match=True
)
# List profiles with filteringudp_only_profiles = client.syslog_server_profile.list(
folder="Prisma Access",
transport=["UDP"] # Only profiles with UDP servers
)
# List profiles with format filteringietf_profiles = client.syslog_server_profile.list(
folder="Prisma Access",
format=["IETF"] # Only profiles with IETF format servers
)
# List profiles with exclusionsfiltered_profiles = client.syslog_server_profile.list(
folder="Prisma Access",
exclude_folders=["Temporary", "Test"]
)
# Print profile informationfor profile in filtered_profiles:
print(f"ID: {profile.id}, Name: {profile.name}")
for server_name, server_data in profile.servers.items():
print(f" Server: {server_name} - {server_data['transport']}://{server_data['server']}:{server_data['port']}")
# List profiles with exact container matchexact_profiles = client.syslog_server_profile.list(
folder="Prisma Access",
exact_match=True
)
# List profiles with filteringudp_only_profiles = client.syslog_server_profile.list(
folder="Prisma Access",
transport=["UDP"] # Only profiles with UDP servers
)
# List profiles with format filteringietf_profiles = client.syslog_server_profile.list(
folder="Prisma Access",
format=["IETF"] # Only profiles with IETF format servers
)
# List profiles with exclusionsfiltered_profiles = client.syslog_server_profile.list(
folder="Prisma Access",
exclude_folders=["Temporary", "Test"]
)
# Print profile informationfor profile in filtered_profiles:
print(f"ID: {profile.id}, Name: {profile.name}")
for server_name, server_data in profile.servers.items():
print(f" Server: {server_name} - {server_data['transport']}://{server_data['server']}:{server_data['port']}")
Pagination and Max Limit
# Create client with custom pagination limit for syslog server profilesclient = Scm(
client_id="your-client-id",
client_secret="your-client-secret",
tsg_id="your-tenant-id",
syslog_server_profile_max_limit=1000
)
# List profiles with the custom pagination limitprofiles = client.syslog_server_profile.list(folder="Prisma Access")
print(f"Retrieved {len(profiles)} profiles")
# The max_limit is automatically capped at 5000 (the API's maximum)
client_id="your-client-id",
client_secret="your-client-secret",
tsg_id="your-tenant-id",
syslog_server_profile_max_limit=1000
)
# List profiles with the custom pagination limitprofiles = client.syslog_server_profile.list(folder="Prisma Access")
print(f"Retrieved {len(profiles)} profiles")
# The max_limit is automatically capped at 5000 (the API's maximum)
Deleting a Syslog Server Profile
# Delete a profile by IDprofile_id = "123e4567-e89b-12d3-a456-426655440000"
client.syslog_server_profile.delete(profile_id)
print(f"Profile {profile_id} deleted successfully")
client.syslog_server_profile.delete(profile_id)
print(f"Profile {profile_id} deleted successfully")
Error Handling
from scm.exceptions import InvalidObjectError, MissingQueryParameterError
try:
# Attempt to list profiles with invalid container parameters
profiles = client.syslog_server_profile.list() # No container specified
except InvalidObjectError as e:
print(f"Invalid object error: {e.message}")
print(f"Error code: {e.error_code}")
print(f"HTTP status: {e.http_status_code}")
print(f"Details: {e.details}")
try:
# Attempt to fetch a profile with an empty folder name
profile = client.syslog_server_profile.fetch(name="my-profile", folder="")
except MissingQueryParameterError as e:
print(f"Missing parameter error: {e.message}")
try:
# Attempt to filter by transport with invalid type
profiles = client.syslog_server_profile.list(
folder="Prisma Access",
transport="UDP" # Should be a list
)
except InvalidObjectError as e:
print(f"Invalid filter error: {e.message}")
try:
# Attempt to list profiles with invalid container parameters
profiles = client.syslog_server_profile.list() # No container specified
except InvalidObjectError as e:
print(f"Invalid object error: {e.message}")
print(f"Error code: {e.error_code}")
print(f"HTTP status: {e.http_status_code}")
print(f"Details: {e.details}")
try:
# Attempt to fetch a profile with an empty folder name
profile = client.syslog_server_profile.fetch(name="my-profile", folder="")
except MissingQueryParameterError as e:
print(f"Missing parameter error: {e.message}")
try:
# Attempt to filter by transport with invalid type
profiles = client.syslog_server_profile.list(
folder="Prisma Access",
transport="UDP" # Should be a list
)
except InvalidObjectError as e:
print(f"Invalid filter error: {e.message}")
Best Practices
Client Usage
- Use the unified client interface (
client.syslog_server_profile) for simpler code - Initialize the client once and reuse across different object types
- Set appropriate max_limit parameters during client initialization
Container Management
- Always specify exactly one container type (folder, snippet, or device) in operations
- Use consistent container references across operations for the same profiles
- Consider environment-specific folder structures for organization
Performance
- Set an appropriate
syslog_server_profile_max_limitwhen initializing the client - Use specific filters to reduce the number of results when listing profiles
- Use
exact_match=Truewhen you know the exact container path - Consider pagination for large datasets
Error Handling
- Always handle specific exceptions (
InvalidObjectError,MissingQueryParameterError) - Implement retry logic for transient network errors
- Log detailed error information for troubleshooting
Syslog Server Configuration
- Follow RFC 3164 (BSD) or RFC 5424 (IETF) standards for syslog messages
- Consider using TCP transport for critical logs where reliability is important
- Use appropriate syslog facilities to categorize different types of logs
- Configure server redundancy for critical logging
Example Script
See a complete example script for syslog server profiles in the examples directory.
Related Models
- Syslog Server Profile Models - Pydantic models for syslog server profiles