====== WildFire Syslogs ======
===== Critical =====
This happened when Palo Alto Networks let their wildfire certificate expire in early 2020.
<code>( subtype eq wildfire ) and ( severity eq critical )</code>
<code>( eventid eq wildfire-auth-failed ) and ( description contains 'Validation of Local client certificate failed resulting in error 58, Problem with the local SSL certificate' )</code>

===== Medium =====
<code>( subtype eq wildfire ) and ( severity eq medium )</code>
<code>( eventid eq wildfire-conn-success ) and ( description contains 'Successfully registered to Public Cloud wildfire.paloaltonetworks.com' )</code>
<code>( eventid eq wildfire-conn-failed ) and ( description contains 'Failed to resolve host panos.wildfire.paloaltonetworks.com' )</code>

===== Informational =====

<code>( subtype eq wildfire ) and ( severity eq informational )</code>
<code>( eventid eq wildfire-auth-failed ) and ( description contains 'Failed to connect to proxy (no proxy) or host panos.wildfire.paloaltonetworks.com' )</code>
<code>( eventid eq wildfire-conn-failed ) and ( description contains 'Failed to perform task resulting in connection timeout with WildFire Cloud panos.wildfire.paloaltonetworks.com' )</code>