I'd say this is very much one of those 'it depends' questions. Some security teams are going to want as much data as you're willing to provide, and some will have very detailed things they're wanting to see. Depending upon the SIEM solution there's also a financial aspect as some vendors charge on your ingest volume and even in a moderately sized environment the PANW firewalls can be chatty.
I'd say this is very much one of those 'it depends' questions. Some security teams are going to want as much data as you're willing to provide, and some will have very detailed things they're wanting to see. Depending upon the SIEM solution there's also a financial aspect as some vendors charge on your ingest volume and even in a moderately sized environment the PANW firewalls can be chatty.