PAN Global Protect 9.1.3+ Template skips field, breaks parsing

[kingzacko1]

Description

The Global Protect template for PAN 9.1+ logs incorrectly parses fields 36-41 because of a missed High Res Timestamp field. This results in error logs in the messages and, if using Illuminate, potentially index failures due to incorrect field types.

This is a duplicate of a previously triaged Graylog2/graylog2-server#14363. I created this issue before noticing that one and should have just migrated it over.

Steps To Reproduce

1. Set up a PAN 9.x+ input
2. send the following log to it 1,2023/03/15 12:00:37,019901000640,GLOBALPROTECT,0,2561,2023/03/13 12:00:37,vsys1,gateway-auth,login,SAML,,Hxxxxxx@bxxxxxx.xxx,US,Hadleys-MacBook-Pro,8.8.8.8,0.0.0.0,0.0.0.0,0.0.0.0,3c:06:30:14:dc:67,FVFG24VHQ05D,5.2.12,Mac,"Apple Mac OS X 11.4.0",1,,,,success,,0,on-demand,0,Bxxxxxxx-GP-Gateway,7209637389893909565,0x8000000000000000,2023-03-13T12:00:38.468-06:00,auto,0,manual only,,vxxx.bxxxxx.xxxx,17,18,24,2643,,fw-xxxxx-101mec-204-01,1
3. Notice in the logs an error similar to ERROR [PaloAltoTypeParser] Error parsing field application_response_time, auto is not a valid numeric value

see #1283 for discussion

Relevant links: PAN Docs show correct log format

PAN KB Article shows priority integer values are related to a priority string value that seems to be being used in log messages

Environment

• Graylog Version: 5.0