Details
Palo Alto Networks provides a public server where customers can directly upload core files to their cases and reach support. The server is under the FQDN: tacupload.paloaltonetworks.com
The use case allows customers to directly send core files from the devices to the server. Usually, when there isn't a local SCP or TFTP server on the network and the core files are required for further analysis, the following steps are a good solution.
Note: Have the case number and the email of the case contact nearby--these items are required to authenticate the user to the tacupload server.
Steps
Find the core files on the system to provide to support.
- To see the core files:
> show system files
The output should be similar to this:
/var/cores/:total 6.9M
drwxrwxrwx 2 root root 4.0K Jun 23 17:53 crashinfo
-rw-r--r-- 1 root root 6.9M Jun 23 18:00 sslvpn_6.0.2_0.tar.gz
/var/cores/crashinfo:
total 32K
-rw-rw-rw- 1 root root 24K Jun 13 11:05 mgmtsrvr_6.0.2_0.info
-rw-rw-rw- 1 root root 6.6K Jun 23 17:53 sslvpn_6.0.2_0.info
- Export the file using SCP.
Use the case number as the user (in the 00xxxxxx format) and the full email of the case contact as the password:
> scp export core-file management-plane from <filename>.tar.gz to case_number@tacupload.paloaltonetworks.com:/.
For example:
- After the process completes, wait about 5 minutes and check the case management system to confirm that automatic comment for the file upload is added to the case.
- This notification is also sent to the case owner.
The file is now added to the case directly from the firewall or Panorama.
owner: ialeksov