Unable to Receive Logs in Email

Unable to Receive Logs in Email

26656
Created On 09/26/18 13:52 PM - Last Modified 06/06/23 02:46 AM


Resolution


Issue

A email server profile is configured where test emails and scheduled reports can be sent to that server from the Palo Alto Networks device, but the following logs cannot be sent:

 

(From the WebGUI, go to Device tab > Log Settings)

System logs

Config logs

HIP Match logs

Alarm logs

 

( Objects tab > Log Forwarding)

 

Traffic Settings and Threat Settings

 

Resolution:

 

If the Email Server Profile has a “To” email address configured and an “And Also To” email address configured, the mail server must be able to send to both email addresses.  Otherwise, email will not be sent to either address.

Example:

1.png

The Email Server Profile above has both To addresses populated.  In  this state, logs are not being sent to the server at 192.168.1.68.

The following command verifies that email server is unable to relay to test@gmail.com:

 

> tail follow yes lines 25 mp-log ms.log

2.png

The Palo Alto Networks firewall is not sending emails to either account configured. Once the test@gmail.com is removed from  the  Email Server Profile, this error goes away, and all emails are received on the other email account.

 

owner:  jseals
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClwmCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language