topic Re: PA System Logs in General Topics

PA System Logs

Navigator — Mon, 13 Aug 2018 14:19:13 GMT

Dear Expert ,

I need to get all System messages of PA in case of the below Events

CPU Errors, warnings.
Memory, RAM utilization warning, problem.
Hardware failure, problem. .(Physical Events)
Links , interfaces down.
Processor warning.
Disk warning.
Fan warning.
Power supplies warning.
Restart, reboot events.
Shutdown event.

Your support is highly appriciated

Re: PA System Logs

BPry — Mon, 13 Aug 2018 14:36:17 GMT

@Navigator,

It looks like you want pretty much anything that would have a severity of high or citical.

Within the 'Log Settings' under the 'Device' tab you can setup alerting on the System alerts. The example as shown would give you everything you want plus a few other alerts that would be rather important to recieve. As configured I've simply setup an email profile; but you can choose any forwarding method that you want.

Re: PA System Logs

Navigator — Mon, 13 Aug 2018 14:41:22 GMT

thanks BPry for your fast response , however i need to get samples for the mentioned states so how can i find such logs to use it within use cases

i.e in case of Link Down event below log will be creates

( eventid eq link-change ) ( description contains 'Port MGT: Down 1Gb/s Full duplex' )

so i need all the above states like my example

Re: PA System Logs

BPry — Mon, 13 Aug 2018 16:48:16 GMT

@Navigator,

That's a lot of information to ask others to pull for you; and really should be something that you go through your own system logs and pull, as that's what others would have to do on your behalf. Not trying to sound off or anything, just trying to be realistic with what you'll actually receive.

Right off the bat here's some of what you could look for.

Power Supplies: Own event: ( eventid eq ps-failure )

Shutdown: Own Event ( eventid eq system-shutdown)

Management Server: ( description contains 'Management sever shutting down')

Thermal: ( eventid eq 'Thermal Failure' )

Re: PA System Logs

Navigator — Tue, 14 Aug 2018 10:30:32 GMT

Hi BPry ,

Im asking for log reference guide that supposed to be exist and refrenced by Palo Alto Networks not for individuals to pull for me. As mentioned before ,this is not for Troubleshooting this is for use case integrations scenarios and my own system didn't face hardware issues to collect all my requirements.

Re: PA System Logs

BPry — Tue, 14 Aug 2018 12:36:30 GMT

Maybe I should have been more clear in my earlier reply, but the level of detail your asking for doesn’t exist within current documentation. The closest you’ll find is https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/system-log-fields#id9502d0c7-67d3-4f74-a0a9-3fdd671afd28 paired with https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/monitoring/work-with-logs