Traps - Panorama log ingestion Integration

Highlighted
L3 Networker

Traps - Panorama log ingestion Integration

Hi, 

 

I have Panorama 8.0.1 set to panorama mode. I'm trying to send Traps ESM logs to Panorama. I feel like my configuration is correct, but the connection fails from the Traps side.  Am I missing anything?  See Screenshots of my Panorama Traps Log Ingestion Profile and Traps ESM Panorama Configuration.

 

Screen Shot 2017-05-04 at 4.13.13 PM.pngScreen Shot 2017-05-04 at 4.12.43 PM.png

L4 Transporter

Re: Traps - Panorama log ingestion Integration

The following procedure should work fine.

 

In order to take advantage of Panorama 8.0; do the following:

 

If you have a M100 or M500, update the software, and you're good.

 

If you have a Panorama-VM, there is a few more steps:

  1. Make sure you have enough vCPUs and RAM:  8vCPUs and 16GB RAM minimum
  2. Update the software
  3. Depending on your configuration, it might want more disk. Running the request system system-mode panorama will tell you how much, and how to migrate.
  4. Add disks as necessary, migrate with request system clone-system-disk target <yourdisk> and lean back
  5. Once done, reboot, and run request system system-mode panorama again
  6. Panorama will convert logs to the new format in the background. For production systems, consider doing this in low-activity periods, for instance during the night.

Voilá:

Panorama 8.PNG

 

https://live.paloaltonetworks.com/t5/Rome-Discussions/Panorama-8-0-How-to-switch-to-the-new-Panorama...

 

I hope it helps.

L3 Networker

Re: Traps - Panorama log ingestion Integration

I think i found my issue on step 4 here. Will post back with more info.

 

https://www.paloaltonetworks.com/documentation/80/panorama/panorama_adminguide/monitor-network-activ...

L3 Networker

Re: Traps - Panorama log ingestion Integration

Willian,

 

I have already upgraded Panorama to panorama mode. It seems like port 23001 isnt open on Panorma even though i added the log collector profile and log ingestion profile from the document.

 

https://www.paloaltonetworks.com/documentation/80/panorama/panorama_adminguide/monitor-network-activ...

L3 Networker

Re: Traps - Panorama log ingestion Integration

I was able to successfully connect after specifying Traps Ingestion Profile in the default Log Collector Group.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!