Expedition was conceived to reduce the time and efforts a security admin needs to improve and optimize their Palo Alto Networks configurations. Following that effort, we have added, within Expedition, support not only to run a BPA analysis if not also be able to remediate some of the failed checks (all related to Device Config) and now integration with the project IronSkillet. https://github.com/PaloAltoNetworks/iron-skillet
Explore the Expedition Dashboard
There are 2 parts related to the VM Stats, one controls the stats for the local VM running the GUI and the ML Health in case is running on another VM shows the stats from the remote Expedition VM.
That means you can setup 2 Expedition VMs and use one for the GUI and another with more CPU and RAM to run the data analysis and machine learning. If this is your case just go to SETTINGS -> M. Learning and setup the IP address where your Expedition with more resources is running and click on SAVE.
The Task Manager must be always UP and controls all the backend jobs requested from the GUI like to retrieve contents from a device using the API keys.
Expedition comes with a self-check list to at least show you if there is something that can be improved in the system or if some dependencies or required functions are working properly or missing.
Close to the logo you can find the version and the released day plus what version of the Best Practices Assessment Tool is running.
Expedition comes with a built-in messaging queue system.
This mechanism allows it to prepare some tasks and send it to the queue. With this, we can run jobs internally without having to wait until the job is finished in the same page we are.
The first thing you will have to do when you enter in Expedition is check if the process is UP or DOWN, click on START in case is DOWN. If this is DOWN the Jobs will not be executed until it get's UP again.
Some of the tasks relaying in the TASK MANAGER are:
Download contents from Devices
Retrieve dynamic reports from firewalls for App-ID and User-ID adoption
Debug: If you want to see the output generated by the jobs running from the Queue you can see the content here:
tail -f /home/userSpace/panReadOrders.log