If You Need an OVA...

Reply
L1 Bithead

If You Need an OVA...

I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW):

https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c

 

Be sure to go Settings > M. Learning > and change the Expedition ML Address address to your VM's IP.

Then return to the Dashboad and Start the Agent.

 

[UPDATE 6.4.2019]

Updated the OS and Expedition to 1.1.23. 

There were a few new setting available with the upgrade, so a new directory /data was created and chowned to www-data.

There were resource alerts, so updated the /home/userSpace/environmentParameters.php file, so updated TotalCPUs to 2 and SparkRAM to 1592m. Moved image to S3. Note, image size has grown from allocated disk usage. I'll work on squeezing it down for the next release.

 

[UPDATE 2.22.2019]

I created a new OVA that is now at 1.1.6. All Ubuntu updates have been applied as well.

Permissions for the /datastore and /PALogs should work for all cases now.

VM Image was set to Version 10, so should work for VMware 5.5.

Made a change to /etc/default/grub and /etc/network/interfaces to always use eth0 instead of ensXXX.

Updated /home/expedition/update-expedition.sh to make upgrades easier.

SHA256 dad89cc3e2c031e70f548dab3bc96b84e0b2216593608dc09151159115463c65

 

[UPDATE 10.16.2018]

Updated Expedition to 1.0.106 and added all OS updates as well. 

 

[UPDATE 9.18.2018]

It's been upgraded to 1.0.104, but you'll likely need to update it once installed. So just:

sudo apt-get update

sudo apt-get install expedition-beta

 

...or just use the update-expedition.sh script I created in the home directory.

 

I also fixed a couple of other issues:

Fixed the /PALogs directory permissions and updated the Parquet Path in the Machine Learning section. This fixes the "Parquet Path" error on the Dashboard.

Changed the "mysqli.reconnect" value in /etc/php/7.0/cli/php.ini to "On" to fix the mysqli.reconnect error on the Dashboard.

 

 

L1 Bithead

Re: If You Need an OVA...

Let me just say that your timing is impeccable. I have been fighting to get the VM converted for esxi all day, trying to track down a Windows box I can use that has the right network access, enough disk space, admin rights, on and on. Roadblock after roadblock. Thank you.

L2 Linker

Re: If You Need an OVA...

Thank you for this .. 

L1 Bithead

Re: If You Need an OVA...

I needed a version that could run on ESX 5.5, based on this KB: https://kb.vmware.com/s/article/1003746 , I needed HwVersion 10.

 

so I took Tobias' OVA and downgraded the Virtual Hardware Version to 10, while I was at it I updated Expedition to 1.0.104 and BPA to 3.2.0. This OVA should work with later version of ESX as well.

 

https://paloaltonetworks.box.com/s/mb3z1v50sw1c914z0q05gqm7y80b8w2x

 

Please test and let me know if any issues. I tested it on ESX 5.5 Update 3b build 3248547 (2015-12-08).

 

Expedition boots up with DHCP Client, so to get your currently assigned IP, log into the Console with Username: expedition Password: paloalto and use ifconfig to see your current IP.

 

then browse to https://<current IP> , and log in with Username: admin Password: paloalto

 

You should update it periodically. So just:

sudo apt-get update

sudo apt-get install expedition-beta

 

L1 Bithead

Re: If You Need an OVA...

Dont forget to change the IP address in the Machine learning server address settings due to it being OP's IP of his ML Server.

L2 Linker

Re: If You Need an OVA...

I also had to do this from another thread:

/etc/mysql/my.cnf file:

 

bind-address = 127.0.0.1

 

That line should be commented out instead, like this:

 

#bind-address = 127.0.0.1

L1 Bithead

Re: If You Need an OVA...

I like using sudo nano to do this:

 

sudo nano /etc/mysql/my.cnf file:

 

--Press Cntrl+W to find "bind-address"

 

bind-address = 127.0.0.1

 

 

--Uncomment it as such:

 

#bind-address = 127.0.0.1

 

Cntrl +O to save it

Cntrl +X   to exit, DONE!

 

L0 Member

Re: If You Need an OVA...

Thank you.

Tags (1)
Highlighted
L0 Member

Re: If You Need an OVA...

Thank you so very much!!!  I've spent 2 weeks trying to get the non-OVA to work.  You are a lifesaver!

Re: If You Need an OVA...

I had no ens33 interface so had to use "ip link" to realise it was ens34 because the VMX file had it as slot 34. Weird.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!