Log Forwarding to Panorama

Reply
Highlighted
L2 Linker

Log Forwarding to Panorama

Hi, 

 

I am using expedition tool to migrate the configuration from Cisco FWSM to Panorama. While reading the documents for "Log forwarding to Panorama", i understand that we need to select a security rule and set the log forwarding profile in order to receive the logs in Panorama.  I have thousands of security rules which are being migrated and hence assigning forwarding profiles to individual security rules will consume a lot of time.  Is there a way in which we can assign a log forwarding profile of an entire policy set to Panorama?

L4 Transporter

Re: Log Forwarding to Panorama

You can follow these steps to apply changes to multiple policies - including adding a log forwarding profile.

 

1) if not already present you must create a LogForward profile: OBJECTS --> OTHER --> LogForward

 

you can use the snippet below to create a profile

 

<entry name="panorama">

          <match-list>

            <entry name="pan-1">

              <log-type>traffic</log-type>

              <filter>All Logs</filter>

              <send-to-panorama>yes</send-to-panorama>

            </entry>

          </match-list>

        </entry>

 

2) use the multi-edit option for the policies to select the policies you want to apply the log fowarding profile to

 

 

 

L2 Linker

Re: Log Forwarding to Panorama

Hi,

 

Thanks a lot for your response. If i use the multi-edit option, is there a way to apply the log forwarding profile for all rules? Or do i need to select , let's say 20 rules at a time and apply the log forwarding profile?

L4 Transporter

Re: Log Forwarding to Panorama

to use the multi edit option you need to select the policies you want to edit. 

 

You can expand the default view of 50 policies to 500 for example, and select 500, if you do not want to make changes in 50 count batches.

L2 Linker

Re: Log Forwarding to Panorama

Hi sjanita

 

Thanks a lot for your response. I will do that. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!