FW Logging Prefix list

Reply
L2 Linker

FW Logging Prefix list

Can any one confirm that when we configured log collector group with two managed log collector (both active and passive Panorama's) and if see the logging status on the firewalls does it show only the Active Log collector or both Active and Passive log collector.

thanks

L7 Applicator

Re: FW Logging Prefix list

@Sanssj,

Why are you putting the passive Panorama instance in as a log collector? Your firewalls will never connect to the passive Panorama, and as soon as the Panorama HA members switch the firewalls would still be connecting to the 'active' Panorama instance with all of the 'active' members information. 

 

L2 Linker

Re: FW Logging Prefix list

Its for log redundancy purpose.
So according to this deployment
https://www.paloaltonetworks.com/documentation/80/panorama/panorama_adminguide/manage-log-collection...

According to the above deployment at any given time FW’s should be sending the logs to both the local log collectors irrespective its active or passive.

But I agree with what u said i.e. the FWs will connected to only one of the local log collectors (active) and if that fails then FWs send the logs to the next available log collector in the device log preference list.

I just what to know why is this discrepancy.
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!