Problem with system logs

Reply
Highlighted
L4 Transporter

Problem with system logs

Hello

I realized that something wrong is with system log. On dashboard I have "No data available." in "System Log" sections.

In Monitor > system log I have a lot of

2014-03-14_131317.png

I did :

debug software restart device-server

debug software restart management-server

This problem occur because yesterday I worked with support engineer. Unfortunetelly we leave packet capture enabled for whole night. Today morning I realized that the pcap files are over 200MB big. I disabled packet capture, deleted pcap files

Please help me.

With regards

Slawek

Tags (2)
L4 Transporter

Re: Problem with system logs

Hello Slv,

How does it look from the CLI,

"show log system direction equal backward"

Also if you trigger some system logs by logging off and logging on to the GUI or SSH we can see if any new logs are being generated.

Try to restart the varrcvr

"debug software restart vardata-receiver"

helps in packet capture process restarts.

Pls let us know.

L4 Transporter

Re: Problem with system logs

Hi Phoenix

"show log system direction equal backward":

Time            Severity Subtype Object EventID ID Description

===============================================================================

1970/01/01 01:00:00 Unknown  general    unknown 0
1970/01/01 01:00:00 Unknown  general    unknown 0
1970/01/01 01:00:00 Unknown  general    unknown 0
1970/01/01 01:00:00 Unknown  general    unknown 0
1970/01/01 01:00:00 Unknown  general    unknown 0
1970/01/01 01:00:00 Unknown  general    unknown 0
1970/01/01 01:00:00 Unknown  general    unknown 0
1970/01/01 01:00:00 Unknown  general    unknown 0
2031/05/11 20:14:06 Unknown  general    unknown 0
1970/01/01 01:00:00 Unknown  general    unknown 0
1970/01/01 01:00:00 Unknown  general    unknown 0
1970/01/01 01:00:00 Unknown  general    unknown 0
1970/01/01 01:00:00 Unknown  general    unknown 0
1970/01/01 01:00:00 Unknown  general    unknown 0

I try "debug software restart vardata-receiver" but it doesn't help.

Any ideas?

L5 Sessionator

Re: Problem with system logs

Hello Slv,

Timestamps doesn't look good in the above logs.

I know there is a known issue related to timestamps and that's the reason why it shows as unknown.

What Os version currently firewall running on?

Regards,

Hari Yadavalli

L4 Transporter

Re: Problem with system logs

Hi Hari

I'm runing 5.0.9 PAN, timestamps are bad but also in every log entry there isn't information that shold be there.

Only system log is affected, other logs are OK.

Regards

Slawek

L4 Transporter

Re: Problem with system logs

Hi

Today system logs started working.... I dont understand how - but it's started working at 1:00.

2014-03-15_081604.png

L6 Presenter

Re: Problem with system logs

We saw This issue on a new deployment a few weeks ago.Until I clear all the system and config logs I was unable to see new system and config logs.Maybe if I waited for some period, it would be fixed like as yours.

L1 Bithead

Re: Problem with system logs

Hi,

I am experiencing the same issue, the timestamp jumped sudenly from 1970/01/01 to 1995/08/15 07:31:28.

Over logs are OK.

Not very happy to need erase system logs (no syslog server present).

Is it exist a way to export / clear / import clean logs ?

L4 Transporter

Re: Problem with system logs

Hi

What veriosn of PAN are You using?

Try this:

debug software restart management-server

debug software restart vardata-receiver

debug software restart log-receiver

Regards

Slawek

L1 Bithead

Re: Problem with system logs

Hi,

PANOS 5.08

still same after commands:

Regards.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!