This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

APP-ID adoption doesn't output any app-IDs

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

APP-ID adoption doesn't output any app-IDs

Eric.Hernandez
L2 Linker

‎03-09-2021 08:07 AM - edited ‎03-09-2021 09:00 AM


I'm using expedition 1.1.93

 


When I target my any/any rule for app-id adoption, the adoption process finishes, but no app-ids are displayed. This occurs whether I request a slow retrieval or a fast retrieval.

 

 

The same rule(s) work fine with ML and RE (app-ids show up as expected).

 

 

Any ideas? I'm not even sure how to troubleshoot this. Any help is appreciated. Thanks!

 

0 Likes Likes
11 REPLIES 11

Eric.Hernandez
L2 Linker
In response to lychiang

‎03-12-2021 06:15 AM

OK, will do. Thanks @lychiang 

0 Likes Likes

Eric.Hernandez
L2 Linker
In response to Eric.Hernandez

‎03-12-2021 11:20 AM

Thank you so much for your help @lychiang 

 

 

In summary, (in case anybody else runs into this issue), I first needed to send traffic logs from my devices into Panorama, as the app-id adoption makes a call to Panorama to gather the app-id statistics. Previously I only had my devices sending their traffic logs to Expedition. This worked fine for ML and RE. For APP-ID, the device traffic logs need to be in Panorama.

 

 

Secondly, Lynn was spot on when she suggested that the log connectors were probably the culprit. I have an Active/Passive pair, and the passive node has a lower serial number than the active node. In the LC, the devices are listed (top-down) based on serial number. The passive node was on top of the Active node (due to the lower serial number). It seems that the LC will check the first device in the list, and if there are no app-id stats, then it won't return anything. As soon as we only selected the active node, the APP-ID stats started working. This is the same with Active/Active devices (if one of the AA devices isn't passing traffic). The device passing traffic must be up top, otherwise you should only select the single device (the device passing traffic) within the LC.

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks