Anyone know server sizing requirements for this? Minimum cpu, memory and storage? Also, what is the recommended way to install?
I started by running the command scp export log traffic start-time equal 2018/07/30@00:00:00 end-time equal 2018/07/30@23:45:00 to expedition@172.30.200.117:/PALogs/mltest.csv on my PA220. root@Expedition:/PALogs# ls -ltotal 64296-rw-rw-r-- 1 expedition expedition 65830760 Aug 1 17:35 mltest.csvdrwxr-xr-x 2 www-data www-data 4096 Aug 1 ...
I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW): https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c Be sure to go Settings > M. Learning > and change the Expedition ML Address address to your VM's IP. Then return to the Dashboad and Start the Agent. [UPDATE 6.4...
Expedition uses APACHE as a web server and PHP as module for the scripts. By default PHP allow users to upload files with a maximum size of 2M, this can be updated by changing the PHP.ini sudo vi /etc/php/7.0/apache2/php.ini go to line where this variable is defined upload_max_filesize = 2M and replace by upload_max_filesize = 250M There...
Hi all, This is my first time attempting rule-enrichment on expedition. I followed the LIVEcommunity youtube videos for instructions. Logs exporting from the firewall for the last 90 days, and have already processed the logs. I have now enabled RE monitoring on a security policy, and when I got to RE discovery, the analyze data button brings ...
Hi folks, I'm converting JUNOS to PANOS however there are some invalid predefined services and I can't delete them. Anyone have an idea how to remove it? For more information please check attached image.
Is there any news about when Expedition will support the migration of User-ID based rules from CheckPoint? A lot of the CheckPoint FireWalls we are now migrating use identity awareness in their rulebase. Often there are hundreds of rules which make it close to impossible to migrate manually without mistakes. I would guess we are not the first ...
Hello I am having difficulty with Expedition where exported firewall logs are misattributed to another firewall on Panorama. I am exporting logs directly from monitor on Panorama and selecting 2 specific machines from 2 separate locations but when come time to process in expedition it is associated with a third site that is not included in t...
No LSB modules are available. Correct Ubuntu Server 20.04 version WARNING: apt does not have a stable CLI interface. Use with caution in scripts. This script has been prepared to install Expedition from scratch Expedition package is already present Exiting Installation ----------------------------- I get the following error, as I try to reinstal...
Hello there, I am currently migrating my ASA 5585 to a Palo 5260 using Expedition tool. Everything on the dashboard has been rectified, except for few services that shows "invalid" and used . I've noticed that Expedition has replaced "icmp" service in ASA to "discard" Does anyone know why is that ? Also, there're some invalid services suc...
Hi How I can use the migration tool in Windows? where I can find the download?
So we are in a big project to replace lots of junos firewall. Atm every time we do a new firewall we create a new project and have to The same task over and over (search replace ping, rpc applications and some more) we also do a renaming of some host group.Since this takes some time each time. Im wonder if its somewhow any advance feature to do ...
Hey everyone, I am currently trying to migrate a configuration of a Cisco ASA to PAN using Expedition. Unfortunately, the tool is not properly migrating the NAT and corresponding security rules. One example: We have a NAT rule that translates the public IP (1.2.3.4) to the private IP (10.1.1.1). In ASA the security policies are using the pos...
Hi, I'm trying to migrate Checkpoint FW to Panorama Device Group. I have imported and edited Checkpoint config, imported Panorama config (about 5.5 MB), merged Checkpoint policies to empty device group and objects to shared objects (and merged them to use existing Panorama objects instead of Checkpoint objects). Up to this point everything works...
Hey everyone, I am currently trying to migrate a configuration of a Cisco ASA to PAN using Expedition. Unfortunately the customer is not only using the "normal" inbound rules on ASA but also outbound rules. ASA rule processing is a bit different from PAN: Packet arrives from source (maybe 10.1.1.1) on interface 1/1 -> Packet is send through...
There are two commands that are recommended to run after upgrading to Expedition 1.2.40. Would someone please tell me what they are? I can't find them since I upgraded.
Hello all, I am using Expedition version 1.2.40 running on Ubuntu 20.04.5 Server. Everything is apt updated and upgraded to latest versions as of 10/14/2022. I am migrating a configuration from a Cisco ASA to a PA 440 device. I have imported the 440 base configuration into expedition. I also imported my ASA configuration into expedition....
i see that expedition is working on ubuntu 20.04, anyone tried to install expedition on centos?
Hello All, We have done machine learning on a project which has two Imported base configuration from Panorama. We created learned policies in the Second Configuration File, however when we Generate the API request, it takes configuration from first Configuration by default. Is there a way I can choose the base configuration as second file fo...
reaper
on:
Preparing Exp Tool for Fortigate to PA migration
reaper
on:
Need to in Expedition tool from scrach
