Anyone know server sizing requirements for this? Minimum cpu, memory and storage? Also, what is the recommended way to install?
I started by running the command scp export log traffic start-time equal 2018/07/30@00:00:00 end-time equal 2018/07/30@23:45:00 to expedition@172.30.200.117:/PALogs/mltest.csv on my PA220. root@Expedition:/PALogs# ls -ltotal 64296-rw-rw-r-- 1 expedition expedition 65830760 Aug 1 17:35 mltest.csvdrwxr-xr-x 2 www-data www-data 4096 Aug 1 ...
I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW): https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c Be sure to go Settings > M. Learning > and change the Expedition ML Address address to your VM's IP. Then return to the Dashboad and Start the Agent. [UPDATE 6.4...
Expedition uses APACHE as a web server and PHP as module for the scripts. By default PHP allow users to upload files with a maximum size of 2M, this can be updated by changing the PHP.ini sudo vi /etc/php/7.0/apache2/php.ini go to line where this variable is defined upload_max_filesize = 2M and replace by upload_max_filesize = 250M There...
I have no BPA version listed in Expedition under release info and the error message below in "Expedition internal checks". I've run the shell script as suggested which appears to complete. I've tried restarting apache and rebooting the box then clicking remediate button but nothing changes. Not sure if it matters but I used the migration tool...
Some of the rules that have been rule enriched in the project have thousands of source or destination IP Addresses. When I try to open these rules to modify them the fields don't populate and Expedition freezes up. When I view the CPU usage on the server - mysqld CPU jumps up to greater than 100% after I attempt to open the rule for modification...
I have installed Expedition and I can ping the IP and connect to it from a browser but I get an error ML module is unreachable at 10.XXX.XXX.XXX even though I'm in it. Any ideas?
I'm being asked to upgrade mariadb version 10.3.32 to 10.3.34 to address some specific CVEs. Has anyone else done this without issue. Is this an ill-advised change to make? Thanks as always
after installation in the remediation it says below: The following variables for Expedition are missing: Spark.RAM,NumCPUs,TotalCPUs The remediation is: Delete the /home/userSpace/environmentParameters.php to get it regenerated VM has 4 CPU, 8GBRAM 40GB HDD. I deleteled using the command sudo rm /home/userSpace/environmentPar...
Hello, I am trying to install Expedition from scratch un top of Ubuntu 20.04.4. Following the "Expedition Installation Guide.pdf", everything goes as expected and Expedition does come up, but when it does the internal checks fail of ML and on OS Software, "Verify that Python Software Dependencies have been installed". The suggested solution (r...
Hello LIVEcommunity, is it possible to disable the telemetry collection of an Expedition server? There is something in the terms and conditions about setting the TELEMETRY flag in the userSettings.php file. I have found two files:/var/www/html/bin/authentication/projects/userSettings.php /var/www/html/bin/MTSettings/userSettings.php In none of t...
Hello, I am working in an environment in which all Palo Alto FWs are centrally managed by a Panorama instance. All traffic logs are sent to the Panorama. If I follow the ML (Loggings Analysis) Guide, it is proposed to set a Scheduled Log Export from each individual FW towards the Expedition ML Server. But what is the correct approach in ca...
Hi All, I know it's not officially released, but decided to take a look at Expedition v2 Beta. I no longer see an option to export objects or policies to Excel? Does anyone know if that feature has been removed in v2? TIA
what does it mean when an object has a value 'default' in its srcFile column? and not any of the configuration filename that I imported?
Hi Guys, How do I obtain a base config for expedition project? The scenario is the new firewalls will be managed using an existing panorama which already has other managed firewalls in prod. Thank you!
Vulnerability Name:11213:HTTP TRACE / TRACK Methods AllowedAffected Hosts, Port(s), Vulnerability IDs:Panmigration tool , tcp:80, 11213 I see this Vulnerability on the Expedition Migration tool. Could you please suggest mitigation plan?
Hi everyone; We want to run ML feature in Expedition tool. We added the second disk for ML operation to Expedition tool and settings were made, but we see an error as follows. Does anyone know the cause of the error?LOG:domain: 1receive_time: 2022/04/04 08:30:01serial: 013201027167seqno: 7032370251232381080actionflags: 0x8000000000000000type: SY...
We are trying to install PA expedition in our enviroment, We had followed the installation guide from the support page https://live.paloaltonetworks.com/t5/expedition/ct-p/migration_tool, Now the issue is after installation the login screen just keeps on spinning without any success,
How can i migrate from Sophos to palo alto through expedition and share me the link also to do the task ?
reaper
on:
Preparing Exp Tool for Fortigate to PA migration
reaper
on:
Need to in Expedition tool from scrach
