Anyone know server sizing requirements for this? Minimum cpu, memory and storage? Also, what is the recommended way to install?
I started by running the command scp export log traffic start-time equal 2018/07/30@00:00:00 end-time equal 2018/07/30@23:45:00 to expedition@172.30.200.117:/PALogs/mltest.csv on my PA220. root@Expedition:/PALogs# ls -ltotal 64296-rw-rw-r-- 1 expedition expedition 65830760 Aug 1 17:35 mltest.csvdrwxr-xr-x 2 www-data www-data 4096 Aug 1 ...
I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW): https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c Be sure to go Settings > M. Learning > and change the Expedition ML Address address to your VM's IP. Then return to the Dashboad and Start the Agent. [UPDATE 6.4...
Expedition uses APACHE as a web server and PHP as module for the scripts. By default PHP allow users to upload files with a maximum size of 2M, this can be updated by changing the PHP.ini sudo vi /etc/php/7.0/apache2/php.ini go to line where this variable is defined upload_max_filesize = 2M and replace by upload_max_filesize = 250M There...
Is it possible to move selected rules from one DG to another in Expedition. If so, some direction on how pls. Thanks
I am using Expedition 1.1.80 to make bulk changes to Security Profile Groups that are used on rules. Once the changes are made I am using the API Output Manager to push the changes back to Panorama. Once this is done and I am sure the old security profile groups are no longer used I delete them. This works just fine most of the time but there ar...
Hi All, I tried to forward traffic logs from firewalls to the expedition for machine learning purposes, however, those traffic logs always occupied the storage and cause my expedition always unable to login with the WebUI. After I free up some storage and restart the MariaDB then I will only able to login. However, when I tried to retrieve the...
I'm evaluating Expedition to assist with an internal project, and while reviewing the installation script, I noticed a couple massive red flags. First, the root account is given a hard-coded, easy to guess password: 'paloalto'. This is done for both the Linux host, as well as the MariaDB service. Second, the SSH service is reconfigured to al...
Hi All, I'm just looking for some help in migrating an authentication policy for my customer. I have tried to do this in expedition but I'm not sure it works. The Cisco ASA config I am trying to migrate is decribed below: / aaa-server RadiusProfile protocol radiusaaa-server RadiusProfile (Inside) host 192.168.1.1key MySecret aaa authenticatio...
Hi Community, Currently working on a Forti to Palo migration. To my surprise, after uploading the current Forti´s configuration to the Migration tool, I noticed that the QoS polices had not been converterd//were missing. Also, the Forti, within the "config firewall shaper traffic-shaper" section does some "set diffservcode X" for some of the "...
Hi all, I was working with Expedition today when I noticed that, when creating a new zone in Expedition, the zone name length was clipped at 15 characters. When I imported configuration from a firewall containing a name longer than 15 characters, this was imported perfectly fine. Couldn't find any other discussion regarding this, has anyone ...
We filled up the drive by doing scheduled log exports, we then added a new disk and moved log exports to it, the only thing I had to fix was PanReadOrders was showing as stopped and when we tried to start it, it would just stop again. So I found an article where it was recommended to remove and re-add Rabbitmq and that got the Jobs and Task mana...
Is there a way to forward logs from individual rules by adding Expedition to their Log Forwarding Profile rather than setting up a Scheduled Log Export which forwards an entire firewall's logs? Reason I ask is I need to use MI to analyze traffic for some specific rules but do not need to analyze traffic on an entire firewall. I have Scheduled ...
how do i remove the duplicate entires before i prepare xml file
I am having issue with upload the config files to Expedition with valid checkpoint filesWe have been facing issue to upload the config files to Expedition with valid checkpoint filesCheckpoint version is 77.30Expedition version- 1.1.80 amd64After uploading files no policy lists is visible
Hi Experts, I have merged 9 different ASA firewall/contexts to create 3 Vsys on Paloalto 5220.Till 2 vsys migration worked fine and configuration was ready to get pushed with few warnings as validation said "configuration is valid"Now after migrating/merging configuration for last Vsys validation on firewall is continuously failing with message ...
Hello everyone, I am new to using Expedition and have a question regarding the Migration Logs (generated automatically by Expedition), upon analyzing the imported running-config from my cisco asa, Under Task: NAT Analysis - Under Action - it saying No Action Required. Suggestions to review and/or remove. If partial matching, you may consider spl...
Hi folks. Does anyone know, by when Expedition will be available for Red Hat Linux?
Hello, From what I can find in the documentation, Expedition works on Ubuntu 16.04 LTS server. Does anyone tried to install on Ubuntu 20.04 LTS server ? Or other Linux distribution like CentOS ? Thanks
reaper
on:
Preparing Exp Tool for Fortigate to PA migration
reaper
on:
Need to in Expedition tool from scrach
