Anyone know server sizing requirements for this? Minimum cpu, memory and storage? Also, what is the recommended way to install?
I started by running the command scp export log traffic start-time equal 2018/07/30@00:00:00 end-time equal 2018/07/30@23:45:00 to expedition@172.30.200.117:/PALogs/mltest.csv on my PA220. root@Expedition:/PALogs# ls -ltotal 64296-rw-rw-r-- 1 expedition expedition 65830760 Aug 1 17:35 mltest.csvdrwxr-xr-x 2 www-data www-data 4096 Aug 1 ...
I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW): https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c Be sure to go Settings > M. Learning > and change the Expedition ML Address address to your VM's IP. Then return to the Dashboad and Start the Agent. [UPDATE 6.4...
Expedition uses APACHE as a web server and PHP as module for the scripts. By default PHP allow users to upload files with a maximum size of 2M, this can be updated by changing the PHP.ini sudo vi /etc/php/7.0/apache2/php.ini go to line where this variable is defined upload_max_filesize = 2M and replace by upload_max_filesize = 250M There...
How does Expedition handle FWDN objects for zone mapping in the security policy from an ASA config migration? In the process of an ASA migration that has FQDN objects but the zones in the securiy policy migrated incorrectly.
I am having an issue with M. Learning processing the logs files that I have uploaded for a specific device. Looking through the forum, I have tried everything that seems to apply, but the logs are still not processing, it just sits there. Is there a known limitation to the total size or number of logs it can process? In this instance, I am proce...
I am migrating a Cisco ASA config that has an ACL that is applied to global (access-group CSM_FW_ACL_ in interface if_global) as opposed to an interface. I believe I understand how this is applied in the ASA but noticed that Expedition did nothing with the ACL as far as I can tell. Is there a way to handle this in Expedition to make it work? If ...
Is CP R80.20 supported ? Cheers Roland
Hello everyone. I have already deployed an Expedition virtual machine using OVF file. The initial hardware settings were: 16 GB of RAM 8 vCPUS 200 GBs of HDD The main intention of this Expedition is to receive logs from one firewall in the next 30 days to analyze them all with Machine Learning after that period. I realized that it doesn't ma...
In PAN-C one is able to append to the descriptions of multiple rules. Is there any plan to add that same functionality in Expedition? My client has had several instances where it was requested to add the same comment to multiple rules.
We are looking for a way to use expedition to migrate a device configuration and stack from one Panorama to another. Here is some background: We have multiple panoramas with firewalls under management. We are currently tyring to consolidate all of these firewalls on to new hardware and under one panorama. In order to do this quickly we...
Hi, I was wondering how people have got around migrating from Watchguard to Palo Alto, the migration tool (Expedition) is not an option, or is it? Is there a fairly automated way to do this?
Hello, I would like to have our InfoSec team use Expedition to audit/report/track changes on our firewalls. What's the best way to set them up so they can use Expedition, but not have any rights to modify or push changes to Panorama or the firewalls? Expedition v. 1.1.35. I've setup a Panorama user with XML API rights, but have found the use...
ubuntu@ip-10-247-94-69:~$ sudo apt-get updateHit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu xenial InReleaseHit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu xenial-updates InReleaseGet:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu xenial-backports InRelease [107 kB]Ign:4 https://artifacts.elastic.co/packages/6.x/apt stable InRelease...
Hello, I am working on a checkpoint migration and attempting to change the zone names. While they change on the zone tab, they do not correctly update anywhere else and still show up as Zone 1, Zone 2, etc under Interfaces and Security Policies.
Anyone have a problem with, when you try to do rule enrichment on a rule(s) that is marked for RE, when you click on "Analyze Data" it says "no rules selected for learning"?
I am having a new deployment performed of the Expedition Tool within our environment, which will utilise the latest application release of the tool. So it will be installed on a VM that will be stood up on a VMware platform anf the VM will have the Ubuntu Server 16.04 LTS operating system installed manually. Then we will have an engineer insta...
hey i have the expedition tool version 1.1.10 Whenever I migrate (tried Cisco, Checkpoint and Juniper), I click export, drag the elements into the base config, press merge then generate xml. I'm left with what looks like the original base config instead of a xml output. All the migrated work is lost. and at the end all of what ihave transferd is...
Wondering if there is a best way to move the Expedition VM to another workstation. Currently have Expedition installed in VM Workstation on laptop but need to move to another laptop with VM Workstation.
reaper
on:
Preparing Exp Tool for Fortigate to PA migration
reaper
on:
Need to in Expedition tool from scrach
