Expedition Discussions

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Expedition Discussions

Discussions

Resolved! ML gets stuck at "Pending"

I started by running the command

scp export log traffic start-time equal 2018/07/30@00:00:00 end-time equal 2018/07/30@23:45:00 to expedition@172.30.200.117:/PALogs/mltest.csv

on my PA220. 

 

root@Expedition:/PALogs# ls -l
total 64296
-rw-rw-r-- 1 expe

...

Untitled.png
mbowling by L1 Bithead
  • 41696 Views
  • 26 replies
  • 3 Likes

If You Need an OVA...

I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW):

https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c

 

Be sure to go Settings > M. Learning > and change the Expedition ML Addr

...

trice by L1 Bithead
  • 64350 Views
  • 45 replies
  • 22 Likes

Resolved! How to Upload configuration files bigger than 2MB

Expedition uses APACHE as a web server and PHP as module for the scripts. By default PHP allow users to upload files with a maximum size of 2M, this can be updated by changing the PHP.ini

 

sudo vi /etc/php/7.0/apache2/php.ini go to line where this ...

alestevez by L7 Applicator
  • 27771 Views
  • 5 replies
  • 11 Likes

ASA to PAN - Security Rule Based on pre-NAT Issue

Not sure if anyone else ran into this.

 

ASA's security policies are built based on post-NAT rules (post 8.3 OS)

 

With the tool, it builds the same rules with the post-NAT rules, private IP ... which will not work with PAN as the rule is built based

...

ROHO by L2 Linker
  • 4634 Views
  • 3 replies
  • 0 Likes

Using Fusion to generate an Expedition OVA

If you're looking to deploy Expedition into an ESXi environment you can use Fusion to convert the Expedition vmdk to an OVA format using the steps below. 

 

I am running Fusion ver 10.1.3

 

________ 

 

YOU = Your username on your Mac

 

To deploy the

...

sjanita by L5 Sessionator
  • 2614 Views
  • 0 replies
  • 0 Likes

Resolved! ASA Migration - TCP/UDP source port rules not migrated

Noticed that many rules with source ports defined are not migrated over. 

 

Instead, it creates a service only for the destination port/range and allows all ports through.

 

Below are a few rules. Is it a known behavior?

 

The first two allowed all u

...

ROHO by L2 Linker
  • 4537 Views
  • 2 replies
  • 0 Likes

ASA Migration - Zones

We are in process of migrating ASA config to Palo Alto (multiple context asa to multiple vsys)

 

Loading the config into Expedition works fine and we are able to remap interfaces and rename zones that are too long in characters. However, when loading

...

skfigved by L0 Member
  • 3475 Views
  • 1 replies
  • 0 Likes

Resolved! Expedition and CPUs

Greetings,

 

I have assigned 4 CPUs to my Expedition VM, verified by checking /proc/cpuinfo.

When I log into Expedition, it reports 1 of 1 CPUs and CPU usafge is 101 of 100%.

Can someone please explain this difference between what Expedition is repor

...

mrzepa2 by L2 Linker
  • 7616 Views
  • 2 replies
  • 0 Likes

Resolved! RE error_SecRulesEnrich No traffic found

I have a problem with Rule Enrichment. 

 

The error_SecRulesEnrich gives these messages after analysing the data from a rule which has a lot of data (at least by APP-ID):

  

 

I am connected to a firewall, and i can analyse in Expedition the applica

...

Schermafbeelding 2018-10-29 om 15.36.56.png
antono by L1 Bithead
  • 6030 Views
  • 5 replies
  • 0 Likes

BP - How does Remediate work?

How does the Best Practice remediate function work? I cannot find any documentation. Do I have to select the specific option in the template first or will Expedition/BP remediate all the rd x-ed optioons without asking?

 

While using Remediate and ch

...

Resolved! Adding Security Profile Group to Policies

Converting from ASA to PAN.

 

Is there a way to apply a  Security Profile Group to a large # of security policies. One can only create a snippet for the individual profiles but not for a group. Tried to edit the policy itself and manually add a group

...

ROHO by L2 Linker
  • 9682 Views
  • 8 replies
  • 0 Likes

Expedition Storage

I think that Expedition is reporting storage incorrectly: both /home/userSpace and /temp are stated as using 58.9% of unit space. Also, how do I delete App-ID logs?

 

2018-10-24_9-00-39.png
dega by L2 Linker
  • 3297 Views
  • 1 replies
  • 0 Likes

Resolved! BPA Tool Not Running?

Am trying to run BPA from Expedition against a PAN baseline config. 

 

Imported the config and clicked on Start Analysis from the Dashboard.

 

It says it is complete, but is 0% for everything.

 

There is no content/results in the Analysis, Security P

...

ROHO by L2 Linker
  • 5859 Views
  • 3 replies
  • 0 Likes
  • 1163 Posts
  • 86 Subscriptions
Top Liked Authors
Labels