Anyone know server sizing requirements for this? Minimum cpu, memory and storage?
Also, what is the recommended way to install?
I started by running the command
scp export log traffic start-time equal 2018/07/30@00:00:00 end-time equal 2018/07/30@23:45:00 to expedition@172.30.200.117:/PALogs/mltest.csvon my PA220.
root@Expedition:/PALogs# ls -l
total 64296
-rw-rw-r-- 1 expe
I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW):
https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c
Be sure to go Settings > M. Learning > and change the Expedition ML Addr
...
Expedition uses APACHE as a web server and PHP as module for the scripts. By default PHP allow users to upload files with a maximum size of 2M, this can be updated by changing the PHP.ini
sudo vi /etc/php/7.0/apache2/php.ini go to line where this ...
Hi,
What are the best ways to get logs automatically to Expedition and have job automatically run to proccess it?
Thanks
Hello,
Apparently there is no option to import a spyware profile snippet into my project. On the snippet tabs when I try to add one the type field doesn't contain a spyware option. I tried manually typing:spyware, spayware profiles,etc.... But when
...
Can you use the ML and rule enhancements on security policy that is located in panorama. Im struggling a bit to get it to work. I set my project up to use panorama and then brought in the firewalls. There is not a schedule log export function to p
...
We have quite a few Palo Altos that we inherited that have many local policies. We would like to manage these policies via Panorama. Is it possible to convert Local Security Policies to Panorama Policies using Expedition? If so is there a guide on ho
...
Hi there
I am trying to migrate a Sidewinder 8.3.2 patch 11 with more than 1000 rules.
I extracted the data using:
cf interface q > config_sidewinder.txt
cf service q >> config_sidewinder.txt
cf servicegroup q >> config_sidewinder.txt
cf policy q
Hey All,
Is anyone currently running 1.0.100 without any issues? Since upgrading I'm not able to "Generate XML & SET Output" as it will just log me out of any browser I attempt it with. Usually when this used to happen the config XMLs could still b
...
I am trying to set up the first set of changes I am making to do some rule enrichment.
Within my project, I am going to Export, API Output Manager, and clicking "[Step 1] Generate API Requests".
The status start changing, showing different phases, b
...
Question - If I import a Panorama device config into a project, then a week later I want to push the new rules I have generated in the project to Panorama, it doesn't overwrite ALL of Panorama's configuration, right? It just pushes the difference sin
...
I blew away my VM and reloaded it with an OVA our PA SE created for us. It installed and functioned just like the one I had created and tried the first half of the week, but I wanted to start with a clean slate. I'm using the specs from the Worksta
...
So, I am doing a rule enrichment on a project. The rule I am enriching is very open, but utilizes negate objects in source/dest. I just noticed that the rules I generated in Expedition via rule enrichment contained the two group-objects I am negating
...
I am trying to conevert SRX NAT rules to Palo Alto. Destination nats are not converted properly. On Nat rule its using destination nat ip as same public and on Security policy its using internal IP as destination IP. Has any one come accross similar
...
Is there a way of telling Expedition to process all avaliable logs from the cli or on a schedule?
I already have scripts that can pull logs over to my expedition machine on a nightly basis. It would be great if Expedition could automatically impor
...
I've created a log connector in Expedition for the last-30-days. I've highlighted a selction of 20 rules and selcted Retrieve Apps for App-ID Adoption. It has been stuck on "Generating Reports" for about an hour now and I cant tell if its actually wo
...
Hi,
I have loaded an ASA configuration to Expedition and the dashboard shows 2 invalid zones, however I can't get any clue as what it is invalid on those 2 zones.
There are 10 zones in total and I can't tell what's different on these 2. Looking a
...
Caught this in the temporary file for log processing...
# There is insufficient memory for the Java Runtime Environment to continue.
# Native memory allocation (mmap) failed to map 113700864 bytes for committing reserved memory.
# An error report f
