Anyone know server sizing requirements for this? Minimum cpu, memory and storage? Also, what is the recommended way to install?
I started by running the command scp export log traffic start-time equal 2018/07/30@00:00:00 end-time equal 2018/07/30@23:45:00 to expedition@172.30.200.117:/PALogs/mltest.csv on my PA220. root@Expedition:/PALogs# ls -ltotal 64296-rw-rw-r-- 1 expedition expedition 65830760 Aug 1 17:35 mltest.csvdrwxr-xr-x 2 www-data www-data 4096 Aug 1 ...
I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW): https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c Be sure to go Settings > M. Learning > and change the Expedition ML Address address to your VM's IP. Then return to the Dashboad and Start the Agent. [UPDATE 6.4...
Expedition uses APACHE as a web server and PHP as module for the scripts. By default PHP allow users to upload files with a maximum size of 2M, this can be updated by changing the PHP.ini sudo vi /etc/php/7.0/apache2/php.ini go to line where this variable is defined upload_max_filesize = 2M and replace by upload_max_filesize = 250M There...
Hey All, Is anyone currently running 1.0.100 without any issues? Since upgrading I'm not able to "Generate XML & SET Output" as it will just log me out of any browser I attempt it with. Usually when this used to happen the config XMLs could still be found from "Downloads" after logging back in but this is not the case. I'm also seeing ra...
I am trying to set up the first set of changes I am making to do some rule enrichment. Within my project, I am going to Export, API Output Manager, and clicking "[Step 1] Generate API Requests". The status start changing, showing different phases, but after probably 35 seconds, I get kicked out of the web GUI and back to the login page. Is this...
Question - If I import a Panorama device config into a project, then a week later I want to push the new rules I have generated in the project to Panorama, it doesn't overwrite ALL of Panorama's configuration, right? It just pushes the difference since the last import? I am just thinking about over a timespan of even a day, there will be many ch...
I blew away my VM and reloaded it with an OVA our PA SE created for us. It installed and functioned just like the one I had created and tried the first half of the week, but I wanted to start with a clean slate. I'm using the specs from the Workstation image of 1 cpu, 1.5Gb RAM, 40Gb disk. v1.0.84 I did the following: Created the M.learning...
So, I am doing a rule enrichment on a project. The rule I am enriching is very open, but utilizes negate objects in source/dest. I just noticed that the rules I generated in Expedition via rule enrichment contained the two group-objects I am negating, plus all the specific IPs and ranges, but the whole new rules were set to negate by default. Ba...
I am trying to conevert SRX NAT rules to Palo Alto. Destination nats are not converted properly. On Nat rule its using destination nat ip as same public and on Security policy its using internal IP as destination IP. Has any one come accross similar issue and any solution for same.
Is there a way of telling Expedition to process all avaliable logs from the cli or on a schedule? I already have scripts that can pull logs over to my expedition machine on a nightly basis. It would be great if Expedition could automatically import those rather than me having to log in, select the devices, and click on Process Logs every day.
I've created a log connector in Expedition for the last-30-days. I've highlighted a selction of 20 rules and selcted Retrieve Apps for App-ID Adoption. It has been stuck on "Generating Reports" for about an hour now and I cant tell if its actually working in the background or if its stuck. I tested this earlier on 1 rule with the log connector s...
Hi, I have loaded an ASA configuration to Expedition and the dashboard shows 2 invalid zones, however I can't get any clue as what it is invalid on those 2 zones. There are 10 zones in total and I can't tell what's different on these 2. Looking at the Monitor tab I can't see what's the problem. Any idea where I can find why are these zones r...
Caught this in the temporary file for log processing... # There is insufficient memory for the Java Runtime Environment to continue.# Native memory allocation (mmap) failed to map 113700864 bytes for committing reserved memory.# An error report file with more information is saved as:# /tmp/hs_err_pid51410.log Also, now, I have a situation ...
I'm wanting to do some policy work (app-id migraiton) on a firewalls that is basically 100% managed by Panorama. Don't want to mess with all others yet. How do I get the policy set that's managed in Panorama for just one firewall int Expedition?
Does anyone have a good set of steps to convert / migrate a policy from one device group to another, including all objects/groups/etc?
I've added a panorama device into Expedition and i'm trying to import logs that I've exported from panorama and am running into an issue. I put the csv file in /home/expedition/logs. The csv is called panorama.csv. /home/expedition/logs/* (logs path in expedition). I've changed changing permissions on the file/folder and ownership and no mat...
[Stage 48:> (0 + 1) / 2]SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".SLF4J: Defaulting to no-operation (NOP) logger implementationSLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.DONE Getting the above error when processing log...
Hi Team, expedition tool supports migration between different PA Series Hardware? thanks,
reaper
on:
Preparing Exp Tool for Fortigate to PA migration
reaper
on:
Need to in Expedition tool from scrach
