Anyone know server sizing requirements for this? Minimum cpu, memory and storage? Also, what is the recommended way to install?
I started by running the command scp export log traffic start-time equal 2018/07/30@00:00:00 end-time equal 2018/07/30@23:45:00 to expedition@172.30.200.117:/PALogs/mltest.csv on my PA220. root@Expedition:/PALogs# ls -ltotal 64296-rw-rw-r-- 1 expedition expedition 65830760 Aug 1 17:35 mltest.csvdrwxr-xr-x 2 www-data www-data 4096 Aug 1 ...
I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW): https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c Be sure to go Settings > M. Learning > and change the Expedition ML Address address to your VM's IP. Then return to the Dashboad and Start the Agent. [UPDATE 6.4...
Expedition uses APACHE as a web server and PHP as module for the scripts. By default PHP allow users to upload files with a maximum size of 2M, this can be updated by changing the PHP.ini sudo vi /etc/php/7.0/apache2/php.ini go to line where this variable is defined upload_max_filesize = 2M and replace by upload_max_filesize = 250M There...
I am trying to import the vmx image into VMware but the import fails as it cannot find a Linux OS. The import is using VMware Workstation 10 for Windows. What is the best practice procedure to import this image into VMware given there is no ova or iso posted format to import (I tried using the VMware conversion tool but this fails as well wi...
I am trying to convert Checkpoint configuration to Palo Alto configuration using Migration tool, all configurations are loaded and visible except the NAT statements. I opened the file and looked out for the NAT statement and I can see that the NAT statement exists in the rule.c file. Migration tool version 3.1
Hi Team, I am trying to migrate checkpoint rules to Palo Alto through Expedition. I have installed the Tool successfully, but now I am not able to import devices as provided in admin guide by PA. Can somebody help me to complete the Project?
Hello again, I want to know if someone was able to integrate their AD with Expedition. So far, I configure it but cannot login with my user.. What should be the format for Suffix? I tried with the DCs and also the other format. Why it asks for a password when integrating with AD? it is supposed to use the AD credentials.. Also, a feature...
Is there a good way to wipe everything and start over without rebuilding the VM from scratch? I have done Setting -> M.Learning -> Delete All Data Strucure Files. But, even though I have Panorama in the devices section successfully, it's not processing any new log CSV files, even though there are two there that it hasn't processed at all b...
When running the update installation it fails with the following errors.
1.0.94 Added device via panorama, used LDAP auth based credentials to create API, clicked retrieve running. Says downloading until I cancel it. Added it as a standalone after deleting Panorama with the same result. Also tried local credentials instead of LDAP based.
I am trying to get Expedition to work over a VPN connection. I have VMware Workstation 12 player installed on my laptop and have Expedition installed and upgraded to 1.0.94. I connect with Cisco VPN client but when I try to launch the expedition program it will not load until I disconnect the VPN session. If I disconnect from the VPN session Exp...
I have a task to migrate a policy from 2 ASA firewalls into 1. Haven't seen policies yet but i think it's like 2 seperate entities. Anyone had similar project? How did you aproach it? My only idea so far is use Expedition for the more complex config and manually migrate the other. Is there maybe a way to use Expedition for both?
I think I need to fix my ability to pull from the apt repo. I am failing Err:13 https://conversionupdates.paloaltonetworks.com expedition-updates/ Packages gnutls_handshake() failed: Error in the pull function.Fetched 216 kB in 2s (93.4 kB/s)Reading package lists... DoneW: The repository 'https://conversionupdates.paloaltonetworks.com expedit...
hey i am finishing the merge stage of the configuration and than download the generated files but they contains only the following lines the "set" file is empty the "xml" file has only those lines =========================== <?xml version="1.0"?><?xml version="1.0"?> =========================== API commands generation also file...
I upgraded to 1.0.94, it appears to be working ok, but it did throw some errors. I wanted to post it here so mods can review and see if there is something that is wrong with the update and fix it in next version. expedition@Expedition:~$ sudo apt update [sudo] password for expedition: Hit:1 http://us.archive.ubuntu.com/ubuntu xenial InRelease ...
I have been unsuccessful at getting Expedition to work ever since I acquired it. Between converting the workstation to an OVA, configuring it (the only doc I have for it was from the HOW at Ignite, and now possible folder permission issues/logs not processing. It would be great to get an image of one that is built and fully configured/function...
Is there a cli command that would force a processing of any new logs for all devices? This could then be run from cron at whatever time the admin chooses. I am guessing it's a php command or something simillar.
Under Policies > Security > ML tab for servers has following screen When this is exported using Excel it is supposed to be exactly the same, but rather it shows most likely database entries that correlate to the IP, but do not actually list the IP. Please let me know when this is resolved.
reaper
on:
Preparing Exp Tool for Fortigate to PA migration
reaper
on:
Need to in Expedition tool from scrach
