Anyone know server sizing requirements for this? Minimum cpu, memory and storage? Also, what is the recommended way to install?
I started by running the command scp export log traffic start-time equal 2018/07/30@00:00:00 end-time equal 2018/07/30@23:45:00 to expedition@172.30.200.117:/PALogs/mltest.csv on my PA220. root@Expedition:/PALogs# ls -ltotal 64296-rw-rw-r-- 1 expedition expedition 65830760 Aug 1 17:35 mltest.csvdrwxr-xr-x 2 www-data www-data 4096 Aug 1 ...
I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW): https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c Be sure to go Settings > M. Learning > and change the Expedition ML Address address to your VM's IP. Then return to the Dashboad and Start the Agent. [UPDATE 6.4...
Expedition uses APACHE as a web server and PHP as module for the scripts. By default PHP allow users to upload files with a maximum size of 2M, this can be updated by changing the PHP.ini sudo vi /etc/php/7.0/apache2/php.ini go to line where this variable is defined upload_max_filesize = 2M and replace by upload_max_filesize = 250M There...
Hello Dears, I'm working on migrating 3000 rules from Cisco FTD to PaloAlto. As you know, the Expedition tool migrates the ASA syntax, not the Snort. The ASA configuration exported won't include the Rule name. Instead, all rules will have a name like this: CSM_FW_ACL__. Fortunately, in my case, all rules have descriptions which are equal to the ...
Is there an installer script for Expedition Ubuntu 22.04?
Expedition v1.2.86Panorama 10.2.7-h3Firewall PA-5200 10.2.7-h3Exported 24 hours of monitor traffic logs to .csv file format from Panoramauploaded to /PALogs on server and set permissionsSee file from Firewall > M.Learning in ExpeditionClick [Process Enabled Files] and message "No supported new files to process" appears immediatelyAny suggesti...
Can I get some clarification on what is considered an unused object? For example is an Address or Service Object considered unused if it is not part of any rules if it is listed individually and that is it? How about if the object is not listed individually in any rules, but it is part of an object group that is also not part of any rules? And...
running Expedition v1.2.86Panorama v10.2.7-h3 Active/Passive HAjoined Panorama(s) into Expedition using API KEY successfullyThis was working until it was upgraded to v1.2.86 and it broke. I removed Panorama and Devices from Expedition, and re-configured Panorama without issue. During retrieve contents it shows many different files being download...
Hi Team, Apologies if this issue is being discussed on another thread. I am unable to find it. I am trying to add devices (Panorama M600) in Expedition. However, Panorama tab remains greyed out for it. can you please tell me how to fix it.
Expedition v1.2.86Remediated all issues less the following: Expedition is reporting the following remediation:www-data may not have rights to compress/delete CSV filesRemediation: Include www-data into expedition via "sudo usermod -a -G expedition www-data", restart the Task Manager and restart apache via "sudo service apache2 restart".I have ex...
I am looking for a collective answer best practice when using expedition to migrate from a Cisco ASA to a Palo Alto Pan-OS. Expedition typically maps the ASA Management interface to an ethernet interface and management zone on the Pan-OS and then sometimes attaches that zone to firewall policies that do not define an ACL as well. In regards t...
Hello, I am currently migrating my ASA 5585 to a Palo 3260. Everything on the dashboard has been rectified, except for one address group that shows "invalid". I'm not sure how to correct this, it appears to hit two rules, but I'm not sure what the best way is to rectify this issue.
Hello I am not able to use the ML functionnality on imported log trafic. Spark tasks are skipped.. I have nothing in those directories : Log files are in PALogs/ PALogs directory is owned by www-data. Here is my ML menu when i try to analyse data : (nothing unusual) But there is nothing in the output. How can i pinpoint the pr...
I've imported a Panorama from xml to help me do a cleanup. Panorama manage 2 device group called "intranet" and "internet" I already knew about an unused service "tcp-2222". This service it's used on Intranet but unused on Internet. If I set a "unused service" filter on Internet the tcp-2222 doesn't appear. Why? I know that i can found it as d...
Hello,I recently deleted our Expedition VM and created a new one so it on a newer OS. Everything seems to work besides the Project > BPA tool. I seem to be running into the same issue in the link below and their fix was a downgrade to known working version. I don't think I can downgrade as this is a 100% new install. Are there other fixes ot...
Community, I am in a project migrating a checkpoint in version r81.10 in expedition to palo alto, but the object groups are blank when I export the configuration, and it eliminates most of the objects that I need for the configuration. This problem did not happen to me with checkpoint in version R80, everything was migrated correctly, do you kno...
We currently use Panorama to manage multiple firewalls across our organization. We have a Edge ASA Cluster we are needing to migrate over to an existing pair of Palo Alto Firewalls, managed by Panorama. I would like to only migrate over the Objects, Security Policies, and NAT rules, From the Cisco ASA config to the Panorama. I have impor...
reaper
on:
Preparing Exp Tool for Fortigate to PA migration
reaper
on:
Need to in Expedition tool from scrach
