I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW):
Be sure to go Settings > M. Learning > and change the Expedition ML Address address to your VM's IP.
Then return to the Dashboad and Start the Agent.
Updated the OS and Expedition to 1.1.23.
There were a few new setting available with the upgrade, so a new directory /data was created and chowned to www-data.
There were resource alerts, so updated the /home/userSpace/environmentParameters.php file, so updated TotalCPUs to 2 and SparkRAM to 1592m. Moved image to S3. Note, image size has grown from allocated disk usage. I'll work on squeezing it down for the next release.
I created a new OVA that is now at 1.1.6. All Ubuntu updates have been applied as well.
Permissions for the /datastore and /PALogs should work for all cases now.
VM Image was set to Version 10, so should work for VMware 5.5.
Made a change to /etc/default/grub and /etc/network/interfaces to always use eth0 instead of ensXXX.
Updated /home/expedition/update-expedition.sh to make upgrades easier.
Updated Expedition to 1.0.106 and added all OS updates as well.
It's been upgraded to 1.0.104, but you'll likely need to update it once installed. So just:
sudo apt-get update
sudo apt-get install expedition-beta
...or just use the update-expedition.sh script I created in the home directory.
I also fixed a couple of other issues:
Fixed the /PALogs directory permissions and updated the Parquet Path in the Machine Learning section. This fixes the "Parquet Path" error on the Dashboard.
Changed the "mysqli.reconnect" value in /etc/php/7.0/cli/php.ini to "On" to fix the mysqli.reconnect error on the Dashboard.
I've seen this in the past, it's the virtural nic name IIRC. There are a couple of ways to fix it, change all the names to the new nic name (ens160 or ens192, etc). I've added some kernel boot options in the past, too.
Have a look at this:
Hope this helps!
This is aweomse, thanks! Any chance you could post the file-hash each time it's updated? Best assupmtion is that I just had a corrupt download but it would be nice to cross reference with the hash (downloaded twice today because the first one wasn't deploying in vmware due to a mismatch)
The hash is already part of the OVA. and Ova is a tar of .ovf, .vmdk, and .mf. the .mf is a plain text file that contain the hashes of the .ovf and .vmdk files, so it is internally validated. hence, the OVA is so much better than an OVF that requires manual hash validation. VMWare will warn you if you launch a corrupt OVA, but will not warn you if you try to launch a corrupt OVF/VMDK .
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!