If You Need an OVA...

trice · ‎09-05-2018

I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW):

https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c

Be sure to go Settings > M. Learning > and change the Expedition ML Address address to your VM's IP.

Then return to the Dashboad and Start the Agent.

[UPDATE 6.4.2019]

Updated the OS and Expedition to 1.1.23.

There were a few new setting available with the upgrade, so a new directory /data was created and chowned to www-data.

There were resource alerts, so updated the /home/userSpace/environmentParameters.php file, so updated TotalCPUs to 2 and SparkRAM to 1592m. Moved image to S3. Note, image size has grown from allocated disk usage. I'll work on squeezing it down for the next release.

[UPDATE 2.22.2019]

I created a new OVA that is now at 1.1.6. All Ubuntu updates have been applied as well.

Permissions for the /datastore and /PALogs should work for all cases now.

VM Image was set to Version 10, so should work for VMware 5.5.

Made a change to /etc/default/grub and /etc/network/interfaces to always use eth0 instead of ensXXX.

Updated /home/expedition/update-expedition.sh to make upgrades easier.

SHA256 dad89cc3e2c031e70f548dab3bc96b84e0b2216593608dc09151159115463c65

[UPDATE 10.16.2018]

Updated Expedition to 1.0.106 and added all OS updates as well.

[UPDATE 9.18.2018]

It's been upgraded to 1.0.104, but you'll likely need to update it once installed. So just:

sudo apt-get update

sudo apt-get install expedition-beta

...or just use the update-expedition.sh script I created in the home directory.

I also fixed a couple of other issues:

Fixed the /PALogs directory permissions and updated the Parquet Path in the Machine Learning section. This fixes the "Parquet Path" error on the Dashboard.

Changed the "mysqli.reconnect" value in /etc/php/7.0/cli/php.ini to "On" to fix the mysqli.reconnect error on the Dashboard.

mghazzi · ‎02-08-2019

if you look for my post above in this thread on 9-12-2018, I shared an OVA that was made for ESX 5.5 (HW Version 10) or higher. See this article for more detail on the VMWare Hardware Version compatibilty: https://kb.vmware.com/s/article/2007240

dberber1 · ‎02-08-2019

Ahh - cool - overlooked it - thanks!

sjanita · ‎04-03-2019

Update:

As of april 2019:

Do not use the OVA's in these links.

The Expedition team will be publishing an updated OVA with a new download link this week.

kan3de · ‎04-15-2019

Any news here?

sjanita · ‎04-15-2019

yes from the main site:

https://live.paloaltonetworks.com/t5/Expedition-Migration-Tool/ct-p/migration_tool

there is a link for "Get the tool OVA"

Remigijus Mikalauskas · ‎05-17-2019

Cannot deploy official OVA.

VMware ESXi, 6.0.0, 9239799

Issues detected with selected template. Details: - -1:-1:VALUE_ILLEGAL: No supported hardware versions among [vmx-12]; supported: [vmx-04, vmx-07, vmx-08, vmx-09, vmx-10, vmx-11].

mghazzi · ‎05-17-2019

seems that the official OVA was built for virtual hardware version 12 or higher since the ovf file has

"<vssd:VirtualSystemType>vmx-12</vssd:VirtualSystemType>"

see KB article https://kb.vmware.com/s/article/1003746

ESX 6.0 is still supported by VMWare until March 12th, 2020

see VMWare announcment: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/support/product-lifecycle-matrix.p...

sjanita · ‎05-20-2019

I have seen this issue/message with installations of ESXi on older server hardware that was not compatible with the vmx-12 drivers.

i'll see what can options there are to support this.

snash1 · ‎06-03-2019

Is https://paloaltonetworks.box.com/s/davuvo65k727nm7feuug0d783zo6fjx8 the latest download for the tool? I've been searching around the site for 20 minutes now and this is the only link I can find to download expedition.

There was a post on 4/15 from sjanita saying there is a link for "Get the tool OVA" on https://live.paloaltonetworks.com/t5/Expedition-Migration-Tool/ct-p/migration_tool but that just takes me to a listing of the expedition forums.

Thanks

mghazzi · ‎06-03-2019

It seems like the new landing page has no simple "get the tool" button. I think it is temporary until they redesign the page and make a simpler way to download. but for now if the download link works for you; use it and update to the latest build.

trice · ‎06-03-2019

As the creator of this thread, and the unofficial OVA's, you really should use the official OVA now available by the Expedition team. That being said, I am still updating my OVA for my team since I needed to support older VM instances and the OS/Expedition would be current upon instantiation. I will be moving them to S3 soon as I no longer have access to box. I will update the links once they are moved to their new home.

Again, not supported or recommended since there are official images now.

dgildelaig · ‎06-15-2019

Hi guys,

You are right that the dowload link was .not available for a while. But it is back now.

Also, I have some extra good news to bring you. We have created a installer Script that would set up an Expedition instance on a newly clean Ubuntu 16.04 Server VM.

So, there should be no issues for you to create a new image with your VMWare restrictions and, on that, run the script to get all the services requried for Expedition.

If everything goes smooth, we will post a message with the instructions during next week.

jgiddens · ‎07-02-2019

Hey Didac,

Do you know when this will be available?

dgildelaig · ‎07-04-2019

Hi guys,

I forgot about you in his thread.

Well, the script is already available, and you may not know, but you already have it if you downloaded an Expedition update recently.

We will make the script also available to download by itself, of course.

So, the script is in

/var/www/html/OS/installer

You will find in that folder two files. One is initSetup.sh. The second is databases.tgz

You need them both.

Download an Ubuntu 16.04 server (http://releases.ubuntu.com/16.04/) and install it as normal.
Once installed, upload the two files initSetup.sh and databases.tgz via scp, or wget into the same folder in your new Ubuntu server machine
change permit to initSetup.sh via the command "sudo chmod 755 initSetup.sh"
execute the initSetup.sh as root: "sudo ./initSetup.sh"
let the script handle it all for you. It will update configurations, download packages, install them, set them up and modify settings for Expedition. Even create users for database connections. It only requires the Ubuntu 16.04 machine and Internet connection.

Enjoy!

Remigijus Mikalauskas · ‎07-09-2019

Don't seem the script finishes successfully.

If You Need an OVA...

If You Need an OVA...

Show your appreciation!