02-21-2019 07:18 AM
Hello,
I'm going to be using machine leanring for all my sites to build an entire new rulebase. All my firewalls are in Panorama, I wanted to start with one paticular site (lets call it site 1). All the firewalls were added as devices to Expeidtion when I imported Panorama. I have started forwarding daily logs from site one to a directory on the Expeidtion server. I created a seperate project for site 1 and only imported the site 1 firewall. However, since the configutations sit in Panorama (as we're using pre-based rules pushed form Panorama) the polices in the Site One Project don't populate. I tried created an ANY ANY rules and tried running machine leanring on it but nothing happened.
Is there a specical protcol we need to used when we want to run machine leanring on firewalls within Panorama?
02-22-2019 12:53 AM
As your policies sit in Panorama, what you need to import into your project is the Panorama configuration.
Once there, you can create a LogConnector specifying the DG that you want to use for your study and the devices/vsys within that DG.
You are on the right path, just some minor changes.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
