Need help with Expedition ML not able to find file under directory created with Imported log files

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Need help with Expedition ML not able to find file under directory created with Imported log files

L1 Bithead

Team,

 

Need some help with ML process for Importing Log files imported into Expedition under /greenfieldLogs/ directory with all the 777 permissions including the log.csv file (exported) from firewalls.

 

I have the latest EX-1.0.102 version and all updates have been done to rule out any issues related to version.

While adding ML source path for processing log files It doesnot display anything while searching file sunder the directory

/GreenfieldLogs/*.

 

but I have Imported and able to see the files in cli.

 

Need some help...

 

Thanks

1 accepted solution

Accepted Solutions

Thanks for Explanation. That is what i am seeing and now I have figured it out based upon Firewall's Serial number. Appreciate your Reply 

View solution in original post

9 REPLIES 9

L7 Applicator

Remember you will only see the files under your firewall if the serial used to define the firewall is the same serial reported inside the log.csv file. they MUST match, if not Expedition will filter out those files....

Thanks for Explanation. That is what i am seeing and now I have figured it out based upon Firewall's Serial number. Appreciate your Reply 

Hi, I see the same serial number in csv file as in the device on expedition, what did you do to fix it?

jgarg, did you open the file using excel or google docs by any chance? If yes they will remove any zeros in the beginning of the serial numbers and will save those changes to the csv file. If you used a text editor to open the csv file then the serial numbers should have retained the serial numbers as is.

Hi, no I didnt open the file in xls of Gdocs, in the log file on expedition console, i see same serial number:

 

1,2018/12/19 09:26:08,015351000019499,TRAFFIC,end,2049,2018/12/19 09:26:08,192.168.45.20,192.168.45.65,,,allow all,,,incomplete,vsys1,trust,trust,ethernet1/2,ethernet1/2,Default-Logging-Profile,2018/12/19 09:26:08,1941,1,53782,5007,0,0,0x64,tcp,allow,296,296,0,4,2018/12/19 09:25:56,7,any,0,44030,0x8000000000000000,192.168.0.0-192.168.255.255,192.168.0.0-192.168.255.255,0,4,0,aged-out,12,0,0,0,,pan-panos-vm50,from-policy,,,0,,0,,N/A,0,0,0,0

 

from vm50:

 

Serial # 015351000019499

 

 

can you try this:

 

Open your device (under devices).

Click on the M.LEARNING menu

Type in the directory path (do not click 'Search files' yet)

Click on 'Save' after entering the directory path

Open the device after saving go to M.LEARNING and click 'Search Files'

If the file is found, click to select (left hand button)

click 'Process files' 

 

Let me know the result

no luck:

 

expedition@pan-expedition:/PALogs$ ls -l

total 1144

-rwxrwxrwx 1 expedition expedition 1161655 Dec 20 05:30 pan-panos-vm50_traffic_2018_12_20_last_calendar_day.csv

-rwxrwxrwx 1 expedition expedition     944 Dec 24 05:30 pan-panos-vm50_traffic_2018_12_24_last_calendar_day.csv

-rwxrwxrwx 1 expedition expedition      17 Dec 22 02:36 ssh-export-test.txt

expedition-ML.jpg

 

Have you set the path for the machine learning database (See pic) prior to searching for th files?

  • 1 accepted solution
  • 8760 Views
  • 9 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!