11-11-2021 08:00 AM
Excerpt from panReadOrders.log below. I can manually process csv log files for machine learning but the daily process doesn't work.
Notice: Trying to get property of non-object in /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/PeriodicTask.php on line 14
Checking: PeriodicLogCollectorCompacter
Thu, 11 Nov 2021 15:41:50 +0000 Start Task
Checking CSV logs from device(s) 000000000000000 ,111111111111111 ,2222222222222222 ,333333333333333
Notice: Trying to get property of non-object in /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/PeriodicLogCollectorCompacter.php on line 104
Notice: Trying to get property of non-object in /var/www/html/libs/common/device/CsvFilesProcesser.php on line 130
Fatal error: Uncaught TypeError: Argument 3 passed to accessControl() must be of the type integer, null given, called in /var/www/html/libs/common/device/CsvFilesProcesser.php on line 132 and defined in /var/www/html/userManager/API/accessControl_CLI.php:23
Stack trace:
#0 /var/www/html/libs/common/device/CsvFilesProcesser.php(132): accessControl('any', Array, NULL)
#1 /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/PeriodicLogCollectorCompacter.php(104): PaloAltoNetworks\Sentinel\Devices\CsvFilesProcesser->processCSVLogs(NULL)
#2 /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/PeriodicLogCollectorCompacter.php(80): PeriodicLogCollectorCompacter->processCSVLogs(Array)
#3 /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/PeriodicLogCollectorCompacter.php(31): PeriodicLogCollectorCompacter->execute()
#4 /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/ClassLoader.php(69): PeriodicLogCollectorCompacter->start()
#5 /var/www/html/console/messaging/classes in /var/www/html/userManager/API/accessControl_CLI.php on line 23
11-30-2021 10:37 AM
I deleted the parquet files "SETTINGS - M. LEARNING - DATA ANALYSIS STRUCTURES FOLDER - DELETE Connections.parquet FILES" and then manually imported the last 30 Days of logs and the scheduled log import has been working for about a week now.
11-11-2021 08:28 AM
Can you send over a screenshot of your folder permissions for the PALogs and the folder within PALogs.
11-11-2021 09:51 AM
Can you also show the PALogs folder permissions as well?
11-11-2021 11:11 AM
That is represented by the first line "." ( current directory ). The second line ".." ( parent directory, in this case the root directory )
11-11-2021 11:27 AM
The PALogs folder itself should also be owned by www-data:expedition otherwise it cannot write to the folder within PALogs.
11-11-2021 12:58 PM
I change the group for the PALogs folder and did a recursive rights to 775. Thanks for the info. Should know tomorrow if that fixed the issue.
11-11-2021 01:31 PM
Thank you for the update and good luck with your migration.
11-12-2021 08:52 AM
Unfortunately the panReadOrders crashed again after the group ownership/permission changes to PALogs folder.
11-12-2021 11:06 AM
Hello @ChristopherMarston
Something could have become corrupted, can you run the following commands and show the output?
history | grep upgrade
11-12-2021 12:26 PM
I don't believe any OS or package upgrades have been done since the original install of Ubuntu 16.04.7 LTS
ubuntu@host:/home/userSpace$ history | grep upgrade
1101 history | grep upgrade
11-12-2021 03:13 PM
Hello @ChristopherMarston
Typically the cause is rabbitmq so if you perform the following steps it can resolve it.
apt-get remove rabbitmq-server && apt-get purge rabbitmq-server
then reinstall it
apt-get install rabbitmq-server
Sudo rabbitmq-server start
11-13-2021 07:33 PM
Performed the steps you recommended and still panReadOrders crashes when running on schedule. It may not be related but I had always added firewalls via Panorama device and then enabled ML with-in each device. I recently tried to enable ML on the Panorama device and then add it to a project selecting specific Device Group in the collector setup. The analyze stage would always hang so I gave up but it seems this problem has been occurring since then. I've since deleted the project I was using to test and went back to Device / Panorama and removed the path, auto-process, logs from syslog and saved the settings. It may be coincidental but it seems these issues started when tried doing ML on a Device Group as described above.
11-19-2021 07:52 AM
panReadOrders is still crashing requiring that I process logs manually/daily. Any help is appreciated.
11-30-2021 10:37 AM
I deleted the parquet files "SETTINGS - M. LEARNING - DATA ANALYSIS STRUCTURES FOLDER - DELETE Connections.parquet FILES" and then manually imported the last 30 Days of logs and the scheduled log import has been working for about a week now.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
