For details on cookie usage on our site, read our Privacy Policy
Problems with importing logs
- LIVEcommunity
- Tools
- Expedition
- Expedition Discussions
- Problems with importing logs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Problems with importing logs
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-01-2018 04:58 PM
I've added a panorama device into Expedition and i'm trying to import logs that I've exported from panorama and am running into an issue. I put the csv file in /home/expedition/logs. The csv is called panorama.csv. /home/expedition/logs/* (logs path in expedition). I've changed changing permissions on the file/folder and ownership and no matter what, the csv doesn't show up in expedition for importing. Any ideas?
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-01-2018 05:33 PM
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-04-2018 02:22 AM
Expedition does filter by serial number. So when you dfined your Panorama you assigned a Serial there but inside the logs exported from panorama it will show the Serials from the Firewalls who were generating the logs so there is no coincidence and for instance you wont be able to see the CSV files under your Panorama....
The right approach will be adding Panorama, retrieve the connected devices and then from the devices imported into the one you want to focus then add the CSV files under it. From the project perpective you have to add panorama, import the panorama config and from the log connector select the devicegroup where your firewall is part and Expedition will take care of everything else.
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-06-2018 01:03 PM - edited 06-06-2018 01:04 PM
Ok, I've added my Panorama Device, retrieve connected devices and they show up. Now, I've scheduled a Log Export on my M-100 (Setup in Log Collector Mode Only), however I'm not getting the log into my /home/expedition/logs/ directory. I'm using SCP to send directly to my Expedition VM. Doing a LS on that directory, i see the ssh-export-test.txt file that's created when the export was setup. Any suggestions?
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-22-2018 11:37 AM
I'm still having this issue with a vm firewall that is not in panorama. I can see the log in the /home/expedition/logs folder but when using /home/expedition/logs/* and clicking on the search button it still is not finding any logs. I've tried this on other phsyical firewalls as well and expedition can't see any of them. Any thoughts?
- Trouble with Expedition Import Config and API Key Generation in Expedition Discussions
- When firewall traffic logs are imported into expedition, will security policies be automatically created? in Expedition Discussions
- Imported CSV log files not processing in Expedition Discussions
- Panorama log import in Expedition Discussions
- Expedition Release Notes for Hotfixes in Expedition Release Notes
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
