Can you change the name of the logs that are exported on the scheduled export? If you can export logs in 15 min intervals then the file name should change based on the 15 min right?
Expedition does not restrict the name.
If it has the standard name, it can directly identify the date it was generated.
If you are exporting every 15 minutes, only make sure that you do have different names for each file, otherwise they will overwrite each other.
I assume that you are exporting every 15 minutes because of the large size of the log files. Make sure as well that you will have space enough in your destination folder to host the number of files that you will require.
There is no option in the Scheduled export logs on the PanOS for defining a file name. So unless I write a script to rename files every 14 minutes it will always overwrite the last one exported.
Have you verified that PANOS does generate the same name for the export files?
I would assume that it generates the name to specify to which 15 minutes the logs belong to, but I may be mistaken.
Yes the log name is the same.
Looks like it only uses device name and date to name the file, so no time stamp in the name.
Yes, you will have to rename the file each time.
I guess that you are already scripting the export task to be done every 15 minutes (as the firewall only allows a daily export).
In your script, try to rename any existing file in Expedition with today's name prior to download the next 15 minutes of logs.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!