05-20-2019 01:15 AM - last edited on 04-18-2024 12:33 PM by emgarcia
I've sucesfully connected FW 8.1.x to Data lake but am having issues connecting one on 9.0.1. Both are managed by the same Panorama (PAN-OS 9.0.1). The difference is that on non-working one I have disabled Panorma Policy and Objects. But logging service setting is under template setting anyway.
License seems to be ok. First error says "No certificate found" but there isn't any certificate configuration required for logging service. The second error says "Logging Service Preference List is malformed". No idea how to check/fix that.
Any Ideas?
The status it shows is:
@PA-3060> request logging-service-forwarding status
Logging Service Licensed: Yes
Logging Service forwarding enabled: Yes
Duplicate logging enabled: No
Enhanced application logging enabled: Yes
Logging Service License Status:
Status:
Status: success
Expiration date: June 22, 2019
Msg: License is valid
Last Fetched: 2019/05/16 10:44:43
Fetch:
Install:
Upgrade:
Logging Service Certificate information:
No certificate found
Logging Service Customer file information:
Info: Failed to fetch ingest/query FQDN for customer (curl failed)
Status: failure
Last Fetched: 2019/05/20 10:01:07
Logging Service Preference List is malformed
08-02-2019 03:51 AM
Only resetting the certificates didn't help in my case.
But this worked:
1. You should delete all the license keys for this Firewall and then fetch them back.
at the CLI:
delete license key ? delete each one
Fetch them back on the GUI
2. From the Panorama ...Panorama>Device Deployment>License.
Click refresh for this firewall
3. Delete the certificate
request logging-service-forwarding certificate delete
request logging-service-forwarding certificate fetch
4. Re-fetch customer info
request logging-service-forwarding certificate info
07-11-2019 09:50 AM
You can manually request the certificate.
This will show you the status of the cert
request logging-service-forwarding certificate info
This will fetch the cert
request logging-service-forwarding certificate fetch
Run the first command again in a few seconds to see that it was successful. The "status" link in the GUI should show successful connection.
I had to run this on all of my firewalls to get them working. The "Device Connected" dot stayed grey but data was flowing.
08-02-2019 03:51 AM
Only resetting the certificates didn't help in my case.
But this worked:
1. You should delete all the license keys for this Firewall and then fetch them back.
at the CLI:
delete license key ? delete each one
Fetch them back on the GUI
2. From the Panorama ...Panorama>Device Deployment>License.
Click refresh for this firewall
3. Delete the certificate
request logging-service-forwarding certificate delete
request logging-service-forwarding certificate fetch
4. Re-fetch customer info
request logging-service-forwarding certificate info
03-01-2020 06:38 PM
i ran into an apparent known issue where the initial registration MUST use the mgmt interface . on my home firewall i was using the dataplane for all services and would not register
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
