07-23-2020 03:11 AM
We have five (5) devices managed through Panorama. Two of them are still generating logs, while three of them have stopped sending logs. Please assist.
it the logs Stops to receive from the device and The traffic and threat logs can be viewed when looking directly on the firewalls, but are not visible on Panorama
It has noted that panorama could not able to receive logs from 800 series firewalls But panorama able to receive the logs from the 5k series firewall.
Appliance: M-200
Firmware Version: 8.1.7
07-23-2020 03:24 AM
is log forwarding enabled on those devices that are unable to send?
Is the panorama accessible from the firewalls?
what is the output for show logging-status?
07-23-2020 03:46 AM
Thank you for the update,
I have followed this article too.. but the issue remains the same.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFCCA0
07-23-2020 04:33 AM
Hi @Mohammed_Yasin,
what version are you currently running?
I experienced similar problems on Panorama 9.0.5 - after upgrading to 9.0.9h1 it's fine again.
Logs were forwarded to Panorama, but not processed correctly.
In addition: Please check on tcp/3978 if the traffic is correclty send to panorama
Regards
Chacko
07-23-2020 04:35 AM
Thank you for the comment.
PAN-OS 8.1.7
07-23-2020 04:49 AM
any way you could give 8.1.15 a try, as .7 is already quite old and might have a bug?
07-23-2020 04:58 AM
I can see them from the device system monitor that,
( description contains 'Disconnected from Log collector Server: XX.XX.XX.X. , source: XX.XX.X.X' )
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
