I need some clarification on exporting logs and how to read the logs (if possible) in PA.
1) From reading the discussion forums I see that SCP export only works if the target is a *nix system.
a) Is this correct?
b) Why isn't this in the help file? I've been trying to use WinSSHD.
2) I realize the exported logs could be large (several gigs).
a) Once exported, how do I read the logs? Can I use my firewall to read an external log file?
b) If I can't use my firewall, are the log files easily imported and manipulated using Excel or will I need to put them in a database and build queries?
3) My implementation of PA is small.
a) It seems that Panorama is the way to go for reporting on and retaining log files, but does it make sense for a small implementation?
b) Is there a PanoramaLite version of any kind that would make sense (cheaper) for smaller environments?
Generally I have seen scp export for logs are used only to back up logs or load it after any changes being done on the device and so on.
Yes the file which is exported is generally exported to a firewall and hence its not readable in excel or so on. As Panos works on *nix base it is in the same format.
So it can be exported as a file and loaded back to same firewall or any firewall to see the logs back again on the firewall. I have not seen any panorama lite as such my best suggestion is to implement Syslog and forward the required logs on an external server.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!