How to export all logs ( eg 5 moths detailed) to CSV or any other format?

Reply
Highlighted
L4 Transporter

How to export all logs ( eg 5 moths detailed) to CSV or any other format?

Hi All,

How to export all logs ( eg 5 moths detailed) to CSV or any other format?

From monitor -> logs -> traffic i tried to export to CSV but it showing only for one day, is there any way to export all logs?

In monitor -> Reports   it showing logs from From 4th Feb 2013 to till date, bur when i tried to export to CSV from logs -> traffic it is showing only one day logs.

Regards,

Gururaj

Highlighted
L4 Transporter

Hi

I can't help you, but I have related question.

How to export system log? It's impossible using Scheduled log export. Isthere any other way to export it CSV or any other format?

With regards

SLawek

Highlighted
L4 Transporter

SLV,

    You can export the system logs from the Monitor tab. You should see an icon in the upper right-hand corner that looks like the Excel icon. Clicking this will allow you to export the logs to a CSV file.

Craig

Highlighted
L4 Transporter

Guraj,

     You should be able to export your logs using the following CLI command:

scp export log traffic

The above command will work with tftp as well and has options (use ? after 'scp export log traffic') for the start time and end times to export. It is important to note that you may not have 5 months of logs on the device, depending on available storage and your logging configuration.

Craig

Highlighted
L4 Transporter

Hi Craig

Is this only possibility to do this? I prefer to use scheduler or CLI.

Anyway thank You so much, I missed this option.


Regards

Slawek

L4 Transporter

Slawek,

     No problem! The 'scp export log traffic' is a CLI command, so you could use something like an expect script to schedule downloads. You could also use the XML API to fetch a maximum of 5000 logs (using /api/?type=log&log-type=traffic&nlogs=).

Craig

Highlighted
L4 Transporter

Craig, are You sure that in traffic logs are data from system log?

From CLI

admin@PA> scp export log

> data       data

> threat     threat

> traffic    traffic

> url        url

> wildfire   wildfire

^^^^ this is the same like from GUI.

SLawek

Highlighted
L4 Transporter

Sorry, no. System logs would only be available from the GUI (I confused the posters in this thread, my mistake).

Craig

Highlighted
L5 Sessionator

Hello Gururaj,


Palo alto can export only 65535 lines by default in csv format.

You can modify this under Device->Setup->Management->'Logging and reporting settings'->Max Rows in CSV format.

You can specify up to 2Million as my knowledge.


Regards,

Hari Yadavalli

Highlighted
L5 Sessionator

Hi,

Hyadavalli you're right but  for me if you specify 2Million, for me it will be not take in concideration (in the past it make sense because there were a limit of 65000 line per Excel docuement)

But what you can do is export the first 65000 line, then change the date in your palo then export again ..

Not the lceanest way to do but it works :-)

After that keep in mind to configure fowarding profile per rule :-) - If you are end user, ask your reseller, there is easy way to do that through migration tool.

Hope clear

V.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!