12-13-2013 01:35 AM
Hi All,
How to export all logs ( eg 5 moths detailed) to CSV or any other format?
From monitor -> logs -> traffic i tried to export to CSV but it showing only for one day, is there any way to export all logs?
In monitor -> Reports it showing logs from From 4th Feb 2013 to till date, bur when i tried to export to CSV from logs -> traffic it is showing only one day logs.
Regards,
Gururaj
12-13-2013 02:27 AM
Hi
I can't help you, but I have related question.
How to export system log? It's impossible using Scheduled log export. Isthere any other way to export it CSV or any other format?
With regards
SLawek
12-13-2013 03:58 AM
SLV,
You can export the system logs from the Monitor tab. You should see an icon in the upper right-hand corner that looks like the Excel icon. Clicking this will allow you to export the logs to a CSV file.
Craig
12-13-2013 04:02 AM
Guraj,
You should be able to export your logs using the following CLI command:
scp export log traffic
The above command will work with tftp as well and has options (use ? after 'scp export log traffic') for the start time and end times to export. It is important to note that you may not have 5 months of logs on the device, depending on available storage and your logging configuration.
Craig
12-13-2013 04:43 AM
Hi Craig
Is this only possibility to do this? I prefer to use scheduler or CLI.
Anyway thank You so much, I missed this option.
Regards
Slawek
12-13-2013 05:46 AM
Slawek,
No problem! The 'scp export log traffic' is a CLI command, so you could use something like an expect script to schedule downloads. You could also use the XML API to fetch a maximum of 5000 logs (using /api/?type=log&log-type=traffic&nlogs=).
Craig
12-13-2013 09:01 AM
Craig, are You sure that in traffic logs are data from system log?
From CLI
admin@PA> scp export log
> data data
> threat threat
> traffic traffic
> url url
> wildfire wildfire
^^^^ this is the same like from GUI.
SLawek
12-14-2013 04:00 AM
Sorry, no. System logs would only be available from the GUI (I confused the posters in this thread, my mistake).
Craig
12-14-2013 04:11 AM
Hello Gururaj,
Palo alto can export only 65535 lines by default in csv format.
You can modify this under Device->Setup->Management->'Logging and reporting settings'->Max Rows in CSV format.
You can specify up to 2Million as my knowledge.
Regards,
Hari Yadavalli
12-14-2013 06:14 AM
Hi,
Hyadavalli you're right but for me if you specify 2Million, for me it will be not take in concideration (in the past it make sense because there were a limit of 65000 line per Excel docuement)
But what you can do is export the first 65000 line, then change the date in your palo then export again ..
Not the lceanest way to do but it works 🙂
After that keep in mind to configure fowarding profile per rule 🙂 - If you are end user, ask your reseller, there is easy way to do that through migration tool.
Hope clear
V.
12-15-2013 08:00 AM
Hi Vince
According to Excel specifications and limits - Excel - Office.com
65000 limitation is for .xls file (for Office XP and older). Nevers version (.xlsm) has Worksheet size 1,048,576 rows by 16,384 columns.
Regards
Slawek
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
