Log-Collector Issue with 10.x to 10.x

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Log-Collector Issue with 10.x to 10.x

L4 Transporter

Hi Community,

 

I have a strange situation, maybe someone can help:

Panorama on 10.0.6, Firewalls mostly on 9.1.x.

We onboarded the 1st 10.0.5/6 firewalls and noticed, that we don't receive any logs within our dedicated log collector.

The collector group is configured to receive logs from the new onboarded firewalls.

When looking in detail at ms.log and logging-service.log, I see SSL-Errors:

Chacko42_0-1623654697519.png

Any ideas?

We use the pre-defined certificates for panorama communication, but obviously, sth. changed with 10.0

 

Many thanks in advance

Best Regards
Chacko
1 REPLY 1

Cyber Elite
Cyber Elite

did you commit the newly onboarded config to 1) panorama 2) the collectors 3) the firewalls

in the commit dialog you can select 'edit selection' and then in the collectors tab, there you may need to check the box before the config is pushed to the collectors so they start accepting logs

 

on the firewall, check if it's aware it should be sending to a collector:

show log-collector preference-list 

> request log-collector-forwarding status 

 

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
  • 1987 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!