Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
07-08-2014 02:05 PM
Hi all,
We had an issue today where we noticed the logging data stopped displaying in the Pan OS GUI (PA-500).. One thing we noticed is after committing a config change, it looks like the firewall was in the process of doing a sync with the backup device. I assume to resolve this problem we need to restart the dataplane? I'm surprised it allowed the commit to occur if a sync was in progress.
Bryan
07-08-2014 05:47 PM
Yes, NTP is the issue behind the error message "Server error: An error occurred. See dagger.log for information". Please check above mentioned KB DOC for the same.
Hope this helps.
Thanks
07-08-2014 05:51 PM
Hulk thanks so much for the help. The NTP server re-synched and now its showing true so it looks good now.
07-08-2014 08:51 PM
I think I spoke too soon. We are getting system log info etc. I tried checking just now and I notice the traffic log is not updating or displaying in the monitor. NTP seems to be fine.
I ran debug log-receiver statistics and the error "An error occured. See dagger.log for information." still appears.
I ran tail output after running debug log-receiver statistics and I see the following
KeyError: 'sw.logrcvr.runtime.opcmd'
admin@PA-500(active)> tail mp-log dagger.log
2014-07-08 20:44:23.567 -0700 OPCMD: handler "logrcvr_handler.debug_stats"
Traceback (most recent call last):
File "/usr/share/dagger/logrcvr.py", line 60, in debug_stats
resp_node = self.sdb.modify(name=op_node_name, object=op_node, timeout=60)
KeyError: 'sw.logrcvr.runtime.opcmd'
2014-07-08 20:45:11.212 -0700 OPCMD: handler "logrcvr_handler.debug_stats"
Traceback (most recent call last):
File "/usr/share/dagger/logrcvr.py", line 60, in debug_stats
resp_node = self.sdb.modify(name=op_node_name, object=op_node, timeout=60)
KeyError: 'sw.logrcvr.runtime.opcmd'
Is it possible I need to let the devices re-sync. Is there a command to manually force the devices to resync?
07-09-2014 04:24 PM
You can force the sync from the secondary cli using this command.
request high-availability sync-to-remote running-config
I doubt this is the issue but it can confirm what you want to confirm.
I would try to schedule a reboot of both nodes in turn after a sync confirmed. If the issue is still present I would open a case.
07-11-2014 02:22 PM
Thank you Steven. (and Hulk). You have been very helpful. We intend to reboot the devices. As you mentioned the sync did not resolve the issue. Very odd indeed. All other logs system logs etc are working fine except traffic and some of the threat logs.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
