Minemmeld access error : EDL external dynamic list file either empty or not found

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Minemmeld access error : EDL external dynamic list file either empty or not found

L2 Linker

I am getting the follwoing error repetedly in PAN-OS 8.0.5

 

> tail mp-log ms.log
2017-10-18 21:14:53.743 -0700 Error: ebl_verify_fetched_copy(pan_cfg_ebl.c:2241): EDL entry(0x1068000, 0x1e760800, 0x12cb6000 vsys1/EDl-IP, 0, 1 ip) Old refreshed file type is either not a text file or empty file or no old file exist.
2017-10-18 21:14:53.743 -0700 Error: pan_ebl_system_ebl_show_handler(pan_cfg_ebl.c:7203): EDL external dynamic list file either empty or not found
2017-10-18 21:14:54.711 -0700 Error: ebl_verify_fetched_copy(pan_cfg_ebl.c:2241): EDL entry(0x1068000, 0x1e760800, 0x12cb6000 vsys1/EDl-IP, 0, 1 ip) Old refreshed file type is either not a text file or empty file or no old file exist.
2017-10-18 21:14:54.711 -0700 Error: pan_ebl_system_ebl_show_handler(pan_cfg_ebl.c:7203): EDL external dynamic list file either empty or not found

Please can someone help me correct this issue?....all URLS are accessiblke from PAN-OS.. 

1 accepted solution

Accepted Solutions

Works on PAN-OS 7.x...but not on PAN-OS 8.x.... 😞

View solution in original post

11 REPLIES 11

L5 Sessionator

Looks like an authentication error to me. Have you followed the thread at https://live.paloaltonetworks.com/t5/MineMeld-Discussions/Minemeld-Feed-Password-OR-api-security/td-... ?

Works on PAN-OS 7.x...but not on PAN-OS 8.x.... 😞

Hey @ausafali88,

 

Are you behind a proxy?

 

Regards,

Bo

Hello @borising

 

No..just a point ot point connection...it works in PAN-OS 7.x...

Hey @ausafali88,

 

Ok. The reason for asking, is that there is a bug in 8.0.x that doesn't allow EDL connections out through a proxy.

@ausafali88: are you using the original self-signed certificate distributed with MineMeld?

No generated a certificate using a CSR issued to a CA....

Hi @ausafali88,

checklist:

- are you using MineMeld standalone or MM in AutoFocus ?

- have you enabled feed authentication on MM ? If yes, have you configured EDL username and password in PAN-OS ?

- have you configured a certificate profile on PAN-OS ?

- if you download the API logs from MineMeld, do you see requests for the feed URL ?

 

Thanks,

luigi

I am having same problem and i can answer those questions.

 

checklist:

- are you using MineMeld standalone or MM in AutoFocus ?

**Minemeld Standalone

- have you enabled feed authentication on MM ? If yes, have you configured EDL username and password in PAN-OS ?
**. Yes it is enables but i am using anonymous tag

-- Selfsigned or CA

** CA (InCommon)

PA:

-- Panos 8.06

- have you configured a certificate profile on PAN-OS ?

**Yes i did. First i tried to do on panorama but looks like i can not use cert profile when i try to create EDL. So i went and create on one of my firewall but no log

- if you download the API logs from MineMeld, do you see requests for the feed URL ?
** Yes i see


 

Hi @akapucu,

 

did you have the chance to go through the excellent article published by @lmori regarding this topic at https://live.paloaltonetworks.com/t5/MineMeld-Articles/Connecting-PAN-OS-to-MineMeld-using-External-... ?

Yes, I went through and unless i am missing something. It will be really difficult to use via panorama as i can not use shared ssl profile in the list so it means i can not manage the "external list" from shared group panaroma.

 

  • 1 accepted solution
  • 15039 Views
  • 11 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!