This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

No logs in the monitor > traffic tab?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

No logs in the monitor > traffic tab?

Ayush_paloalto
L0 Member

‎06-10-2019 11:18 PM

Hello All,


1.) I have just installed Palo Alto 7.1 in Eve-NG, and  made two interfaces as Vwire with zone Trust and Untrust.

2.) I am able to access access everthing (e.g. internet, ping, etc.) hence policies are working fine  as I have created a policy to allow everything from Trust to Untrust.

 

However I am not able to see any Traffic logs in the GUI it is blank.

Kindly see the below screenshot for your reference and let me know what's the reason please.

no logs.png


Thanks in advance.

0 Likes Likes
24 REPLIES 24

hshawn
L4 Transporter

‎06-11-2019 09:00 AM

This may sound obvious but make sure you are enabling the logging on  the security policies your traffic is hitting. you can log at session start and or sesssion end. 

OtakarKlier
Cyber Elite
Cyber Elite
In response to hshawn

‎06-11-2019 09:24 AM

Hello,

Also the default intra and inter zone policies do not log so you have to set them to log as well.

 

Regards,

MP18
Cyber Elite
Cyber Elite
In response to OtakarKlier

‎06-12-2019 09:26 PM

Yes i agree with Okta.

MP

Help the community: Like helpful comments and mark solutions.
0 Likes Likes

htawedrous
L0 Member

‎04-23-2020 11:52 AM

Hello,

Does anybody got a resolution? I have the same problem with a PA in EVE-NG. Tried 2 different images. thank you

0 Likes Likes

ravisingh.z
L0 Member

‎04-24-2020 02:06 PM

Same issue, logs are not showing in GUI and as well as CLI but logs are being written.

 

admin@PA-VM> show log traffic
Time App From Src Port Source
Rule Action To Dst Port Destination
Src User Dst User End Reason
Rule_UUid
====================================================================================================
admin@PA-VM> debug log-receiver statistics

Logging statistics
------------------------------ -----------
Log incoming rate: 1/sec
Log written rate: 1/sec
Corrupted packets: 0
Corrupted URL packets: 0
Corrupted HTTP HDR packets: 0
Corrupted HTTP HDR Insert packets: 0
Corrupted EMAIL HDR packets: 0
Logs discarded (queue full): 0
Traffic logs written: 120

 

0 Likes Likes

htawedrous
L0 Member
In response to ravisingh.z

‎04-24-2020 07:18 PM

I read that the VM needs to be licensed for monitoring, clustering and some other features to work. Not sure if it’s true

ACHABROUK
L0 Member
In response to htawedrous

‎05-09-2020 09:10 AM - edited ‎05-09-2020 09:29 AM

Yes the VM needs to be licensed, 

but you can still see some logs over 

 

Policies>security> "click on your rule" > usage 

 

Or-  from CLI 

> show session all 

 

thanks!

SyedHyder
L0 Member
In response to htawedrous

‎06-18-2020 09:56 AM

 

did you find a solution, I have the same problem...

0 Likes Likes

SyedHyder
L0 Member

‎06-18-2020 05:28 PM

 

Palo doesn't log on VM PAN OS without license...

 

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm2mCAC

ACHABROUK
L0 Member
In response to SyedHyder

‎06-18-2020 05:52 PM

you PAN needs to be licensed to see logs 😃 

0 Likes Likes

MP18
Cyber Elite
Cyber Elite
In response to ACHABROUK

‎06-18-2020 07:56 PM

Agree if it is VM its need license.

Learn something new today

MP

Help the community: Like helpful comments and mark solutions.
0 Likes Likes

JamesChim
L2 Linker

‎09-10-2020 12:17 AM

I have the PA-220 happen the same issue

 

The Traffic, Threat, URL Filtering and etc no log after the Aug-2020

 

Anyone know how to solve the problems?

0 Likes Likes

MP18
Cyber Elite
Cyber Elite
In response to JamesChim

‎09-15-2020 06:42 AM - edited ‎09-15-2020 07:29 AM

@JamesChim 

 

If you do not see any logs in GUI and it used to work before please go through these links

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClozCAC

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmA4CAK

 

Also as log rece listen on udp port 3012 so run below command 

 


PA)> show netstat listening yes numeric-ports yes all yes | match 3012
udp 0 0 mgmt:47390 mgmt:3012 ESTABLISHED
udp 0 0 *:3012 *:*

Regards

MP

Help the community: Like helpful comments and mark solutions.

ArendvanderKolk
L1 Bithead
In response to SyedHyder

‎10-17-2021 11:50 PM

My PAN-OS is licensed and also have no logs in the monitor. Logs at session end is on in the policy rules.

ArendvanderKolk_0-1634539750122.png

 

  • 49364 Views
  • 24 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks