No logs in the monitor > traffic tab?

Ayush_paloalto · ‎06-10-2019

Hello All,

1.) I have just installed Palo Alto 7.1 in Eve-NG, and made two interfaces as Vwire with zone Trust and Untrust.

2.) I am able to access access everthing (e.g. internet, ping, etc.) hence policies are working fine as I have created a policy to allow everything from Trust to Untrust.

However I am not able to see any Traffic logs in the GUI it is blank.

Kindly see the below screenshot for your reference and let me know what's the reason please.

Thanks in advance.

hshawn · ‎06-11-2019

This may sound obvious but make sure you are enabling the logging on the security policies your traffic is hitting. you can log at session start and or sesssion end.

OtakarKlier · ‎06-11-2019

Hello,

Also the default intra and inter zone policies do not log so you have to set them to log as well.

Regards,

MP18 · ‎06-12-2019

Yes i agree with Okta.

MP

Help the community: Like helpful comments and mark solutions.

htawedrous · ‎04-23-2020

Hello,

Does anybody got a resolution? I have the same problem with a PA in EVE-NG. Tried 2 different images. thank you

ravisingh.z · ‎04-24-2020

Same issue, logs are not showing in GUI and as well as CLI but logs are being written.

admin@PA-VM> show log traffic
Time App From Src Port Source
Rule Action To Dst Port Destination
Src User Dst User End Reason
Rule_UUid
====================================================================================================
admin@PA-VM> debug log-receiver statistics

Logging statistics
------------------------------ -----------
Log incoming rate: 1/sec
Log written rate: 1/sec
Corrupted packets: 0
Corrupted URL packets: 0
Corrupted HTTP HDR packets: 0
Corrupted HTTP HDR Insert packets: 0
Corrupted EMAIL HDR packets: 0
Logs discarded (queue full): 0
Traffic logs written: 120

htawedrous · ‎04-24-2020

I read that the VM needs to be licensed for monitoring, clustering and some other features to work. Not sure if it’s true

ACHABROUK · ‎05-09-2020

Yes the VM needs to be licensed,

but you can still see some logs over

Policies>security> "click on your rule" > usage

Or- from CLI

> show session all

thanks!

SyedHyder · ‎06-18-2020

did you find a solution, I have the same problem...

SyedHyder · ‎06-18-2020

Palo doesn't log on VM PAN OS without license...

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm2mCAC

ACHABROUK · ‎06-18-2020

you PAN needs to be licensed to see logs 😃

MP18 · ‎06-18-2020

Agree if it is VM its need license.

Learn something new today

MP

Help the community: Like helpful comments and mark solutions.

JamesChim · ‎09-10-2020

I have the PA-220 happen the same issue

The Traffic, Threat, URL Filtering and etc no log after the Aug-2020

Anyone know how to solve the problems?

MP18 · ‎09-15-2020

@JamesChim

If you do not see any logs in GUI and it used to work before please go through these links

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClozCAC

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmA4CAK

Also as log rece listen on udp port 3012 so run below command

PA)> show netstat listening yes numeric-ports yes all yes | match 3012
udp 0 0 mgmt:47390 mgmt:3012 ESTABLISHED
udp 0 0 *:3012 *:*

Regards

MP

Help the community: Like helpful comments and mark solutions.

ArendvanderKolk · ‎10-17-2021

My PAN-OS is licensed and also have no logs in the monitor. Logs at session end is on in the policy rules.

No logs in the monitor > traffic tab?

No logs in the monitor > traffic tab?

Show your appreciation!