07-26-2017 11:48 AM
Hi,
I followed this post the other day and have been forwarding logs from my firewall for 2 days now, but without any hits, so I am wondering if I have done something wrong? I can see in a tcpdump dump on the minemeld server, that logs are received on port 13514/TCP. Also, the logs that are sent to minemeld are dropped traffic from an EDL, so the indicators should be present.
I am using the stdlib.localSyslog prototype, as I just want to know whits lists I hit.
Any ideas on how to troubleshoot this?
I'm using:
PAN-OS 8.0.3-h4
Minemeld v 0.9.40
09-05-2017 10:20 PM
Hi @lmori
My minemeld updated a couple of hours ago to 0.9.42 (good work with the backup!), but I still can't see any indicators in the syslog node, even that my firewall have sent plenty of logs since the upgrade.
How could we troublehsoot this further?
Have a great day!
09-20-2017 11:51 PM
Hi @lmori,
Do you think, there's a possibility that I can troubleshoot this someway myself?
Regards,
Bo
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
