PA-3020 AutoCommit fails - commit force fails

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

PA-3020 AutoCommit fails - commit force fails

L4 Transporter

Hey all!

I have a problem with my second passive PA-3020. (7.1.7)

We had a loss of power so the firewall was shutdown hard.

When it's booting now, the autocommit fails.

When I do a commit force, it says: "Threat database handler failed".

Then I stumbled over this link: https://live.paloaltonetworks.com/t5/Featured-Articles/Threat-Database-Handler-Commit-Error/ta-p/120...

When I do the request anti-virus upgrade install file, it says: "Server error : Failed to schedule an install  job".

 

Can someone help me?

 

Thanks!

11 REPLIES 11

L6 Presenter

Hi,

 

A couple of quick questions:
- Have you tried rebooting the firewall?

- Have you tried manually uploading the database?
- What other things have you tried?

You might need to do a factory reset to get this fixed.

Cyber Elite
Cyber Elite

Have you tried to download latest database from support portal, uploaded it manually and tried to install then?

 

Edit: @TranceforLife was faster 🙂

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

😄 

p.s We had exactly the same case with TAC. 

Yeah I rebooted the firewall, but still the same.

 

And I tried to manually install the antivirus:

 

"Server error : Failed to schedule an install  job".

 

 

You might need to reset the firewall to its default. At least this is what we were doing. Not the best solution but might be the only one way to bring the device back online.

and then restore the config or will there be the same problem?

Yes, just restore the confirm. This issue is not a configuration issue.

Community Team Member

Hi @MPI-AE,

 

The Threat database handler is a 'known' commit failure.

 

In most cases a corrupt AV signature database or Content database will cause these type of auto commit failures.   AV update process or Content update process might have been terminated abruptly without any indication to the user leaving the AV signature database corrupt  or Content database corrupt.

 

Usually a manual Anti-Virus install from the CLI will serve as a workaround for this issue.  Download the Anti-Virus file manually from https://support.paloaltonetworks.com and upload the same to the firewall. After the upload, use the following command to do the manual AV install from the CLI.

 

> request anti-virus upgrade install file

 

If the manual install workaround fails for some reason, then another workaround for this issue is described below:

 

  1. Remove the contents of the following folders (root access might be required ... contact Support for this):
    /opt/pancfg/mgmt/updates/curav/
    /opt/pancfg/mgmt/updates/oldav/
    Remove only the contents of the folder and leave the folders intact.
  2. Restart the device server process.
  3. Do a commit force. 

Hope it helps !

-Kiwi.

LIVEcommunity team member, CISSP
Cheers,
Kiwi
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.

Hey kiwi,

 

yeah that's it!

 

I had to contact TAC because I tried everything.

 

There were corrupted content files.

 

So TAC removed these files with root.

 

And then we were able to do the commit.

Hi @MPI-AE 

Did you fix it? If so , do you remember what was the solution ? 🙂

L0 Member

Hi there! Im facing the same issue here with a PA440 version 10.2.4

This failure, according to what I have been seeing in different forums. It is caused by Dynamic updates - AutoCommit fails - commit force fails. When I do the request anti-virus upgrade install file, it says: "Server error : Failed to schedule an install job". Also I realice that I lost the eth.Ports on the FW.

 

I have tried to apply the solution that @kiwi said, but without much luck, maybe I did something wrong.

 

Anyone that face the same issue that can help? or a guideline much more easy to understand?

Regards!

 

  • 19738 Views
  • 11 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!