Palo Alto Firewall - Exporting Log Database via FTP/SCP is not working

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Palo Alto Firewall - Exporting Log Database via FTP/SCP is not working

L0 Member

Hello All,

 

We are currently doing a POC with Palo Alto firewall in a customer network.

 

The POC got successfully completed. But while exporting the log database from the appliance we are hitting we issues.

 

After checking the admin guides, found the logs can be exported via FTP on the "Scheduled log export".

 

Via GUI:

Provided the FTP path, credentials and schedule time as needed, but the export is somehow failing to start through FTP.

 

The system logs show the export status as "Failed to export via FTP"

 

Via CLI:

Enabled the "debug cli on" to track the FTP export process after executing the FTP export command.

 

After FTP command execution, the appliance is successfully logging into the FTP server(as seen on the debug logs) but soon logs out without any data export. But the system logs in the GUI shows as the export to be success started and file is created on the destination FTP folder.

 

Even tried to transfer through SCP with WinSCP, but the appliance never logs into the appliance for initiating the export.

 

Kindly let me know a way to export all the log-database inside the appliance without any hitches. We have tried searching all the KB articles on the export, but unfortunately not able to find any inputs on this part.

 

Adding to the export issue, there is no provision to track the export/transfer status in either GUI/CLI which is making things much worse.

 

Thanks in advance!

 

Regards,

-Bala

 

1 REPLY 1

L0 Member

Hi Balakrish,

 

Is there an update on the same

  • 1861 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!