- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- CN-Series
- VM-Series:
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
Security Operations
- Resources
- COVID-19 Response Center
- LIVEcommunity
- Collaboration
- Discussions
- General Topics
- Panorama Confusion
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Panorama Confusion
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-20-2019 06:19 AM
I have a PA-3020 V8.1.7 and Panoram V8.18 VM (ESX)
I simply require Panorama to both manage the 3020 and collect it's logs.
I have tried to follow endless instructions on how to achieve this but now seem to be struggling with different Panorama modes and log collectors...
I have added the additional 2T disc as required and although I can manage the firewall via templates I cannot collect any logs from it.
3020 cli show log-collector preference list ... Log collector preference list does not exist.
any further advice please...
Many thanks in advance.....
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-20-2019 02:21 PM
Hmmm, make sure you have setup a log forwarding profile on the FWs to PUSH the logs to the Panorama.
I did not see that you had done this yet.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-20-2019 10:01 PM
run this command on the FW
show logging status
on the PAnorama run this command
show logging-status device serial no?
try restarting the log receiver on fw
debug software restart process log-receiver
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-21-2019 02:25 AM
Thanks for your replys
@SteveCantwell yes, good point but i do have a log forward profile configured. not sure if it's working but it's there...
@MP18 as below. I think my issue is with Panorama. do you run a similar setup. if so.. do you have a local log collector configured on Panorama VM. the instructions say that after I have added another 2TB and restart panorama it will auto add a local log collector but this is not happening.
I will post this instruction when i find it again.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-21-2019 02:31 AM
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-21-2019 02:35 AM
this is what should happen..
Return to the Panorama CLI and run the following command.
> request system system-mode panorama
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-21-2019 02:39 AM
also...
this is the output from Panorama disk details.
i would have thought that the 2TB logging disk should be seperate.
admin@Panorama> show system disk details
Name : sdb
State : Present
Size : 2097152 MB
Status : Available
Reason : Admin enabled
admin@Panorama>
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-21-2019 02:58 AM
cancel previous on what should happen, i am now doing a new install via this documentation.
but could someone confirm if i still need to use a local log collector.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-21-2019 03:57 AM
ok getting better... so will need to re visit this on Monday. thanks all for your help.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
06-22-2019 10:37 PM
Yes you will need local log collector --default ----if you do not have any external log collector like M500
- Knowledge sharing: restarting palo alto processes , reboot , shutdown, factory default reset in General Topics
- Failed to backup mongo DB after upgrading to 10.1 in General Topics
- Log-Collector Issue with 10.x to 10.x in General Topics
- Change all IP address for firewall HA pair managed in Panorama in General Topics
- Panorama and Firewall Upgrade path from 9.1.6 to 10.0.5 in Best Practice Assessment Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
