Scheduled Backups from Panorama to [location]

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Scheduled Backups from Panorama to [location]

Not applicable

(Think I know the answer to this already but...)

Panorama 4.1.14

We have a NAS that I would like to push automated exports to from Panorama. I would like to ftp export to a specific path (we don't use user Home paths) but can't seem to do it. Only the hostname is allowed. I gather SCP via the CLI would allow me to do this but I think not in an automated fashion. I've tried the same format as per SCP but it doesn't work. Anyone else backup using scheduled exports from Panorama to a NAS.

Thanks,

Screen Shot 2013-10-10 at 12.47.34.png   palo.jpg

1 accepted solution

Accepted Solutions

L7 Applicator

You are correct in thinking that will not work. As for now, there is no feature that supports the URI path on the FTP export.

You can use CLI for that, but as you mention it is not automated and you would need to use a script. I can see value in something like this, as the path might be different for each firewall you have even though the same user is configured on all firewalls (or Panoramas).

I'd recommend submitting a feature request through your account team to get something like that added. You may also want to check into the XML API that is available. You'd need to use an external server to run the script, but it may be a way around this for now. The only other thing I can think of is to create a symlink on the server for that directory, so when your 'paloadmin' account logs in it can copy the tgz locally but it will reside on the target directory.

Hope this helps,

Greg

View solution in original post

3 REPLIES 3

L7 Applicator

You are correct in thinking that will not work. As for now, there is no feature that supports the URI path on the FTP export.

You can use CLI for that, but as you mention it is not automated and you would need to use a script. I can see value in something like this, as the path might be different for each firewall you have even though the same user is configured on all firewalls (or Panoramas).

I'd recommend submitting a feature request through your account team to get something like that added. You may also want to check into the XML API that is available. You'd need to use an external server to run the script, but it may be a way around this for now. The only other thing I can think of is to create a symlink on the server for that directory, so when your 'paloadmin' account logs in it can copy the tgz locally but it will reside on the target directory.

Hope this helps,

Greg

L7 Applicator

Just as an FYI, PANOS 5.0.x for Panorama adds the functionality for FTP with path & SCP in the GUI as well:

Capture.PNG.png

Not applicable

Thanks both for the confirmation and for the extra info. I suppose I should soon bite the bullet and upgrade to 5.

For the meantime I have set up my FTP user's homes directory to route to my required location. Not pretty, but it will do for now.

  • 1 accepted solution
  • 3358 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!