This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Scheduled Log Export Failure

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience. Visit our blog to learn more.

Scheduled Log Export Failure

MLaden
Not applicable

‎11-29-2012 06:47 PM


I have Scheduled Log Export but it's failing.  The system log reads "Failed exporting traffic log via ftp (last-calendar-day)".

If I run the export command via CLI, it runs successfully.

>ftp export log traffic start-time equal 2012/11/28@00:00:00 end-time equal 2012/11/28@23:59:59 to anonymous@hostname

Any ideas on why the Scheduled Log Export is failing?

Thank you,

Monica

2 people had this problem.
Labels:
0 Likes Likes
3 REPLIES 3

rmonvon
L6 Presenter

‎11-30-2012 11:32 AM

Monica...Please check the setting of the Scheduled Log Export for error(s).  You may want to contact Support to open case if you don't see any error(s).  Thanks.

ArkadiuszMatalewski
Not applicable

‎12-03-2012 03:44 AM

Have same problem manually i can export all logs w/o problems, but scheduled logs export stopped working after update to a PAN OS 5.0.

0 Likes Likes

bchaborek
L0 Member

‎12-18-2024 07:31 AM

Hello,

 

I just had the same/similar issue and came across this thread, this was the solution for me:

Environment: Panorama managed Highly Available NGFWs. Scheduled Config Export via SCP working from Panorama, Scheduled Log Export not working from managed NGFWs.

Error: 'Failed exporting traffic log via ssh (last-calendar-day) to <target>

 

From the firewall CLI a manual SCP works fine:

 

scp export log traffic to <user>@<target>:/home/logman/palogs/<firewall>-20241218x start-time equal 2024/12/18@07:00:00 end-time equal 2024/09/18@09:00:00
<user>@<target>'s password: <password>
Marking log as exported successfully...

Solution:

From TechNote: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/device/device-scheduled-log-...

"If you use a Panorama template to configure the log export schedule, you must perform this step after committing the template configuration to the firewalls. After the template commit, log in to each firewall, open the log export schedule, and click Test SCP server connection."

 

I logged on to each individual firewall which had received the configuration from Panorama and executed the Test SCP server connection, which sure enough I had to accept the RSA key of the target ssh server (note: I had already accepted the RSA key using the CLI of each firewall, I didn't realize I also had to do this on the webgui.)

My SSH logs are now exporting properly again. Note that if you have HA firewalls, you will need to do the webgui RSA acceptance on each individual device.

Accept RSA Key on Each Firewall DeviceAccept RSA Key on Each Firewall Device

0 Likes Likes
  • 3925 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks