Thank you for the post @Oblagonte
Could you please elaborate more on this issue? Do you mean that traffic log query is slow?
Could you please give more details regarding your Panorama model (VM or Physical Appliance) and deployment mode (Local Log Collector or Dedicated Log Collector)?
When this issue is happening, could you get an output from Panorama from: " show system resources"?
Yes, when filter has been set most of the time nothing happen and it will take time to come out only after click enter again. Sometime, when we want to export the traffic output, can see the log on the screen but nothing in export. When tried on the same filter set on the passive Panorama, the export come with the logs.
Panorama model is M-200 and how can we check our deployment mode?
Below is some of the log :-
top - 10:46:53 up 11 days, 3:01, 1 user, load average: 15.67, 13.36, 12.51
Tasks: 284 total, 1 running, 279 sleeping, 0 stopped, 4 zombie
%Cpu(s): 12.4 us, 1.9 sy, 0.0 ni, 75.6 id, 10.1 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 13086936+total, 3978876 free, 43752352 used, 83138144 buff/cache
KiB Swap: 7996 total, 0 free, 7996 used. 83099856 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
10991 es 20 0 2.903t 0.033t 2.280g S 300.0 27.1 23894:43 java
30317 20 0 44960 3764 1888 R 6.2 0.0 0:00.01 top
32087 nobody 20 0 2504644 40144 3508 S 6.2 0.0 0:09.38 httpd
Thank you for reply @Oblagonte
Based on your description there might be an issue with log collector on your active Panorama node.
Could you please confirm from CLI when you experience the issue the status of Elastic Search: show log-collector-es-cluster health
Could you also confirm from CLI incoming log rate: show log-collector detail
Please also check whether you see any crash files: show system files
What is PAN-OS version of Panorama?
@PavelK mentiones check this and the disks (depending if the panorama is also the log collector):
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!