Hi All,
I have seen this issue with other customers and I was able solve it with following steps :
- Delete Logging Service License key :
Rutger@panGW> delete license key Logging_Service_xx_xx_xx.key
successfully removed Logging_Service_xx_xx_xx.key
- Request license Fetch:
Rutger@panGW> request license fetch License entry:
License entry:
Feature: Logging Service
Description: Device Logging Service
Serial: xxxxxxxxx
Authcode:
Issued: July 29, 2019
Expires: July 27, 2022
Expired?: no
Log Storage TB: 1
- Check to see if the logging service region is being fetched.
In my case it was not so it was manually entered via cli:
Rutger@panGW> request logging-service-forwarding customerinfo show
Server error : Unable to read the LCaaS customer information. Please re-fetch region info
- Configure Location Manually via CLI:
Rutger@panGW> configure
Entering configuration mode
Rutger@panGW# set deviceconfig setting logging logging-service-forwarding logging-service-regions {LOCATION, Example Europe or Americas}
Rutger@panGW# exit
Exiting configuration mode
COMMIT YOUR CHANGES - Delete the logging service certificate
Rutger@panGW request logging-service-forwarding certificate delete
Successfully deleted Logging Service certificate.
- MANUALLY enter the PSK that you generated from the data lake
Rutger@panGW> request logging-service-forwarding certificate fetch-noproxy pre-shared-key YOUR_KEY_HERE
Successfully scheduled logging service certificate fetch job with a job id of 12
- Check the job ID it should say finished OK successful
Now your Firewall is onboarded with data lake
PS: in an active-passive cluster you only need to this on one of both firewalls, all the rest will be synced over the HA.
