This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About dmeier2
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About dmeier2
08-18-2015
4Posts
0Likes
0Solutions
Aug 18, 2015Last Visited
User
Activity
User
Profile
Latest posts by dmeier2
| Subject | Views | Posted |
|---|---|---|
| 1610 | 06-13-2013 04:21 PM | |
| 1736 | 06-13-2013 12:14 PM | |
| 1890 | 06-12-2013 08:16 AM | |
| 2090 | 06-11-2013 12:10 PM |
User Badges
Community Statistics
| Member Since | 12-06-2011 11:59 AM |
| Date Last Visited | 08-18-2015 09:07 AM |
| Posts | 4 |
06-13-2013
04:21 PM
I did find this particular article posted today: https://live.paloaltonetworks.com/docs/DOC-3154 This does describe my exact problem, however the workaround doesn't work for my particular case.
... View more
06-13-2013
12:14 PM
I have a deployment that has a pair of M-100s in HA and each of them has a full disk array that's split out into two separate log collector groups. It seems as if there's an issue of Panorama communicating to the collector devices that should be forwarding to the collector group. If I look at the local device I see: "'Log Collector log forwarding agent' is active and connected to x.x.x.x" However when I look at the statistics I see: traffic 2013/06/13 14:04:56 2013/06/13 14:05:13 40001 0 89 ...so I've sent 89 logs, and the last seq # is 40001, however the seq # is never acked (i.e. "0"). The firewalls are running 5.0.4 and Panorama is at 5.1. Thanks!
... View more
Labels:
- Labels:
-
Management
-
Panorama
06-12-2013
08:16 AM
Thanks! Is there any reason why both of those particular managed collectors need to be in separate log collector groups? Per the documentation it states that it's not recommended to have the M-100s in groups exceeding 4TB, however since the logs can't automatically be sent to either of the two in the group dynamically I'm not sure why it would matter. Is there a specific technical reason that this is the case or is it just a recommendation not to confuse the fact that if one of those M-100 collectors would go down that the firewalls sending logs to that particular unit wouldn't automatically switch over?
... View more
06-11-2013
12:10 PM
Probably an obvious question but the documentation doesn't seem to reference this directly... If I have 2 x M-100s in HA, by default they are in a state where the primary is listed within the "Managed Collectors". From what I understand the logs are not sync'd between the primary and secondary - only the configuration aspect of Panorama. With that in mind my assumption is that the secondary can act as it's own collector while operating in secondary mode. Is this a true statement? If that's the operational mode given this setup I'm going to also assume that, from either M-100 we should be able to leverage reporting which will correlate across both logging stores between the pair? Thanks!
... View more
Labels:
- Labels:
-
Management
-
Panorama
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
08-18-2015
09:07 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks