We are following Expedition-LogAnalysisGuide_v1.0.2.pdf to start using ML
Expedition is v1.1.12, BP v3.6.3, Task Manager is running and there are no internal checks to remediate
The firewalls are VMs running 9.0.1
In page 6 in the above doc, IP address 192.168.44.131 is used for Expedition. However, in page 7, a different IP is used in section Hostname: 10.30.11.50
Please confirm if the IP to configure in Schedule Log Report-Hostname should be the IP for Expedition.
We worked under this assumption, but we get the following error when clicking on Test SCP server connection: Error response from server: bash: /home/expedition/logs/ssh-export-test.txt: No such file or directory
What is causing this error and how can it be fixed?
Until the above is sorted, we would like to upload the logs manually, but the pdf does not include instructions on how to accomplish this:
MANUALLY EXPORT LOGS FROM MONITOR
You can always go to any firewall from Palo Alto Networks and from the Monitor tab export the logs in CSV format and upload that CSV file to Expedition for processing.
What is the process to manually upload the firewall logs onto Expedition?
... View more