How to Upload Core Files Directly to Support

Details

Palo Alto Networks provides a public server where customers can directly upload core files to their cases and reach support. The server is under the FQDN: tacupload.paloaltonetworks.com

The use case allows customers to directly send core files from the devices to the server. Usually, when there isn't a local SCP or TFTP server on the network and the core files are required for further analysis, the following steps are a good solution.

Note: Have the case number and the email of the case contact nearby--these items are required to authenticate the user to the tacupload server.

Steps

Find the core files on the system to provide to support.

1. To see the core files:

> show system files

The output should be similar to this:

/var/cores/:total 6.9M

drwxrwxrwx 2 root root 4.0K Jun 23 17:53 crashinfo

-rw-r--r-- 1 root root 6.9M Jun 23 18:00 sslvpn_6.0.2_0.tar.gz

/var/cores/crashinfo:

total 32K

-rw-rw-rw- 1 root root  24K Jun 13 11:05 mgmtsrvr_6.0.2_0.info

-rw-rw-rw- 1 root root 6.6K Jun 23 17:53 sslvpn_6.0.2_0.info

2. Export the file using SCP.

Use the case number as the user (in the 00xxxxxx format) and the full email of the case contact as the password:

> scp export core-file management-plane from <filename>.tar.gz to case_number@tacupload.paloaltonetworks.com:/.

For example:

3. After the process completes, wait about 5 minutes and check the case management system to confirm that automatic comment for the file upload is added to the case.
    
4. This notification is also sent to the case owner. 

The file is now added to the case directly from the firewall or Panorama.

owner: ialeksov