Created On 09/25/18 18:40 PM - Last Modified 04/20/20 23:38 PM
Palo Alto Networks provides a public server where customers can directly upload core files to their cases and reach support. The server is under the FQDN: tacupload.paloaltonetworks.com
The use case allows customers to directly send core files from the devices to the server. Usually, when there isn't a local SCP or TFTP server on the network and the core files are required for further analysis, the following steps are a good solution.
Note: Have the case number and the email of the case contact nearby--these items are required to authenticate the user to the tacupload server.
Find the core files on the system to provide to support.
To see the core files:
> show system files
The output should be similar to this:
drwxrwxrwx 2 root root 4.0K Jun 23 17:53 crashinfo
-rw-r--r-- 1 root root 6.9M Jun 23 18:00 sslvpn_6.0.2_0.tar.gz
-rw-rw-rw- 1 root root 24K Jun 13 11:05 mgmtsrvr_6.0.2_0.info
-rw-rw-rw- 1 root root 6.6K Jun 23 17:53 sslvpn_6.0.2_0.info
Export the file using SCP.
Use the case number as the user (in the 00xxxxxx format) and the full email of the case contact as the password:
> scp export core-file management-plane from <filename>.tar.gz to email@example.com:/.
After the process completes, wait about 5 minutes and check the case management system to confirm that automatic comment for the file upload is added to the case.
This notification is also sent to the case owner.
The file is now added to the case directly from the firewall or Panorama.