Panorama/Firewall not populating 'Region' while enabling the Logging-service option

Panorama/Firewall not populating 'Region' while enabling the Logging-service option

40310
Created On 09/25/18 19:36 PM - Last Modified 09/15/22 21:07 PM


Symptom


  • Configuring a PA firewall to forward logs for logging services
  • Running into an issue with the drop-down for 'Region' where it is empty and does not display the region on the Panorama or the firewall

Related Logs

  • The firewall will show errors when attempting to see customerinfo :

Screen Shot 2018-05-30 at 3.43.33 PM.png

  • lcaas_agent.log for logging-service shows '502 Bad Gateway' error

Screen Shot 2018-05-30 at 3.47.37 PM.png

 

Environment


  • Logging Service
  • Firewall / Panorama
  • Cortex Data Lake
  • Supported PAN-OS.

Cause


A mandatory step in the configuration is to enable log forwarding to Logging Services. Refer Start Sending Logs to Cortex Data Lake

Screen Shot 2018-05-30 at 3.44.20 PM.png

Resolution


  1. Enable the 'Region' on the Panorama by logging into the Panorama CLI and going into Configuration Mode
> set template <template_name> config deviceconfig setting logging logging-service-forwarding enable yes logging-service-regions <region>
> commit
  • <template_name> is the template the device is part of
  • <region> can be Americas, Europe, etc
  1. Push the changes to the firewall.
  2. Verify by navigating to the Device > Setup > Management page. Make sure the Region is populating correctly.

 

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClaACAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language