How to revert a configuration push to a Collector Group

How to revert a configuration push to a Collector Group

6056
Created On 06/03/21 10:45 AM - Last Modified 01/12/23 04:09 AM


Objective


How to revert the change on Log collectors when they are disconnected?

Details:
  • The configuration push to a Collector Group has been successful, but the associated Log Collector(s) are now seen as disconnected.
  • The change is reverted on Panorama, but it is not possible to push to disconnected devices.
  • How to revert the change on the Log Collector(s)?

Environment


  • Panorama with Dedicated Log Collectors.
  • PAN-OS 8.1 or higher.

Procedure


  1. Connect to the Log Collector via SSH
  2. Change the configuration output 
    > set cli config-output-format set
  3. Go into configuration mode 
    > configure
  4. Search for the configuration that needs to be removed. 
    # show | match xxxx
  5. Select the configuration lines to be removed 
    # show | match secure-
set deviceconfig setting management secure-conn-server ssl-tls-service-profile xxx
set deviceconfig setting management secure-conn-client certificate-type local certificate-profile yyyy
  6. Replace the keyword "set" with "delete" for the configuration lines to be removed.
    Note: The whole configuration section is being removed. 
    # delete deviceconfig setting management secure-conn-server 
# delete deviceconfig setting management secure-conn-client
  7. Commit the configuration change. 
    # commit


Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000001VXRCA2&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language