Firewall telemetry logs are not populated on the Stata cloud Manager

Firewall telemetry logs are not populated on the Stata cloud Manager

5254
Created On 03/05/24 03:23 AM - Last Modified 12/18/24 22:17 PM


Symptom


  • Firewall is onboarded successfully to AIOPS
  • However, there are no logs shown under the device in the portal
  • Firewall shows the telemetry data upload is successful every time
  • The following logs can be seen from the configd.log indicating any of the lock files.
    firewall> less mp-log configd.log
    useradd: existing lock file /etc/subgid.lock without a PID
    useradd: cannot lock /etc/subgid; try again later.
    usermod: user '_cliuser' does not exist

Environment


  • Palo Alto Firewalls
  • PAN-OS 10.1 or above
  • Strata Cloud Manager

Cause


Software Issue.

Resolution


  1. Fix is available in PAN-OS 10.2.11 where a new command  "delete authentication system-lock-files" is introduced. Use this command to  delete the lock-files from CLI.
  2. For immediate fix, open a support case when the symptoms match so the support engineer can delete the lock files from the root. 

Additional Information


Refer this KB on why there is such a username logged in even if there is no such user configured on the device.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008XQ7CAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language