How to verify redundancy is happening in a Log Collector Group

How to verify redundancy is happening in a Log Collector Group

2128
Created On 10/28/22 15:07 PM - Last Modified 07/09/24 02:27 AM


Objective


To verify if redundancy is enabled and is working on real time.

Environment


  • Any Panorama configured as Log Collector
  • Supported PAN-OS
  • Log collector Group
  • Redundancy enabled

Procedure


  1. Run the command "show log-collector-group name <name of CG>"
  2. Check the value for Redundancy: It should display "Redundancy enabled"
  3. To check the example of redundancy working, "debug elasticsearch es-state option shards" can be used For every primary shard, one will see replica shard. The primary shard is denoted by "p" and replica shard is denoted by "r"
pan_20221014_all_dcampslab0002 1 r STARTED 4613 1.1mb 127.0.0.1 dcampslab0001
pan_20221014_all_dcampslab0002 1 p STARTED 4613 1.1mb 127.0.0.1 dcampslab0002
pan_20221014_all_dcampslab0002 3 r STARTED 4621 1.1mb 127.0.0.1 dcampslab0001
pan_20221014_all_dcampslab0002 3 p STARTED 4621 1.1mb 127.0.0.1 dcampslab0002


Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000sZl5CAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail