Differences

This shows you the differences between two versions of the page.

--- paloaltonetworks:configuration:panorama [2020/05/19 09:49] – [Sizing Panorama] bstafford
+++ paloaltonetworks:configuration:panorama [2022/11/23 12:49] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
 ====== Panorama ======
+===== Setting Up Logging =====
+When setting up Panorama to be a log collector, you may need to run the following (or just reboot the VM).
+<code>debug software restart process management-server</code>
 ===== Disk Management =====
 If the disks disappear when setting up a new Panorama, you can re-add them with
@@ Line 80: / Line 83: @@
 Palo resources are [[https://docs.paloaltonetworks.com/panorama/9-1/panorama-admin/set-up-panorama/set-up-the-panorama-virtual-appliance/set-up-the-panorama-virtual-appliance-as-a-log-collector.html|here]].
-Step 1) Upgrade the Panorama VM from 7.1.10 to 8.0.2. Do not reboot the VM when the software prompts you.
+  - Upgrade the Panorama VM from 7.1.10 to 8.0.2. Do not reboot the VM when the software prompts you.
+  - Shutdown the Panorama VM. Incremend the CPU count (or number of cores) to 8 and RAM size to 16GB.
-Step 2) Shutdown the Panorama VM. Incremend the CPU count (or number of cores) to 8 and RAM size to 16GB.
+  - Add a new disk that is exactly 81 GB in VMware ESXi. It is strongly recommended to make this disk thick provisioned. However, for my testing I used thin provisioning.
+  - Boot the Panorama VM and make sure all is well. You should see in the Web GUI that Panorama is now running PAN-OS 8.0.2 and is in 'Legacy' mode.
-Step 3) Add a new disk that is exactly 81 GB in VMware ESXi. It is strongly recommended to make this disk thick provisioned. However, for my testing I used thin provisioning.
+  - Use ''show system disk details'' command to show disks. Status = Available means that the disk is in use (E.g. the current logging disk). If Status = Unavailable, it means that the disk is not being used and is (ironically) available for our use.
+  - Use the ''request system clone-system-disk target sdc'' command to clone the system disk to the new, larger disk. Change ''sdc'' as appropriate. Choose the disk that has a size of 82944 MB. This is 81GB in size. If all the pre-requisits are met, PAN-OS will then reboot the appliance and start copying data. This may take at least 10 minutes.
-Step 4) Boot the Panorama VM and make sure all is well. You should see in the Web GUI that Panorama is now running PAN-OS 8.0.2 and is in 'Legacy' mode.
+  - When the data copy is complete, you will have to manually power off the Panorama VM as you won't get a command prompt to do so.
+  - At this point, with the Panorama VM still powered off, remove (but do not delete) the original system disk. Then edit the new disk to use SCSI channel 0:0 instead of 0:2 (if applicable).
-Step 5) Use ''show system disk details'' command to show disks. Status = Available means that the disk is in use (E.g. the current logging disk). If Status = Unavailable, it means that the disk is not being used and is (ironically) available for our use.
+  - Boot the Panorama VM and make sure all is well. Log into the Web GUI and make sure everything seems in order.
+  - As we have a seperate logging disk, we need to add a secondary logging disk to the Panorama VM before we can migrate from Legacy mode to Panorama mode. Power off the system and add a secondary logging disk that is the same size as the current logging disk.
-Step 6) Use the ''request system clone-system-disk target sdc'' command to clone the system disk to the new, larger disk. Change ''sdc'' as appropriate. Choose the disk that has a size of 82944 MB. This is 81GB in size. If all the pre-requisits are met, PAN-OS will then reboot the appliance and start copying data. This may take at least 10 minutes.
+  - Boot the Panorama VM and make sure all is well. Log into the Web GUI and make sure everything seems in order.
+  - Run the following command to migrate from Legacy mode to Panorama mode ''request system system-mode panorama''. This will restart the Panorama VM.
-Step 7) When the data copy is complete, you will have to manually power off the Panorama VM as you won't get a command prompt to do so.
+  - When the Panorama VM has rebooted, log into the Web GUI and make sure everything seems in order.
+  - You now see logs in Panorama that were generated since the move from Legacy to Panorama mode. However, older logs are no longer visible. To access them, we need to migrate them with the following command ''request logdb migrate vm start''. **This can take a very long time (days) if you have a huge number of logs**. You can monitor progress of the migration with the following command ''request logdb migrate vm status''. You can pause the progress of the migration with the following command ''request logdb migrate vm stop''.
-Step 8) At this point, with the Panorama VM still powered off, remove (but do not delete) the original system disk. Then edit the new disk to use SCSI channel 0:0 instead of 0:2 (if applicable).
+  - When the migration is complete, power off the Panorama VM and remove (but do not delete... yet) the old logging disk. This should leave you with just one system disk and one logging disk.
+  - Boot the Panorama VM and make sure all is well. Log into the Web GUI and make sure everything seems in order.
-Step 9) Boot the Panorama VM and make sure all is well. Log into the Web GUI and make sure everything seems in order.
-Step 10) As we have a seperate logging disk, we need to add a secondary logging disk to the Panorama VM before we can migrate from Legacy mode to Panorama mode. Power off the system and add a secondary logging disk that is the same size as the current logging disk.
-Step 11) Boot the Panorama VM and make sure all is well. Log into the Web GUI and make sure everything seems in order.
-Step 12) Run the following command to migrate from Legacy mode to Panorama mode ''request system system-mode panorama''. This will restart the Panorama VM.
-Step 13) When the Panorama VM has rebooted, log into the Web GUI and make sure everything seems in order.
-Step 14) You now see logs in Panorama that were generated since the move from Legacy to Panorama mode. However, older logs are no longer visible. To access them, we need to migrate them with the following command ''request logdb migrate vm start''. **This can take a very long time (days) if you have a huge number of logs**. You can monitor progress of the migration with the following command ''request logdb migrate vm status''. You can pause the progress of the migration with the following command ''request logdb migrate vm stop''.
-Step 15) When the migration is complete, power off the Panorama VM and remove (but do not delete... yet) the old logging disk. This should leave you with just one system disk and one logging disk.
-Step 16) Boot the Panorama VM and make sure all is well. Log into the Web GUI and make sure everything seems in order.
 Note: Don't forget that you may need to create a collector and name the Panorama appliance as the collector. You then create a collector group with the Panorama as the only member. You then need to commit to Panorama and then push out to the device collector (which is effecticly pushing to itself).
@@ Line 135: / Line 123: @@
 'auth' is done. 0 records migrated.</code>
+===== Restart Elastic Search =====
+The following can be helpful if Panorama isn't getting logs.
+<code>debug elasticsearch es-restart option <tunnel|templates|service|all> </code>