Search the Community
Showing results for tags 'palo alto'.
Found 2 results
Here are some datasources we added to get better information on Palo Alto firewalls: Certificate Status: KFWLJ9 High Availability Detail: EMXWRR (this one includes a bunch of HA info, including HA link status, compat status and so forth. Many auto properties for reference on the local and peer units. All datapoints currently use the default alert templates, but I am hoping to extend that and leverage the auto properties for those messages) Support Status: 3YJJCZ License Status: DXEAP4 All use the XML API, so will require security review (no idea how long that takes).
Just in case this helps other customers... SYMPTOMS: The Windows collector installed ok and the two Collector services were running but the collector could not finish the verification/registration step and showing the 'flame alert' on Settings > Collectors screen. After some troubleshooting, we looked in the wrapper.log file on the collector and saw this error message: [MSG] [CRITICAL] [main::controller:main] [AgentHttpService.checkCertificateOrWait2Valid:1029] The santaba server is not trusted, and "EnforceLogicMonitorSSL" is enabled. Wait 1 minute to retry. Please check the network settings, or disable "EnforceLogicMonitorSSL" in agent.conf and restart collector The customer set up a whitelist on their Palo Alto firewall for *.logicmonitor.com and it started working (or list of ~15 IP address ranges). Alternatively you can lower security and change the agent.conf (config file) from EnforceLogicMonitorSSL=true to false.