Triage Commit Issues on Panorama
Table of Contents
Triage Commit Issues on Panorama
Triage commit issues on the Panorama™ management server to identify the reason your
commit failed.
Where Can I Use This? | What Do I Need? |
|---|---|
|
|
Triage commit issues on the Panorama management server to identify the reason why
your commit failed.
- Review the PAN-OS Release Notes to identify any limitations, changes to default behavior, or known issues that may cause your commits to fail.
- Review the Panorama Task Manager.
- SelectTasks.
- Locate the commit operation and make note of theJob ID, andStart Time.In theTypecolumn, clickCommitto view the job details.
- Review theValidation Errorsto understand what is causing the commit to fail. This will help you understand if the commit is failing on Panorama or on the firewall.
- Review the PAN-OS processes and process logs.
- Enable debug logs on Panorama for more verbose log outputadmin>debug management-serverReview the management processes to see if any are in a degradedState.This tells you which management process logs are impacting the commit failure. This is denoted in theProgresscolumn by an asterisk (*). TheClientcolumn displays the various management process related to a configuration commit.If this is showing no issues, then the commit failure is likely happening on the firewall. If that is the case, you will need to enter this command on the firewall CLI.admin>show management-clients
Review the Panorama log file to check for failures.In the below command, enter theClientexperiencing issues.admin>less mp-log <client>.logUse theStart Timeto locate the error causing the commit to fail. the reason the commit failed is indicated byCommit Failed.Log in to the firewall CLI and review the device server processes.admin>less mp-log devsrvr.logThis command also provides additional information about where the failure in the configuration commit process on the firewall. This will also show if External Dynamic Lists (EDL) are consuming too much device memory.
