Find out more about errors you may see in log forwarding.
Where Can I Use This?
What Do I Need?
Prisma Access (Managed by Strata Cloud Manager)
Prisma Access (Managed by Panorama)
NGFW (PAN-OS or Panorama Managed)
NGFW (Managed by Strata Cloud Manager)
Strata Logging Service
When a problem occurs that disrupts the
flow of your log data to its destination, you may see an error in
the app UI. See the table below to find out what these errors mean
and, if applicable, how you can resolve them.
Error Message
Description
connection to server failed due to incomplete CA
chain
The CA chain provided by the server is incomplete.
Check that the certificate chain is complete. You can check this
by running
openssl s_client
on the server.
resolving host name failed
The IP address of the host could not be determined.
Make sure that you have a DNS entry for the host.
TLS handshake with server failed
Verify that you are using an allowed TLS version
and cipher suite. You can find this information in your server configuration.
subject alternative names do not match
The syslog server and the subject alternative name
(SAN) in the server certificate do not match.
connection to server failed due to revoked
cert in chain
The server certificate has been revoked. Contact
your CA to get a new one.
protocol error
An HTTP protocol error occurred. Verify that
the URI path exists.
TCP connection to server failed
The connection to the syslog or HTTP server timed
out. Verify that the server FQDN and port are correct and that a
server is listening at this FQDN and port.
Unable to save the profile because it is too large.
Please reduce the number of filters for different log types or the
number of columns in the filters and try again.
The profile that you are trying to save exceeds the size
limit.
Many factors determine the size limit: the number of log types,
filters, and columns, as well as the type of log message (CEF,
LEEF, HTTPS, EMAIL, or CSV).
To resolve this error, try distributing the number of log filters
among different log forwarding profiles. For example, if you
have a profile with ten filters and you see this error, try
creating two profiles with five filters each instead.
