Schedule Log Exports to an SCP or FTP Server

You can schedule exports of Traffic, Threat, URL Filtering, Data Filtering, HIP Match, and WildFire Submission logs to a Secure Copy (SCP) server or File Transfer Protocol (FTP) server. Perform this task for each log type you want to export.
You can use Secure Copy (SCP) commands from the CLI to export the entire log database to an SCP server and import it to another firewall. Because the log database is too large for an export or import to be practical on the following platforms, they do not support these options: PA-7000 Series firewalls (all PAN-OS releases), Panorama virtual appliance running Panorama 6.0 or later releases, and Panorama M-Series appliances (all Panorama releases).
  1. Select
    Scheduled Log Export
    and click
  2. Enter a
    for the scheduled log export and
  3. Select the
    Log Type
    to export.
  4. Select the daily
    Scheduled Export Start Time
    . The options are in 15-minute increments for a 24-hour clock (00:00 - 23:59).
  5. Select the
    to export the logs:
    (secure) or
  6. Enter the
    or IP address of the server.
  7. Enter the
    number. By default, FTP uses port 21 and SCP uses port 22.
  8. Enter the
    or directory in which to save the exported logs.
  9. Enter the
    and, if necessary, the
    Confirm Password
    ) to access the server.
  10. (
    FTP only
    Enable FTP Passive Mode
    if you want to use FTP passive mode, in which the firewall initiates a data connection with the FTP server. By default, the firewall uses FTP active mode, in which the FTP server initiates a data connection with the firewall. Choose the mode based on what your FTP server supports and on your network requirements.
  11. (
    SCP only
    Test SCP server connection
    . Before establishing a connection, the firewall must accept the host key for the SCP server.
    If you use a Panorama template to configure the log export schedule, you must perform this step after committing the template configuration to the firewalls. After the template commit, log in to each firewall, open the log export schedule, and click
    Test SCP server connection
  12. Click

Recommended For You