Logging Enhancements on the Panorama Virtual Appliance
You can now create a Log Collector that runs locally
on the Panorama virtual appliance. Because the local Log Collector
supports multiple virtual logging disks, you can increase log storage
as needed while preserving existing logs. The local Log Collector
supports up to 12 virtual disks for 24TB of log storage on a single
Panorama virtual appliance and up to 48TB on a high availability
(HA) pair. Without a local Log Collector, Panorama supports only
one logging disk with up to 8TB of storage.
You
cannot deploy the Panorama virtual appliance as a Dedicated Log
Collector.
The virtual appliance supports NFS log storage
only in Legacy mode, not in Panorama mode. After switching to Panorama
mode, you must migrate the logs that are in the NFS storage to the
virtual disks on the local Log Collector.
After you
upgrade to Panorama 8.0, the Panorama virtual appliance will be
in Legacy mode by default. To enable support for a local Log Collector,
you must first increase resources on the appliance and switch it
to Panorama mode. The minimum resources include a larger system
disk (81GB), more CPUs and memory based on the log storage capacity,
and an additional virtual logging disk that has at least as much
capacity as is used for logs in Legacy mode.
If Panorama is
deployed in an high availability (HA) configuration, perform the
following steps on the secondary peer first and then on the primary
peer.
- Determine
which system resources you need to increase by accessing the Panorama CLI and
running the following command:
> request system system-mode panorama - Use your VMware ESXi vSphere Client to increase the memory and CPUs and to add a new system disk.
- Use the
Panorama CLI to copy the data from the original system disk to the
new system disk:
> request system clone-system-disk target sdb - Use the vSphere Client to remove Hard Disk 1 that is attached to Virtual Device Node 0:0.
- Assign the cloned Hard Disk from step 3 to Virtual Device Node 0:0.
- Use the
Panorama CLI to switch from Legacy mode to Panorama mode.
> request system system-mode panorama - (HA only) Repeat steps 1 through 6 on the primary Panorama to switch it to Panorama mode. This step triggers failover. After switching the mode, restore the primary Panorama to the active HA state and ensure both HA peers are functional.
- Use the Panorama CLI to migrate existing logs to the
new virtual logging disk. In an HA configuration, perform this only
on the primary Panorama.
> request logdb migrate vm start - To verify that the existing logs are available, log in to the Panorama web interface, select PanoramaMonitor, select a log type that you know matches some existing logs (for example, PanoramaMonitorSystem), and verify that the logs display.
Related Documentation
Set Up the Panorama Virtual Appliance with Local Log Collector
Set Up the Panorama Virtual Appliance with Local Log Collector After you upgrade from a Panorama 7.1 or earlier release to a Panorama 8.0 (or ...
Log and Report Storage
Log and Report Storage You can edit the default storage quotas for each log type. When a log quota reaches the maximum size, Panorama starts ...
Install Panorama on an ESXi Server
Install Panorama on an ESXi Server Use these instructions to install a new Panorama virtual appliance on a VMware ESXi server. For upgrades to an ...
Panorama Models
Panorama Models Panorama is available as one of the following virtual or physical appliances, each of which supports licenses for managing up to 25, 100, ...
Modify Log Forwarding and Buffering Defaults
Modify Log Forwarding and Buffering Defaults You can define the log forwarding mode that the firewalls use to send logs to Panorama and, when configured ...
Log Storage Partitions for a Panorama Virtual Appliance in ...
Log Storage Partitions for a Panorama Virtual Appliance in Legacy Mode Panorama > Setup > Operations By default, a Panorama virtual appliance in Legacy mode ...
Logging Failover on a Panorama Virtual Appliance in Legacy Mode
Logging Failover on a Panorama Virtual Appliance in Legacy Mode The Panorama virtual appliance in Legacy mode provides the following log failover options: Log Storage ...
Set Up the Panorama Virtual Appliance
Set Up the Panorama Virtual Appliance The Panorama virtual appliance enables you to use your existing VMware virtual infrastructure to centrally manage and monitor Palo ...