WebsiteLinkedIn

PAN-OS and Panorama SSH/Manual Collection

If Epiphany's collectors can't reach your assets via an API or SSH, data can be manually collected for the network modeling process. A command line interface (CLI) connection to the devices will be needed, as well as a terminal emulator such as Putty or SecureCRT, capable of logging data presented via the show commands used.

Step 1:

  • Authenticate to the device.

  • Have the PAN-OS CLI output data in an XML format. Copy and paste the following commands into the CLI in operational mode:

set cli op-command-xml-output on

  • Get the full running configuration of PAN-OS or Panorama. Copy and paste the following commands into the CLI in operational mode:

show config running

Step 2:

  • Once all data is collected from the Palo Alto appliances, create a .zip named Collector_Upload_PANOS.zip containing the data from the Palo Alto appliances. To SCP the file to Epiphany's on-premises collector, continue to the next step.

Step 3:

  • Using a web browser, go to your Epiphany dashboard

  • Download the PEM file to the local device.

  • Once the PEM file is downloaded, it can be used to perform SCP of the compressed map folder to the Epiphany Collector.

Step 4:

Send the file to the ‘upload’ user using the following commands, based on your operating system:

  • Send the file to the ‘upload’ user using the following commands:

scp -i ~/.ssh/key.pem <Collector_Upload> upload@<Collector_IP>:~/upload

The PEM file and map file can be anywhere on the file system, so provide that file’s pathway for the SCP command.

PreviousAdd the SSH Credentials to EpiphanyNextHow Epiphany Interacts With the Palo Alto API/Console

Last updated