Logs to Panorama, log forwarding for security policies.
Hello very good afternoon, here again I can count on your collaboration, thank you very much for the help, the support and the valuable information you share.
I have the following doubt, currently I have Panorama and has managed a few hundred firewalls, now the issue is that some are not sending their logs and checking, there is no forwarding profile, at the policy level. Here is the issue, there are firewalls with 1500, 2000, 2500 policies ... and go one by one adding the log forwarding profile to send traffic logs to PANORAMA, it will be eternal, thinking of firewalls managed by Panorama and automate a little this configuration of log forwarding in a lot of policies, what would be the recommendations to run this, thinking of firewall managed from Panorama and not Standalone.
Thank you very much for your support, help and collaboration, I remain attentive to your comments.
Hello Reaper, thank you for your reply.
If I have that doubt, because in this case, if this should be configured through set commands from Panorama ? or should I do it on each firewall ?
-From Panorama, the advantage is to be able to apply it to all device groups.
-If I do it directly on the firewall, bad practice, because the idea is that it is all configured from Panorama, but in the case that I configure it from the firewall directly, then how do I make these settings, ONLY these settings, merge with the policies controlled from the device-group.
I remain attentive to your comments, thank you very much.
You could look into installing "expedition" migration tool and running your configuration through, or try running a BPA/BPA+... I'm not 100% sure but I think it generates a bunch of set commands you can simply copy/paste to fix that