PAN-OS and Panorama SSH/Manual Collection
If Epiphany's collectors can't reach your assets via an API or SSH, data can be manually collected for the network modeling process. A command line interface (CLI) connection to the devices will be needed, as well as a terminal emulator such as Putty or SecureCRT, capable of logging data presented via the show commands used.
Step 1:
Authenticate to the device.
Have the PAN-OS CLI output data in an XML format. Copy and paste the following commands into the CLI in operational mode:
set cli op-command-xml-output onGet the full running configuration of PAN-OS or Panorama. Copy and paste the following commands into the CLI in operational mode:
show config runningStep 2:
Once all data is collected from the Palo Alto appliances, create a .zip named Collector_Upload_PANOS.zip containing the data from the Palo Alto appliances. To SCP the file to Epiphany's on-premises collector, continue to the next step.
Step 3:
Using a web browser, go to your Epiphany dashboard
Download the PEM file to the local device.
Once the PEM file is downloaded, it can be used to perform SCP of the compressed map folder to the Epiphany Collector.
Step 4:
Send the file to the ‘upload’ user using the following commands, based on your operating system:
Send the file to the ‘upload’ user using the following commands:
scp -i ~/.ssh/key.pem <Collector_Upload> upload@<Collector_IP>:~/uploadThe PEM file and map file can be anywhere on the file system, so provide that file’s pathway for the SCP command.
Enable OpenSSH Client on Windows 10 by going to Settings > Apps and features > Optional Features
Select Add a feature.
Search for OpenSSH Client. If it's not already installed, install it.
Open a command prompt and use the following command:
scp -i ~/.ssh/key.pem < Collector_Upload> upload@<Collector_IP>:~/uploadThe PEM file and map file can be anywhere on the file system, so provide that file’s pathway for the SCP command.
Last updated