Clear configuration, logs, reports

Symptom:

Before returning the Palo Alto eval appliance, customer wants to erase configuration and logs.

Problem:

There are two supported ways to clear the data, both require the CLI.
There are two unsupported ways to clear the data, both require physical access and a screwdriver.

Solution:

First, you can clear the logs from the CLI by executing “request system private-data-reset”. This erases logs, but not reports. To clear reports, do “delete report …” from the CLI.

Second option is more thorough — factory reset. This requires the serial cable (9600,8N1).

1. power on the appliance device, while connected via serial, watch the boot sequence for the following message:
“Autoboot to default partition in 3 seconds.”
2. Select m to boot to maintenance partition
3. From the maint partition select ‘factory reset”.
4. At this point you will be prompted for a password, enter “MA1NT”
6. Allow the device to complete the boot sequence, then power off.

Third, an unsupported solution is to erase the drive. The SSD drive in the appliance is a standard SATA drive, can be DOD-wiped like any other SATA drive.

The final, and most effective solution, is to incinerate the SSD drive.   Palo Alto does not recommend this solution, but has not objected to it when required by a customer.

 

The final option is the most effective, and also cathartic.

Was this article helpful?

Related Articles

Leave A Comment?

You must be logged in to post a comment.