API URL Logs Issue

mehixiyo — Thu, 17 Feb 2022 05:13:10 GMT

In the below code - I"m using the API to query the URL logs. It works great.

What isn't returning though is the src.user field, if it's mapped. How can I get this value? Do I need to do a separate query?

# Build PAN API Connection and get token pan_conn = pan.xapi.PanXapi(api_username=args.pan_username, api_password=args.pan_password, hostname=args.pan_hostname, timeout=5.000, ssl_context=None) url = args.url tld = get_tld(url.replace("\\", ""), fail_silently=True) if tld is None: logger.warning('No TLD Returned, falling back to URL') tld = url elif tld: logger.info('Found TLD') # Set time window to look back if args.lookback == '15m': lookback_window = '15-minutes' elif args.lookback == '1h': lookback_window = 'hour' query = "(url contains '{0}') and (time_generated in last-{1})".format(tld, str(lookback_window)) action = 'log' log_type = 'url' options = { 'log': log_type, 'filter': query, 'print_xml': False, 'print_json': True, 'print_result': True, 'print_python': False, 'print_text': True } logger.info(url) logger.info(query) log = pan_conn.log(log_type=options['log'], filter=options['filter'], nlogs=20, timeout=30) print_status(pan_conn, action) print_response(pan_conn, options)

Re: API URL Logs Issue

aleksandar.astardzhiev — Fri, 18 Feb 2022 20:52:19 GMT

Hey @mehixiyo ,

Isn't the correct filed "user.src" not src.user? Are you sure you are looking for correct field?

topic Re: API URL Logs Issue in General Topics

API URL Logs Issue

Re: API URL Logs Issue