Automation and Orchestration Tools and Technologies

When configuring and managing the Palo Alto Networks Next-Generation firewall for scale and agility, it’s nice to have a collection of tools to automate activities and events. Our Automation and Orchestration tools and technologies provide a collection of open, extensible projects that help you take the next step. Learn about these tools with detailed documents and join in the discussions with other users to get the most from these resources.

Automation Projects

Available Automation Tools


Automation for Everyone. Ansible is designed around the way people work and the way people work together. Learn more

Device Framework Device Framework

Device Framework enables non-programmers to create sophisticated automations that leverage the PAN-OS API. Learn more

Automation Blog

Using Ansible For Firewall SEC Policy Change Management Process

post time: yesterday

Manage security policy changes using the power of the Palo Alto Networks custom Ansible modules and Ansible ‘pull’ feature.



Using Ansible to Automate & Accelerate AWS Deployments

post time: yesterday

This video shows how to use Ansible to automate and accelerate AWS deployments.


Palo Alto Networks Device Framework

post time: Jun 8, 2017 2:03:55 PM

The Palo Alto Networks Device Framework is a powerful tool, offered as a python library, to create automations and interactions with PAN-OS devices including Next-generation Firewalls and Panorama.

Ansible and Palo Alto Networks Firewall

post time: Apr 3, 2017 2:38:27 PM

The combination of Ansible and Palo Alto Networks modules address the most common applications of automation and orchestration of the Palo Alto Networks VM-Series NGFW (Next Generation Firewall) for both public and private cloud deployments.

Automation / API Discussions

Have questions about automation APIs? Join the Live Community to post your questions and get answers.
Author Topic Views Replies
posted: Friday updated: Friday

User ID Count

Im using this operational command to pull out the number of mapped users by the user id:<show><user><ip-user-mapping><all><...

17 2
posted: 2 weeks ago updated: 2 weeks ago

XML API - Get thret ID and CVE (version 8.0)

Hello. Working with firewalls on version 7 with a query to the following path: xpath=/config/predefined/threats/vulnerability  I was able to...

34 2
posted: Jun 20, 2017 9:25:41 PM updated: Jun 21, 2017 11:32:46 PM

Commit and push in Panorama 8.0.3

Is there an API command to do a commit and push in Panorama in 8.0.3? I can only find a commit to panorama or a commit to template. The issue is that ...

50 1
posted: Jun 15, 2017 6:42:58 AM updated: Jun 21, 2017 11:42:22 AM


Hi, We have a development what extract the configuration via rest api and analize this. In a firewall with vsys and panoroma, i have this pr...

20 2
posted: Jun 13, 2017 3:35:29 PM updated: Jun 22, 2017 3:16:45 PM

Query External Dynamic List Content

If I have a list of IP addresses, is there a way to query a PA to see if the listed IP addresses are contained within an EDL? This would be a large li...

37 1