Push custom signature using API

L1 Bithead

Push custom signature using API

Hello colleagues, how I can upload to firewall custom signature using api or cli interface?

Tags (3)
Community Manager

Re: Push custom signature using API

somthing along these lines: 

 

# set threats vulnerability 41000 direction both severity critical threatname mythreat signature standard mysignature scope session and-condition myandcondition or-condition myorcondition operator pattern-match pattern mYpAtTeRn context http-req-headers qualifier http-method value GET


Help the community: Like helpful comments and mark solutions
Reaper out
L1 Bithead

Re: Push custom signature using API

Thanks for the answer, can you give examples or a detailed description of the addition of a specific signature? And why such a limit of 4000 signatures? In this case, the question is brewing - does the firewall or VF-500 store any signatures or hashes of secure files somewhere, will they not go to the scan each time?

Community Manager

Re: Push custom signature using API

I don't think i fully understand your question No hashes are saved, except for wildfire uploads

Help the community: Like helpful comments and mark solutions
Reaper out
L1 Bithead

Re: Push custom signature using API

Please see this link https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClUdCAK you can see here that you can add signatures using the web interface, I’m interested in automating the addition of such rules, because doing it every time with your hands is a long and difficult task. Best of course if you can automate using API.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!