This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Automation/API Discussions

Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.

cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Automation/API Discussions

Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.

About Automation/API Discussions

Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.

Discussions

Start a conversation

Resolved! With XML API, How does "Require audit comment on policies" check work? ( Panorama -> Management tab)

Settings

  • I believe adding/updating an Audit comment of a Policy rule is independent from making changes to the policies.
    • Operational command: Audit comment Update (type='op')

 

set audit-comment comment "paul manual edit" xpath​

 

  • Configuration command: Ma
...

HermanEdwards_1-1645848389351.png
HermanEdwards_0-1645848250022.png
HermanEdwards_2-1645848602426.png
HermanEdwards_3-1645850461552.png

XML API: How do I update the login-banner

Hello, 

 

I am trying to update the login-banner. I have tried this: 

 

https://<HOSTNAME>/api/type=config&action=get&xpath=/config/devices/entry[@name='localhost.localdomain']/deviceconfig/system/<login-banner>BANNER_VALUE</login-banner>&key=<APIKEY>
 
I
...

Rest-API gives invalid xml response

When receiving an error from the Panorama REST API, the platform is responding with what appears to be an invalid XML document. Here is the data in question:

<response><code>16</code><message>Invalid Credential</message><details><entry @type="CauseInf

...

morahman by L1 Bithead
  • 2479 Views
  • 2 replies
  • 0 Likes

Resolved! API command to enable/disable IPSec tunnel

Hi all,

 

I am trying to enable/disable an IPSec via the API but cannot produce a command that works.

 

I am currently trying this command to disable the tunnel

curl -X GET "<firewall-fqdn>//api/?&type=config&action=set&xpath=/config/devices/entry[@name="

...

Resolved! XML API: Do we need to specify "localhost.localdomain" in the Device entry name? Why can we leave Device entry name as blank?

Scenario: While reading the 10.1 Guide and XML API guide, I see:

  • Case1: actions where "localhost.localdomain" is included as the Device entry name in the xpath (e.g. "/config/devices/entry[@name='localhost.localdomain']/device-group/entry[@name='paul'
...

Resolved! Any way to change local user account password?

Forgive me for this question as automation is an on-going learning thing for me.

 

I'm trying to determine the best way to automate the process of changing the password for a local account on my firewalls en masse rather than logging into each one indi

...

USER-ID XML API Include Network

Hi,

I'm using two PA-850 in HA, Software Version 8.1.21

For our Wifi, we have a Clearpass server sending XML-API commands to our PaloAlto, to do IP/User Mapping, but the mapping doesn't work.

If I try to call the API directly (using https://myfirewall.c

...

rats by L1 Bithead
  • 3452 Views
  • 4 replies
  • 0 Likes

Moving BGP policy rules

Hi,

 

I'm trying to write Ansible automation to move a specific BGP import/export policy rule. Creating a BGP rule will automatically be added to the bottom of thel ist but as you can see we have default-import-deny rule(test_rule_top is used by the de

...

SebastianOlsen_1-1645690674489.png

Resolved! Ansible playbook to shutdown interface

Hi all!

 

I need help creating an Ansible playbook that shutdown one of the firewall interface.

 

I'm trying to do something like this:

 

[...]

collections:
  - paloaltonetworks.panos

 

tasks:

- name: "Interface down"
  panos_op:
    provider: '{{ provider }}'
   

...

sall13 by L1 Bithead
  • 4128 Views
  • 4 replies
  • 0 Likes

Resolved! Cannot set aggregate interface or subinterface zone

Hello,

 

I'm trying to update or create an aggregate interface or subinterface with a zone_name parameter.

 

Something like:

---

- hosts: all
name: CONFIGURE NEW AGGREGATE AND SUBINTERFACE IN EXISTING ZONE
connection: local
gather_facts: False

collection...

  • 1031 Posts
  • 69 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks