Automation/API Discussions

Resolved! With XML API, How does "Require audit comment on policies" check work? ( Panorama -> Management tab)

Settings

• I believe adding/updating an Audit comment of a Policy rule is independent from making changes to the policies.
  
  • Operational command: Audit comment Update (type='op')

• Configuration command: Ma

Resolved! API command to enable/disable IPSec tunnel

Hi all,

I am trying to enable/disable an IPSec via the API but cannot produce a command that works.

I am currently trying this command to disable the tunnel

curl -X GET "<firewall-fqdn>//api/?&type=config&action=set&xpath=/config/devices/entry[@name="

Resolved! XML API: Panorama: How to Create/Get/Update the field "Audit Comment" of a Security Policy rule?

Settings

• Panorama version: 10.1 (latest)
• When creating/updating a Security Policy rule (see attached images for more info), I'm able to add/update Audit comment for a rule via Web browser by following this guide https://docs.paloaltonetworks.com/pan-os

Resolved! XML API: Do we need to specify "localhost.localdomain" in the Device entry name? Why can we leave Device entry name as blank?

Scenario: While reading the 10.1 Guide and XML API guide, I see:

• Case1: actions where "localhost.localdomain" is included as the Device entry name in the xpath (e.g. "/config/devices/entry[@name='localhost.localdomain']/device-group/entry[@name='paul'

Resolved! Any way to change local user account password?

Forgive me for this question as automation is an on-going learning thing for me.

I'm trying to determine the best way to automate the process of changing the password for a local account on my firewalls en masse rather than logging into each one indi

Resolved! Ansible playbook to shutdown interface

Hi all!

I need help creating an Ansible playbook that shutdown one of the firewall interface.

I'm trying to do something like this:

[...]

collections:
  - paloaltonetworks.panos

tasks:

- name: "Interface down"
  panos_op:
    provider: '{{ provider }}'
   

Resolved! Starting point for objects.AddressObject searches - pandevice

Hello all,

I am trying to take it slow in regard to automation with the initial task being the identification of address objects that need to removed when a server or workstation is decommissioned. Would like to leverage python and

the pandevice modul

Resolved! Cannot set aggregate interface or subinterface zone

Hello,

I'm trying to update or create an aggregate interface or subinterface with a zone_name parameter.

Something like: