This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Automation/API Discussions

Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Automation/API Discussions

Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.

About Automation/API Discussions

Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.

Discussions

Start a conversation

Resolved! adding object to specific device group via panorama and API

Add addressobject to specific device group through panorama via pythonOk, i will first start by saying ive never attempted anything like this before. Im an old school network engineer but times are a changing and im trying to learn how to automate simple tasks. All I need to do is promt the user to enter and IP address and then add that IP Addre...

Resolved! Client want to reset vpn tunnel though API tools

Hi Guys, We have site to site vpn tunnel to client . Now client have tools that can call api from our side that can see vpn tunnel is down or not and reset it. But how we can give access to api to only specifi vpn tunnel to reset like ( clear & test ) /api/?type=op&cmd=<test><vpn><ike-sa><gateway></gateway>...

NavidAlam by L3 Networker
  • 4934 Views
  • 3 replies
  • 0 Likes

Getting 400 Bad Request when trying to create security policy rule

I'm trying to create a security policy rule using the REST API but I keep getting an empty response with 400 status. URL: https://<PANORAMA_IP>/restapi/9.0/Policies/SecurityPreRulesHeaders:Content-Type: application/jsonX-PAN-KEY: <KEY> { "entry": [{ "target": { "devices": [{ "@name": "001801020796", "vsys": { "en...

Resolved! ansible-galaxy ssl issue "certificate verify failed"

Hello,Trying to install "ansible-galaxy collection install paloaltonetworks.panos" and getting the error below, anyone ran into this issue, if so can you please provide steps to fix this issue?Many thanks ansible-galaxy collection install paloaltonetworks.panosStarting galaxy collection install processProcess install dependency mapERROR! Unknow...

cziaeian by L1 Bithead
  • 18726 Views
  • 1 replies
  • 0 Likes

Resolved! Ansible and set commands

new to ansible - that being said I wanted to ask has anyone used example playbooks in ansible-galaxy to do config changes to 20 or 100 + plus devices? In the past, I have used a custom python script that works well it allows me to manually add the command and the device list and let it run but it's not as pretty as using ansible. I'm looking at...

Porfirio by L1 Bithead
  • 6427 Views
  • 2 replies
  • 0 Likes

panos_security_rule - unsupported params

trying to add description field to my security rules over multiple vsys's. using the panos_security_rule and setting the vsys flag I get unsupported params. msg": "Unsupported parameters for (panos_security_rule) module: disabled, log_setting, vsys Supported parameters include: action, antivirus, api_key, application, category, commit, data_filt...

Cisco Anyconnect Regex for User-ID

We're using Cisco Anyconnect version 3.1 and are having issues using the syslog user-id receiver in panos 6.1.3. The default syslog profile for cisco anyconnect 1.0 and the regex entriy doesn't correctly interpet the correct user id dhcp assigned IP address. Need help ASAP creating new or correct regex.Apr 29 15:31:21 FEGUSLVSSLVPN1 %ASA-4-72204...

Automate Panorama 10.0 bootstrap process

Hi there, I'm wondering if I can use the VM-Series Firewall Bootstrap Workflow for bootstrapping a Panorama VM in AWS. (https://docs.paloaltonetworks.com/vm-series/10-0/vm-series-deployment/bootstrap-the-vm-series-firewall/vm-series-firewall-bootstrap-workflow.html) Did anyone try this?

policies.SecurityRule().clone??

I'm having a terrible time trying to just simply 'clone' a security rule, and then edit it how desired, without running into issues. First, using copy.deepcopy(security_rule) works perfectly...however adds a massive amount of run-time to my program. I previously used this method on dictionaries without a major increase in run-time. I can't find ...

TACACS and Authentication Profile creation using ansible

Hi Folks, I am working a IaC project and I ran into an issue coding the TACACS profile creation and creating an authentication profile using the TACACS profile as the server profile.As you may be aware, the paloaltonetworks.panos galaxy does not have modules for the TACACS server profile creation and Authentication profile creation.So I used the...

Resolved! How to add new objects to a Panos_address_group

Hi Folks, I see that "Panos_address_group" can help you to create groups with a list of "static_values"; however, how do you "add/modify" a new IP addresses to an existing group or how do you delete values from the static list? I did try using "panos_address_object" module; but this works in the same way that "panos_object" when adding a new add...

Resolved! Palo Alto REST API - test security-policy-match

Hello,I have been trying using the command "test security-policy-match" with REST API. I do get a proper response, but i'm missing some valuable information.From the CLI i get the following response:admin@KAS-PaloAlto> test security-policy-match from KAS- zone-1 to KAS-zone-2 source 10.1.1.25 destination 10.2.2.25 protocol 1 Ping { from KAS-z...

Panorama Splunk integration

Hello all. Does anyone have experience with or can give guidance on integrating Splunk with Panorama to use Dynamic Address Objects in security policy? We are attempting to automate some threat response capability using Splunk and APIs. Searching of the KB has not yet been helpful. Thanks

Monitor Zone CPS assigned to sub interfaces

Hi Guys! I noticed, that my zones which are assigned to L3 sub interfaces, are missing from the PanZoneTable (.1.3.6.1.4.1.25461.2.1.2.3.10 ) when walking through the OIDs. Zones assigned to plain L3 interfaces are perfectly fine. Is this intentional, if so is there a way to monitor CPS for security zones assigned to sub interfaces? PA-3220, PA...

  • 1031 Posts
  • 68 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks