Feels abit lazy to ask here, but i cant find how to query for hitcount using pandevice. How do i do that?
We are using Ansible Tower 3.5 and Ansible 2.8 to schedule and run network and security automation playbooks. We are looking at using the Ansible Galaxy modules for automating PANOS configurations. I was able to write the playbooks to do what we need, but whenever I run the playbook with the ansible-pan modules, the main task runs PIP to install...
In another article here, from 2014 (precambrian issues) - they broke down some of the insides of the device state config backup.One of the commands listed said that I should issue the "save device state" command from the config cli - only - it's no longer there.My script worked brilliantly for pulling the configs down on my Mac - just want to ma...
Why are not this hosted at palo altos own site? Yes im abit paranoid but i have never understod why this kind of packages are hosted at pip? At least if they are hosted at external site. Would it not be possible to implement something like this https://media.djangoproject.com/pgp/Django-2.2.12.checksum.txt ?
When I try to run Terraform apply, it throws errors saying Resource X already exists, Should it not read the state from s3 bucket and see that the resource has already been created?
Hi, I have been trying to use Ansible to retrieve the arp table from a PA FW. Logging in with ssh, it's a quick and easy "show arp all", but using Ansible, I am struggling. I was sure panos_op would work with "show arp all", but it doesn't.I also looked at panos_type_cmd, but that seems not to be the way either. More config than state. Finally, ...
Hi all, I'm new to Ansible and am trying a specific use case where I am connecting to a PAN-OS firewall device through SSH and running my panos_op commands. Is there a way to bypass HTTPS as our production firewalls are compliant to our customers with not allowing any HTTPS access from any host. When I run my script, I am getting: "msg": "Faile...
Hello, Is there an available API call (XML or REST) or Ansible command that can be used to:1) create a user group2) add an existing user to the newly created group I looked through the API docs and Ansible collection docs, but wasn't able to find any user/group manipulation examples. Thank you for your time. Kind regards.
Hello, I've noticed that Ansible will commit changes by default, False option doesn't seem to influence it. For example, if Ansible adds security rule for 10.10.10.1 - it will not be committed.Next run, adding rule for 10.10.10.2, will commit the rule added for 10.10.10.1, and leave rules for 10.10.10.2. Additionally, I have not been able to mak...
Hi Guys, stuck here, running the static route module and receive this error: ERROR! couldn't resolve module/action 'panos_static_route'. This often indicates a misspelling, missing collection, or incorrect module path. This should work as my other modules panos_object / panos_security_rule all work.
Hi Guys,I would like to create objects and Rules that would be shared between the different vsys I have setup within my Firewall.I used to create "Shared" objects through the WebUI and would like to reproduce the same tasks via an ansible playbook.I can't find how to do this (as if I don't put a vsys, the object is created by default into vsys1)...
TASK [add a pbf rule] **************************************************************************************************************************************************************************************************************************An exception occurred during task execution. To see the full traceback, use -vvv. The error was: NameError:...
So I had a crazy idea and started poking around at the XML API on my firewall. I wanted to see if there was a generally efficient way to automate a query against PAN-DB. Seems straightforward enought; either test/url-info-cloud or test/url-info-host (depending on whether I want to check the MP cache or against the cloud... though I'm not sure ...
Hello,How can I get a full backup including all settings, objects and security policies? The firewall is not managed by Panorama, I would like to be able to automate backup&restore process with Ansible and paloaltonetworks collection. Regards,Michael
i'm trying to run the following task in my play to create a bunch of new L3 subinterfaces on ae2 and then add them to the appropriate security zone. if i try to assign the zone as part of the panos_l3_subinterface, or through a different play (as shown in code vs commented out section) i get the same error message. my understanding is that if i ...
