Automation/API Discussions
Showing results for 
Search instead for 
Did you mean: 
Automation/API Discussions


Resolved! Show Local Device Policies

Hi all,


I'm searching through the API browser on my PAN-OS 8 instance, and wondering where the syntax exists for exploring/getting the local policies per-physical device.


Or for clarity's sake - what API endpoint would return all of the local device'


Having an issue with checkboxes in API

I am having an issue with changing settings that use checkboxes through API. For example the setting under 

/config/devices/entry[@name='localhost.localdomain']/deviceconfig/system/services. If I try to set <disable-telnet></disable-telnet> it says th


SNMP Monitoring - Missing Data

Hi all,


I'm currently working on developing SNMP  v3 reporting with data from my PA-3020's and Panorama.


While I can successful authenticate commands against each of my desired devices, I am not seeing any clearly available data that represents sessi


Resolved! Security rules via API with two vsys


This morning started with me pulling my hair out...just like yesterday ended.  So, here I am.  I want to query our Palo Alto firewall via the API to show me security rules...not a big deal.  However, the device as two vsys's (or however you wri


Any Automation tool for Palo Alto

Please suggest any Automation tool or software which can be integrated to firewall:

Main requirements:

We have many port based rules. which the tools requires to analysze the traffic logs and suggest which application can be replaced with this.



Resolved! Register ip into DAG delayed

hi all,

I noticed that everytime I push a new IP into a DAG it takes a while for it to register. sometimes it takes 30 seconds, sometimes longer. is there a way to make this into effect instantaneously ? Thanks

bartoq by L3 Networker
  • 1 replies

SSL decryption and MineMeld

Everyone knows that each individual environment faces certain challenges when implementing SSL inspection.  This is my third environment rolling this out and I am thinking that there has to be an easier way than turning on SSL inspection, breaking fu


DIRTT by L2 Linker
  • 0 replies

Panorama & Global Protect



How do I look at Global Protect users on Panorama? I can run the command "show global-protect-gateway current-user" on the firewall but I wanted to run the command from Panorama as I have multiple firewalls terminating VPNs.

Rule creation/modification dates

I'm writing a script to alert when a new MAC address is seen for an IP address that's listed in an Internet-facing rule. I have it working pretty well, but I want to avoid alerting on rules that are themselves new. I'm calling the API via /config/dev


ekenda2 by L1 Bithead
  • 1 replies
Top Liked Authors