This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Automation/API Discussions

Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Automation/API Discussions

Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.

About Automation/API Discussions

Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.

Discussions

Start a conversation

Boot Up and login issue

Hello Friends,Please suggest on below logs.Determined physical RAM map: memory: 0000000000042000 @ 00000000019de000 (usable after init) memory: 0000000006400000 @ 0000000001b00000 (usable) memory: 0000000007c00000 @ 0000000008200000 (usable) memory: 0000000060000000 @ 0000000020000000 (usable) memory: 000000000fc00000 @ 0000000410000000 (usable)...

Satish by L4 Transporter
  • 3138 Views
  • 2 replies
  • 0 Likes

Logical conditions in custom IPS signatures

Hello.I need some help with logical conditions in custom IPS signatures definitions.I've made a set of custom IPS signatures for browser identification based on user agent strings. the were working ok, but recently MS decided that IE will not include string MSIE in some cases. So I'm making a new signature which will try to find MSIE or Trident ...

santonic by L6 Presenter
  • 4663 Views
  • 4 replies
  • 0 Likes

net.tcp context identifier

HI all,Been trying to build a custom app-id for an application which the PA currently recognizes as net.tcp.- tried different patterns with no success.- currently using the unknow-tcp-req-paylod as the context identifier.- tried a plain text pattern and a hex patter again with no success.What would be the correct context identifier to use in thi...

Omarr by L0 Member
  • 3579 Views
  • 0 replies
  • 0 Likes

Packet capture for specific ip like signature match

Hi,I have configured DNS sinkhole feature. The sinkholing is working fine with providing and blocking fake ip. The only problem is that although I can get the original client ip connecting to the fake ip, I cannot find the payload (url/resource being requested). Is there any way I can capture packets like spyware/vulnerability etc? I checked int...

Why is XP Detection Signature not consistantly tripping?

Hello,We have created a custom vulnerability signature to detect XP devices based on identifying the user agent string as described in Custom vulnerability signature for identifying Windows XP clients . The issue we are encountering is that the signature by default has an action of alert but in the vulnerability profile there is an exception ...

HITSSEC by L4 Transporter
  • 2459 Views
  • 0 replies
  • 0 Likes

Baidu applications

Baidu as a very famous applications which is very annoying to user?why don't you have APP-ID' for its applications like pc faster, antivirus, browsercould you please add his apps to the APP-ID engine?Appreciated.Maher

Regex from IronPort to PanOS 6.1.1

We have a bunch of regex values in an IronPort box that we would like to use in a data filtering policy. I looked over the regex doc https://live.paloaltonetworks.com/docs/DOC-1499 and our seems to match the PA doc but I get an invalid regex error when trying to add a regex value. Below is an example of two regex value. Any help would be great ....

care1 by Not applicable
  • 2102 Views
  • 0 replies
  • 0 Likes

PHP - XML to Array

So I've been working with the API pretty frequently and have run into a bit of a snag that has caught me now a few times. I'm using CURL with PHP to interact and whenever I get a response, I do a conversion as such:$xmlarr = json_decode(json_encode((array)simplexml_load_string($result)),1);This turns the response into a PHP array. The problem ...

XSD Schema for XML API?

Hi everyone,Is there any XSD to validate XML files? I got something similar to XSD from https://<hostname>/php/utils/schema.php. But if I use the result of this response in an XSD validation, many errors appear related to the schema format. It seems there is another internal schema that is not provided from this URL.Any information about t...

Email Reporting options

Hi,I would like to automatically send csv based reporting information in addition to the pdf format information. I can not find an easy way to automatically send csv or xml based information via the WebGUI. Is there an existing enhancvement request for this functionality? Thanks.- Tyrone Smith

tyrone by L0 Member
  • 2170 Views
  • 0 replies
  • 0 Likes

Resolved! Use XML API to export device state?

I am trying to figure out how to use the XML API to export the device state.Looking through the PAN-OS XML API document (PAN-OS and Panorama XML API Reference Guide 6.0), I found that I should use 'type=export&category=device-state'. But I don't see how to specify which device-state file to export. I also tried to browse through API browse...

Regex evaluating new line carriage ?

I have a Splunk server that logs all Acitve Directory authentication events on my network. I have set up a syslog feed from the Splunk server to the Palo Alto. On the Palo Alto, I have created a syslog filter and added the Splunk as a User-ID syslog server.The problem I have is that Splunk sends each logon event as a single syslog entry which co...

collecting traffic data of subinterface on aggregate ethernet

I am having some problems collecting traffic data on subinterface on aggregate etherent.I followed steps described following postIntegrating Zabbix and PA subinterfaces via APIHowever, when information is pulled by API, it doesn't give me counter infromation on aggregate ethernet subinterface.I cannot collect the information via SNMP for logical...

PreDefined SSN Pattern Match

Hi All,A Social Security number (SSN) CANNOT : * Contain all zeroes in any specific group (ie 000-##-####, ###-00-####, or ###-##-0000) * Begin with ‘666’. * Begin with any value from ‘900-999′ * Be ‘078-05-1120′ (due to the Woolworth’s Wallet Fiasco) * Be ‘219-09-9999′ (appeared in an advertisement for the Social Security Administration) ...

rsingh by L3 Networker
  • 6119 Views
  • 3 replies
  • 0 Likes

RegEx looking for a specific UserAgent.

I tried to migrate over my Cisco IPS regex to Palo Alto but it failed to load. Below is my Cisco Regex.[Uu][Ss][Ee][Rr][-][Aa][Gg][Ee][Nn][Tt][:][\x20][^\x0d\x0a]*([Ss][Yy][Nn][Aa][Pp][Ss][Ee])I tried creating a new pattern but it is to specific and not working.I am looking to search the http header for User-Agent and if the value contains the w...

scantwell by L4 Transporter
  • 3786 Views
  • 2 replies
  • 0 Likes
  • 1031 Posts
  • 68 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks