This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Automation/API Discussions

Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Automation/API Discussions

Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.

About Automation/API Discussions

Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.

Discussions

Start a conversation

Creating a custom app-id to block SocialMiner admin access

Hi guys, so I need to create a custom-id to block SocialMiner administrative access including the following:http://x.x.x.x//administration.jsphttp://x.x.x.x//results.jsphttp://x.x.x.x/configuration.jsphttp://x.x.x.x/search.jsphttp://x.x.x..x/cmplatformhttp://x.x.x..x/ccmservicehttp://x.x.x..x/drfI need to block access to these pages using both t...

vmusman by Not applicable
  • 5546 Views
  • 5 replies
  • 0 Likes

Resolved! Admin Role request

Hi Friends,Any one have idea about such kind of admin role. i want give a permission to particular admin to only device operation role (like reboot or shut down device ) but i am able to do this please suggest. :smileyplain:RegardsSatish

Satish by L4 Transporter
  • 4646 Views
  • 5 replies
  • 0 Likes

Data pattern for SSN or CC with file type as text/html is matching .dll files

Hi All,In my LAB Test,Here is what I did,++ Created a data pattern with CC (10) and SSN (10) to match SSN or CC++ Under Data Filtering Profile, added the pattern with file type as "text/html" with Alert threshold as 1++ Sent an email with a file "TESTssn.dll" ++ It is hitting the rule ++ It seems Firewall is detecting the DLL files under file ty...

rsingh by L3 Networker
  • 2947 Views
  • 0 replies
  • 0 Likes

00284911- Data filtering regex

Hi,I'm trying to setup custom data filtering using a regex data pattern. I'm thinking of adding some numbers for different cards and also the Bank names.Please provide some guidelines on this.thank you,Charles deHeer-Graham

Strange behavior after custom App creation

Hello,My customer created his own app signature: own-ping ( ICMP type 8), and didn't use it anywhere. After config commit it looks that pings are somehow blocked by firewall...Deleting custom app definition solves problem. This is really strange.Do you have any idea if this is some known bug ? PANOS is 6.1RegardsMichal

http-req-uri-path limitation

Does anyone know why there is a 7 character minimum when using "http-req-uri-path"?How would you block on URI for the follwing example: http://FQDN.com/abc/dynamicContent01.jspI cannot filter on just /abc/ as it expects min 7 characters and dynamicContent01.jsp being a dynamically created extention that is unpredictable.

Dingo by L0 Member
  • 4113 Views
  • 3 replies
  • 0 Likes

How to pull group of users from Radius server?

HelloI try to find out solution on Captive Portal with Radius and groups of users but finally we stucked with question "how to get in security policies groups from Radius".Is there any other way to authenticate users in Radius server, but according to group that belongs user attache him a permission?Any ideas are welcome!RegardsSLawek

_slv_ by L4 Transporter
  • 2763 Views
  • 0 replies
  • 0 Likes

Drop a certain type of inbound DNS query

We have a MS DNS server that handles some (very few) reverse PTR records... We consistently see people trying to use this server for reflection attacks - whereby they perform a recursive forward lookup for the same domain over and over (likely spoofing the source IP to try and flood their target); our DNS server dutifully respond with a list of...

jgardner by Not applicable
  • 5331 Views
  • 4 replies
  • 0 Likes

YouTube Custom App to Block Search with Safety Off

I am using the built in search filter and it does block explicit videos. However, it does not prevent the user from doing a search with Safety Off and seeing all of thumbnails full of nudity. I am trying to create a custom application that will block this type of search. After doing packet captures its evident that the when Safety is OFF it c...

PAN Perl Package for configuration

Does anyone know who is maintaining the PAN Perl package? I've searched around and found a series of threads where people have been asking for configuration CLI integration within the PAN Perl Package, but didn't see anyone making a move to add the feature so I took a little time to dig through the module to add it in myself. If someone else h...

tighe by Not applicable
  • 2324 Views
  • 0 replies
  • 1 Likes

Custom script to sync 1 firewall to another. HA

Here is my scenario. Main site, 3020 HA pair. DR site single 3020. Sites are geographically separated, different ISP's, different certificates.My plan is to stand up and configure interfaces, certificates, VPN, and other unique elements. What will be the same is zones, objects, services,policies, etc. What I am wondering is if there is a scr...

APatel by L1 Bithead
  • 2571 Views
  • 2 replies
  • 0 Likes

Resolved! Creating custom signatures

Is there a way to create a signature to block or alert as referenced by this website...http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=27208The sample url comes from the link belowhttp://l.facebook.com/l/8AQEvKJix/christmasoffers.org/babykit.htmlIf this signature is already in the latest updates, please let us know.

mmarceli by L0 Member
  • 4247 Views
  • 2 replies
  • 0 Likes

Custom Application Signature to only allow snmp-read

Hi allI have read the "Creating Custom Signature" Tech Note for PAN-OS 5.0, because I tried to create an application that only allows snmp-read. But there I was blocked by a limitation that I need at least 7 bytes.The snmp-payload looks like the follwing:3035020101040c746573747465737474657374a02202045c88c1c802010002010030143012060e2b0601040181c6...

Remo by L7 Applicator
  • 4651 Views
  • 4 replies
  • 0 Likes

Regex, Am I missing something?

Hi everyone,I have created some regex expressions for the dlp. I have the data pattern set with a weight of one and data filtering profile alert threshold of one, I have the data filtering profile set to upload and any/any application or file type, and I have the following data pattern. The Palo alto does not pick up a simple text file that I up...

Custom URL Category update via API returns "Edit breaks config validity" error

Hi all.Thanks to excellent guidance found elsewhere (using panxapi to update a custom-url-category profile from a file), I was successfully and reliably able to add and update custom URL categories via the API. Recently something changed that caused my scripts to fail. Whenever the API is used to update a custom URL category, it returns "Edit ...

  • 1031 Posts
  • 68 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks