Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.
Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.
Threads in this discussion area are now read-only. If you have a question about Automation/API products please visit our product discussions.
Hello,I wanted to know how to configure PA device to pull details from aruba device through XML API. I see mobile devices being identified as UNKNOWN.Thanks
Can someone provide documentation and insight in regards to creating custom IPS signatures based on the follow scenario?Consider you have an FTP server. The USER command is vulnerable to buffer overflow. How does one create a custom signature to identify and block this activity? The buffer and payload the attack sends could have 1000 variations....
Hello all,I am trying to edit/set a security rule using the XML API. So far i have the following: https://x.x.x.x/api/?type=config&action=set&key=hiddenkeyhere&xpath=/config/devices/entry/vsys/entry/rulebase/security/rules/entry[@name='Rule 1-1-1-1-1']/&element=<from><member>inside</member></from>sadly al...
I'm using PAN::XAPI XML API module to perform various actions on a Palo Alto firewall. The connections seem to work fine. However, after a while I still see the admin logged in according to the Dashboard tab. They stay there until the idle timeout is reached.I'd prefer to be able to call a disconnect() or logout() type of method when I'm don...
Hello, I have been trying to figure out if there is a way to enable and disable TS Agents through the API. We run a bunch of Citrix farms and the agents will be going up and down during reboots and usage. What I want to do is to disable a server when it goes down and then enable it when it comes back up. I have searched through the /api co...
HiWe currently have 100+ Citrix Servers with more being added or removed every week. The TS-Agent is installed as part of the default Citrix Server build but it would be nice to have a slicker process to add new servers into the Panorama config. Presumably this is could be done using the API. Does anyone have any experience that they would like ...
Hi DevCenter Community,My customer had requirement to control News Feed on Facebook. Have tried myself but couldn’t verify which fields + conditions to be used to make this work.1- Block content from appearing on Facebook News Feed: customer need to block feed content from some Facebook’s user profile (ex: www.facebook.com/username) from appeari...
Greetings,I am still pretty new to the Palo Alto product line and was hoping I can enlist the help of the community to get some feedback and possible use case scenarios for using the VM based firewall. I am currently working on a few new branch office projects and originally planned on using the PA-500 for small office (less than 40 users) and t...
Hi,created a custom signature to block uploading edrawing files (Solidworks: .easm and . edrw), but I cannot define client2server or server2client. I like to block only uploads but PA is blocking both... could you please take a look?both (NOT one of them) pattern of this file type should match:Our profile (add the custom object as exception):Thx...
Hi AppDev team,After speaking with support (case# 00241826) we would like advice on the socks dependency for Citrix. We would like to avoid opening up socks if all possible due to the vulnerability it represents.The TSE suggested the AppDev team would be able to advise on our options and if we need a custom app or not.Thank you
I've looked through the documentation and cannot seem to find a "begins with" regex variable. The common symbol ^ seems to be reserved in PA for match any except. Is there a solution or is this not available?
I'm trying to download application-pcap files using panxapi (not just file listings), but am not able to get it to work right.My end goal is to specify a folder and have it download every .pcap in that folder.Running panxapi like this just gives me a list of files in the given directory:./bin/panxapi.py --export application-pcap --recursive --sr...
Hi devcenterI've been reading the document on Application DDoS mitigation techniques using vulnerability signatures ( Application DDoS Mitigation ). I've been experimenting with the concept of "session limiting" bittorrent connections in this manner. I can't get my signature to match though. Guessing it is because I need to use a p2p context in ...
Hi,Our customer asked to create a custom signature to prevent some brute force attacks. We combined threat ID 34556 and 31708 ("HTTP WWW-Authentication Failed" and "HTTP Unauthorized Error") so that if they both occur more that 10 times within 60 seconds, then the traffic should be blocked. Now it appears that the detection count is not taken i...
Sorry to cross post this - I was directed to the DEVCENTRE as a more likely setting to find an answer to this. I'm trying to stem the flood of wordpress brute force attacks coming INTO our network (we are a web host, so host thousands of WP sites).Detecting WP logins is relatively easy, by setting up a signature that looks for the regex wp\-logi...
