Automation/API Discussions

Configuring PA 5.0.x and Aruba integration with XML api.

Hello,

I wanted to know how to configure PA device to pull details from aruba device through XML API. I see mobile devices being identified as UNKNOWN.

Thanks

General help with custom vulnerability signature

Can someone provide documentation and insight in regards to creating custom IPS signatures based on the follow scenario?

Consider you have an FTP server. The USER command is vulnerable to buffer overflow. How does one create a custom signature to iden

PANOS 6.0 XML - set failed?

Hello all,

I am trying to edit/set a security rule using the XML API.  So far i have the following: https://x.x.x.x/api/?type=config&action=set&key=hiddenkeyhere&xpath=/config/devices/entry/vsys/entry/rulebase/security/rules/entry[@name='Rule 1-1-1-1-

Any way to logout or disconnect from API to prevent "logged in admins" growing?

I'm using PAN::XAPI XML API module to perform various actions on a Palo Alto firewall.  The connections seem to work fine.  However, after a while I still see the admin logged in according to the Dashboard tab.   They stay there until the idle timeou

API and Useragents

Hello,

   I have been trying to figure out if there is a way to enable and disable TS Agents through the API.  We run a bunch of Citrix farms and the agents will be going up and down during reboots and usage.  What I want to do is to disable a server

Dynamic TS-Agent Configuration

Hi

We currently have 100+ Citrix Servers with more being added or removed every week. The TS-Agent is installed as part of the default Citrix Server build but it would be nice to have a slicker process to add new servers into the Panorama config. Pres

Custom Signature - Control News Feed on Facebook

Hi DevCenter Community,

My customer had requirement to control News Feed on Facebook. Have tried myself but couldn’t verify which fields + conditions to be used to make this work.

1- Block content from appearing on Facebook News Feed: customer need to

Custom signature - file upload blocking

Hi,

created a custom signature to block uploading edrawing files (Solidworks: .easm and . edrw), but I cannot define client2server or server2client. I like to block only uploads but PA is blocking both... could you please take a look?

both (NOT one of

Citrix and socks dependency

Hi AppDev team,

After speaking with support (case# 00241826) we would like advice on the socks dependency for Citrix. We would like to avoid opening up socks if all possible due to the vulnerability it represents.

The TSE suggested the AppDev team woul

RegEx ... a comprehensive list?

I've looked through the documentation and cannot seem to find a "begins with" regex variable.  The common symbol ^ seems to be reserved in PA for match any except.  Is there a solution or is this not available?

Downloading pcaps with panxapi

I'm trying to download application-pcap files using panxapi (not just file listings), but am not able to get it to work right.

My end goal is to specify a folder and have it download every .pcap in that folder.

Running panxapi like this just gives me a

"Session limit" bittorrent?

Hi devcenter

I've been reading the document on Application DDoS mitigation techniques using vulnerability signatures ( Application DDoS Mitigation ). I've been experimenting with the concept of "session limiting" bittorrent connections in this manner.

Create a custom signature to prevent some brute force attacks

Hi,

Our customer asked to create a custom signature to prevent some brute force attacks.

We combined threat ID 34556 and 31708  ("HTTP WWW-Authentication Failed" and "HTTP Unauthorized Error") so that if they both occur more that 10 times within 60 se

Custom Vuln Signature with req and rsp contexts fails

Sorry to cross post this - I was directed to the DEVCENTRE as a more likely setting to find an answer to this.

I'm trying to stem the flood of wordpress brute force attacks coming INTO our network (we are a web host, so host thousands of WP sites).

De