Automation/API Discussions

rest API rule modification with Panorama

Hello, and thanks for whatever help you can provide.

I am trying to create a script that will modify one rule from enable to disable and back again via wget. I created a admin user on the panorama box, created a hash based on that user and password. w

...

App-Id for Oracle PLM / Weblogic

Hi there,

I have a prospect who wants to isolate his critical Oracle PLM / WebLogic application from the rest of the network.

Are these applications recognized by Palo Alto Networks?

If not, what are my options to create rules that only authorize these

...

Zarafa App-ID

Hi all,

Is there an App-ID for the Open Source Groupware application Zarafa? We got a customer request for this application to be identified by App-ID.

Thanks

PA 3020 issue with XML API

We are having an issue with our PA-3020 and doing a partial
commit via the XML API.

I am trying to do a partial commit of only the Policies and
Objects. When I initiate the commit from the XML API it appears to queue up
successfully, and according to th

...

XML API query to get detail information on Spyware IDs

Hello,

One of our customer has a question whether it is possible to get all spyware IDs using API?

They can get all Threat IDs with API as described in „XML-API-5.0-revC.pdf“ page 5:

Lower marking shows that all available xpaths are shown though API bro

...

deafult decryption

Hi,

I run a HA-cluster of PA-5020 PAN OS 5.0.10

I've just noticed that since I've upgraded from 5.0.8 to 5.0.10 a specific traffic was identified as web-browsing instead of as before SSL.

It seems that traffic identified as web-browsing over port TCP 44

...

URL filtering with regex

Hi all,

as far as I know this is not possible right now. Or maybe Im wrong?

The possibility to use wildcards (and an idea of tokens) is not enaugh in my opinion.

Are there any plans to implement it? It would be great if I could create custom category u

...

Creating a custom signature on PAN

Hello,

I'd like to create a custom signature on the PAN within the HTTP request that contains the following to be dropped. http://www.google.com/humans.txt

for example. http://example.com/test/index.php?example=http://www.google.com/humans.txt

How would I create a custom threat signature that looks for a server's "invalid username" response to a failed login attempt?

Hi,

I'm new to Palo Alto and custom threat signatures. I'm trying to detect invalid login attempts to a web site and apply a time rate. When the user enters an invalid username in the login, the site returns the text "invalid username". Which context

...

How to update the local-user-database user password

Looking for the payload data to update the '/config/shared/local-user-database/user' via the PA 5.0.10 API

#! /usr/bin/python

import urllib

import urllib2

import sys

# PaloAulto Firewall Managment IP Address

mypafw = '10.10.10.1';

# PA API key

mykey =myke

...

How do I monitor acc risk factor in cacti tool, via snmp?

as title

How to create a custom app signature to identify IE browsers when using http and https

I am looking for a way to create an custom application signature to identify IE browsers when accessing the internet and reliably identify it whether it is using http or https. Currently I have a custom app signature the works great when accessing ht

...

How do I Create a dlp policy to detect private IPs using Regular Expressions or what Regular expression should I used for data pattern

API log export hard-coded to a 20 entry limit?

In panorama 5.1.5 code, I'm attempting to pull down traffic logs for analysis of application type vs rule. My query is structured like this:

https://10.x.x.240/api/?type=log&log-type=traffic&query=%28%20receive_time%20geq%20%272012/12/31%2008:00:00%2

...

Grabbing user-id and ip's from SEP

All,

I just posted up a perl script for grabbing users and ips from Symantec Endpoint Protection (SEP).

Perl script to load users and IPs from Symantec Endpoint Protection (SEP)

Discussions