11-01-2021 05:51 AM
My organization was tasked with collecting a series of debug logs on one of our firewalls every 20-25 minutes for several days due to an issue which PAN was having trouble diagnosing and/or determining the cause of. These commands took approximately 5 minutes to run to completion, so you can imagine it was not a fun weekend for the team members involved. We attempted several script efforts, but none of us are terribly proficient at scripting (a skillset we are in the process of developing).
I am convinced this must be something that can be automated as it isn't a complicated process. I thought I would post here and see if anyone would refute that or if there were suggestions, ideas, or even examples of a similar process that was automated. There are 24 commands in all, some of them requiring interaction to display the end of the log output or q to exit the display.
Any thoughts would be appreciated in the event that a similar task is required in the future.
Thanks!
11-03-2021 05:45 AM
Hi @Gareth.Doyle, scripting would be the main option here, as CLI commands which begin with "debug" can't today be performed with PAN-OS APIs (although that's something that may change in future). The first idea that springs to mind is Paramiko, if you are using Python, but other packages, libraries and frameworks may exist that work with SSH cli commands and interactions, for other scripting and programming languages.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
