Search Feature For NGFW Paloalto API

cancel
Showing results for 
Search instead for 
Did you mean: 

Search Feature For NGFW Paloalto API

L1 Bithead

Hello Everyone..

I have a project for automation operational firewall NGFW Version 10.1..

I read the API documentation & talk to google but nothing.

My first question : Can I search specific address with specific ip_netmask value and fqdn value ? I mean about search is like contains or match in sql query.

Last question : Can I search specific rule with specific source member address value and destination member address value ?

 

Thanks

@Bogi_Farizna 

10 REPLIES 10

L1 Bithead

up

L4 Transporter

Hello @Bogi_Farizna, today it would be achieved by exporting the section of config you want to search through (e.g. address objects, or rules) and filtering on the API client-side for the search term.

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂

hello @JimmyHolland thanks for your attention.. so the API cannot support search for object value right ? And you suggest to exporting config for search object value, is it right ?

Today we have API operations for the various types of objects including: add, remove, edit/rename, list...

A pattern match on the returned list of address objects, for example, should be relatively simple in whatever language/script is being used to execute against the API?

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂

Hello @JimmyHolland , sure, I read that API documentation PAN.. but I did'nt find the object search feature by value, but only found the search feature by name. Did I miss it?.

his is the API URL I found to search for objects by name:
https://{{host}}/restapi/v10.1/Objects/Addresses?name=Test-One&location={{location}}&vsys={{vsys}}

Hi @Bogi_Farizna, personally I use the XML API with a request like this to get all the address objects from a Panorama DeviceGroup:

https://{{host}}/api/?key={{key}}&type=config&action=get&xpath=/config/devices/entry[@name='localhost.localdomain']/device-group/entry[@name='{{device-group-name}}']/address

 

The results looks like this, so you can easily filter the results and search for name of object, or IP address of object:

<response status="success" code="19">
    <result total-count="1" count="1">
        <address>
            <entry name="Test-Server-Portal">
                <ip-netmask>172.17.0.5/32</ip-netmask>
            </entry>
            <entry name="Windows_Desktop">
                <ip-netmask>172.16.10.123/32</ip-netmask>
            </entry>
            <entry name="192.168.1.1">
                <ip-netmask>192.168.1.1/32</ip-netmask>
            </entry>
            <entry name="10.0.0.1">
                <ip-netmask>10.0.0.1/32</ip-netmask>
            </entry>
            <entry name="10.0.2.1">
                <ip-netmask>10.0.2.1/32</ip-netmask>
            </entry>
            <entry name="10.0.4.1">
                <ip-netmask>10.0.4.1/32</ip-netmask>
            </entry>
            <entry name="10.0.0.0-24">
                <ip-netmask>10.0.0.0/24</ip-netmask>
            </entry>
            <entry name="1.1.1.1">
                <ip-netmask>1.1.1.1/32</ip-netmask>
            </entry>
        </address>
    </result>
</response>

 

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂

hello @JimmyHolland , wohoo you are using XML.. ok, I know the API PAN have the ability to get all address and get by address name. but if i'm using get all address function and then filtering at client it need more time cause in my environment have more than 20k object address. so I ask you about ability API PAN to get by address value (ip-netmask or ip-range). is it possible ? if possible do you have a example request ?

I'm afraid I don't have example of that @Bogi_Farizna. If you want to discuss this with your SE/reseller/partner that would be the most appropriate next step. I can put you in touch with the right person if you want to share your company name (via DM on this forum if you wish to preserve privacy).

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂

Hello @JimmyHolland , I already send my information in your dm. thnks.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!