- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
07-31-2024 07:56 AM
I am looking for a way to automatically register and de-register a newly created firewall to a specific log-collector group. I had hoped to achieve this with https://github.com/PaloAltoNetworks/pan-os-python but I struggle translating the xml path to work with the op() method.
While running "set log-collector-group collector-group logfwd-setting devices <device-sn> collectors <collector-sn>" I get the following path:
<request cmd="set" obj="/config/devices/entry[@name='localhost.localdomain']/log-collector-group/entry[@name='collector-group']/logfwd-setting/devices/entry[@name='DEVICE-SN']/collectors" cookie="1234567890000000"><entry name='COLLECTOR-SN'/></request>
But how do I translate that to something that works with the op() method?
Are there other approaches / solutions that allow automatic registering and de-registering of firewalls to a log collector group?
07-31-2024 09:58 AM
Hi @Findus ,
Your research is excellent, as is your use of the "debug cli on" command. Your GitHub link has a link to documentation. If you follow it and click on API Reference > Useful Methods, you will see the list of methods. https://pandevice.readthedocs.io/en/latest/useful-methods.html#configuration-methods
You would not use the op() method as that is for executing an operational command (think Operational mode > as opposed to Configration mode #). I have not used the Python PAN-OS SDK. So, I am not sure which method to use or if the log collector is supported in the configuration tree for Panorama in the same documentation page.
With regard to other approaches, there are LOTS of options. A couple that come to mind are (1) curl command or (2) Python requests module. You would need to be familiar with request types and configuration actions which are passed in the URL. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-panorama-api/pan-os-xml-api-request-types/pan-os...
A great tool for testing the API is Postman, which is free. https://www.postman.com/. I use it all the time.
Thanks,
Tom
08-01-2024 03:35 AM
Hello Tom,
thank you for your response! I previously had a look at the documentation but could not find an object that would fit "log-collector-group" in the documentation. At this point I think this simply isn't supported yet. I'll follow your advice and use something else to utilize the xml-api path instead.
In case anyone else stumbles upon this thread, the path is:
https://{{panorama}}/api/?type=config&action=set
&xpath=/config/devices/entry[@name='localhost.localdomain']/log-collector-group/entry[@name='{{LC-group-NAME}}']/logfwd-setting/devices&key={{panorama-key}}&element=<entry name="{{newfw}}"><collectors>
<entry name="{{existingLC}}"/>
</collectors></entry>
To remove a device the path is the same, but replace the action "set" with "delete".
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!