How to convert security policies into an excel file in Palo Alto Firewall

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

How to convert security policies into an excel file in Palo Alto Firewall

L1 Bithead

I am looking for a way to convert exsisitng security policies in PA firewall in PAN-OS version 7.0.x to an excel or CSV file. I found no valid way or documents. Can any body help me.

 

 

Cheers

 

Yasir

5 REPLIES 5

L6 Presenter

There is no such built-in function. 

But it shouldn't be too difficult to write a script which parses XML config file and rewrites it as CSV as XML is nicely structured.

L7 Applicator

I've used this user script in version 5 & 6 in the past.  Not sure if it still works in version 7.

 

https://live.paloaltonetworks.com/t5/API-Articles/Simple-export-of-rules-as-Excel-or-HTML/ta-p/65082

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center

L4 Transporter

With Pan Configurator  service-edit.php if I want to delete unused objects is it possible to set a count limit? For exampel I dont want to do all 500 at one time unt say 100 at a time. Look to see if there is a string   like "maxcount' to end comman below.

 

 php address-edit.php  in=2473.xml out=/dev/null actions=delete 'filter=( object is.unused)' 

 

Follow those steps to convert rules into Excel.

 

https://indeni.com/how-to-export-palo-alto-networks-firewalls/

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

Hi  thanks for reply but was acutally lookin gofr answer on below? Not sure if my post heading was mixed up.

 

With Pan Configurator  service-edit.php if I want to delete unused objects is it possible to set a count limit? For exampel I dont want to do all 500 at one time unt say 100 at a time. Look to see if there is a string   like "maxcount' to end comman below.

 

 php address-edit.php  in=2473.xml out=/dev/null actions=delete 'filter=( object is.unused)' 

  • 5653 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!