Is JSON Based URL is configurable in Security Policy as EDL.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Is JSON Based URL is configurable in Security Policy as EDL.

L3 Networker

Hi Team,

 

Please confirm us can we configure JSON based URL as a EDL in Security policy on Palo Alto Firewall.

 

Herewith, I have provided you with the sample JSON Website for your reference. Please refer and share us with your valuable inputs.

 

https://snat.f5silverline.com/api/v1/snat -->> JSON Website

 

I have also tried to configure EDL with the above URL on my lab setup however, the list of IP's are not getting fetched from the Website. Refer the below snap for your reference once configured on the Firewall.

 

Snap:

 

SahulH_0-1613372205367.png

Please refer to the above configuration and let us know whether we can achieve this on PA Firewall. If yes then, share me with your valuable suggestion on how to accomplish this one.

 

Awaiting for your valuable response !!

 

Best Regards,

Sahul Hameed

 

1 accepted solution

Accepted Solutions

Community Team Member

Hi @SahulH ,

 

JSON isn't supported.  Please check the syntax here:

https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/policy/use-an-external-dynamic-list-in-po...

 

You might want to reach out to your local SE and have him make a feature request for supporting JSON formatting in the future.

 

Cheers !

Kiwi.

 
LIVEcommunity team member, CISSP
Cheers,
Kiwi
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.

View solution in original post

3 REPLIES 3

Community Team Member

Hi @SahulH ,

 

JSON isn't supported.  Please check the syntax here:

https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/policy/use-an-external-dynamic-list-in-po...

 

You might want to reach out to your local SE and have him make a feature request for supporting JSON formatting in the future.

 

Cheers !

Kiwi.

 
LIVEcommunity team member, CISSP
Cheers,
Kiwi
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.

Hi @kiwi ,

 

Thanks for your response !!

 

We will check this out with SE to propose this as a feature request.

 

Best Regards,

Sahul Hameed

@SahulH,

A workaround solution would be spinning up a MineMeld instance and just using an output node to feed the information to your firewall. 

  • 1 accepted solution
  • 6231 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!