06-10-2019 07:13 AM
Hello colleagues, how I can upload to firewall custom signature using api or cli interface?
06-12-2019 12:13 PM
somthing along these lines:
# set threats vulnerability 41000 direction both severity critical threatname mythreat signature standard mysignature scope session and-condition myandcondition or-condition myorcondition operator pattern-match pattern mYpAtTeRn context http-req-headers qualifier http-method value GET
06-13-2019 12:27 AM
Thanks for the answer, can you give examples or a detailed description of the addition of a specific signature? And why such a limit of 4000 signatures? In this case, the question is brewing - does the firewall or VF-500 store any signatures or hashes of secure files somewhere, will they not go to the scan each time?
06-13-2019 04:40 AM
06-13-2019 04:47 AM
Please see this link https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClUdCAK you can see here that you can add signatures using the web interface, I’m interested in automating the addition of such rules, because doing it every time with your hands is a long and difficult task. Best of course if you can automate using API.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
