Push custom signature using API

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Push custom signature using API

L1 Bithead

Hello colleagues, how I can upload to firewall custom signature using api or cli interface?

4 REPLIES 4

Cyber Elite
Cyber Elite

somthing along these lines: 

 

# set threats vulnerability 41000 direction both severity critical threatname mythreat signature standard mysignature scope session and-condition myandcondition or-condition myorcondition operator pattern-match pattern mYpAtTeRn context http-req-headers qualifier http-method value GET

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

Thanks for the answer, can you give examples or a detailed description of the addition of a specific signature? And why such a limit of 4000 signatures? In this case, the question is brewing - does the firewall or VF-500 store any signatures or hashes of secure files somewhere, will they not go to the scan each time?

I don't think i fully understand your question No hashes are saved, except for wildfire uploads
Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

Please see this link https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClUdCAK you can see here that you can add signatures using the web interface, I’m interested in automating the addition of such rules, because doing it every time with your hands is a long and difficult task. Best of course if you can automate using API.

  • 4601 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!