I have prepared the "SET" commands which configure the baseline settings. I can able to run the full set command from CLI. I would like to know any options where I can run these command from a Linux machine where the system take the commands from the local script and loginto the palo alto and execute the commands.
Also need to print the output of each set of command like " executed password policy successfully" or Failed to executed password policy with the output comments"
No knowledge in python or any scripting language so need to make it simple and would like to know this process is possible ?
set mgt-config password-complexity enabled yes
set mgt-config password-complexity minimum-length 12
set mgt-config password-complexity minimum-uppercase-letters 1
set mgt-config password-complexity minimum-lowercase-letters 1
set deviceconfig setting management idle-timeout 10
set deviceconfig setting management admin-lockout failed-attempts 5
set deviceconfig setting management admin-lockout lockout-time 5
set deviceconfig system snmp-setting access-setting version v3
I'm not the best scripting guy, however have you heard of Palo Alto's Zero Touch Provisioning?
I'll do you one better. Pull our docker container to run IronSkillet (get it, hardened PANs?)
You are able to directly edit the config, add variables, among many other things (including generating set commands from a current config).
IronSkillet and zero day configurations are all a great option. I would personally really recommend that you look into learning some sort of scripting language for use in situations like this. Whether you choose to utilize Python, PowerShell, simple Bash scripts, or anything of the sort is up to you, but it's an invaluable tool to have in your toolbox.
What you're looking to do is pretty simple from a scripting aspect and easily done. It would actually be a great starter script to assist you in learning how to make basic scripts. While I'm personally impartial to Python and think that's a better scripting language to focus on from a network/security aspect, any scripting language can handle what you're looking to do.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!