11-17-2022 08:14 AM
Hello all, I'm looking for some suggestions, or information on how I can quickly update all security profiles, with 3 select objects at once. In total, our Panorama has 129 profiles, so I would need to login to all 129 profiles, and update 3 categories in them to block.
By way of the gui, I think the only way would be able to edit 1 profile at a time, and search all 3 categories, and update them accordingly. Can anyone suggest any easier way to maybe resolve this?
11-18-2022 10:29 AM
Hi @PingMyServer ,
They were probably only thinking of the GUI. Are you familiar with the CLI? If not, direct message (DM) me and we can do a quick screen share session. It won't take too long. We build the CLI for one security profile. We then use some CLI magic to parse the 129 profile names and append the command to each one. Then paste.
Thanks,
Tom
12-01-2022 07:21 AM
After doing further research, I found through the CLI you can do this fairly easy. Using the following commands. You can pull your profile names from the command "set device-group GROUP1 profiles" and pressing tab. It takes a little work, but with excel you can get all the commands you need fairly quickly
set device-group GROUP1 profiles url-filtering PROFILE_NAME block ransomware
set device-group GROUP1 profiles url-filtering PROFILE_NAME block encrypted-dns
set device-group GROUP1 profiles url-filtering PROFILE_NAME block real-time-detection
11-17-2022 10:29 AM
Hi @PingMyServer ,
For mass changes, I found Expedition very helpful. You are able to multi-select items and apply changes to them.
11-17-2022 12:08 PM
Sorry, but you can use this to change Palo Alto's own rules on their own Panorama and apply them to the same panorama? Reading about it, sounds like a migration tool, I need to change rules on our current live Palo Alto devices.
11-17-2022 03:56 PM
Hi @PingMyServer ,
Yes, Expedition can make changes directly to a device via API. You start by adding the device to Expedition. https://www.youtube.com/watch?v=r_l_NjGHv90
You could also use the CLI. I have found that to be very useful for bulk changes.
Thanks,
Tom
11-17-2022 08:05 PM
Interesting Palo Alto support told me today it's not possible to bulk edit URL Security Profile objects. Told me I would have to go in, to each one, select the 3 URL Categories, then I can change 3 at once. But there is no way to modify multiple profile objects at once.
11-18-2022 10:29 AM
Hi @PingMyServer ,
They were probably only thinking of the GUI. Are you familiar with the CLI? If not, direct message (DM) me and we can do a quick screen share session. It won't take too long. We build the CLI for one security profile. We then use some CLI magic to parse the 129 profile names and append the command to each one. Then paste.
Thanks,
Tom
12-01-2022 07:21 AM
After doing further research, I found through the CLI you can do this fairly easy. Using the following commands. You can pull your profile names from the command "set device-group GROUP1 profiles" and pressing tab. It takes a little work, but with excel you can get all the commands you need fairly quickly
set device-group GROUP1 profiles url-filtering PROFILE_NAME block ransomware
set device-group GROUP1 profiles url-filtering PROFILE_NAME block encrypted-dns
set device-group GROUP1 profiles url-filtering PROFILE_NAME block real-time-detection
12-01-2022 03:50 PM
Thanks for sharing!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
