Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Using the REST API to create a bunch of Address Objects

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Palo Alto Networks Approved
Palo Alto Networks Approved
Community Expert Verified
Community Expert Verified

Using the REST API to create a bunch of Address Objects

L0 Member

I have to create a large number Address Objects and would like to use teh REST API to do so.  I've seen a number of examples at adding various things, but I'm running into an issue with these specific shared objects.  The all live in a device group called Global.

If I do a GET, I see that an object will look as follows

{"@name":"net-vl730-boise", "@location":"shared", "ip-netmask":"10.21.45.0\/24", "description":"Boise VTC Network"}

Am I correct in assuming that when interacting with an object, a field with a leading @ is a required field?

 

I basically want to have code that creates ~100 more of these.  To that end, I have a code snippet that looks as follows:

headers = {
  'Content-Type': 'application/json',
  'X-PAN-KEY': api_key
  }
name = "net-vl720-miami"
ip_netmask = "10.22.104.0\/22"
payload = json.dumps({
    "entry":{
        "@location":"shared",
        "@name":"net-vl720-miami",
        "ip-netmask":"10.21.46.0\/24",
        "description":"Miami Voice Network"
        }
    })
url = "https://panorama_ip/restapi/v10.1/Objects/Addresses"
try:
    r1 = requests.request("POST",url, headers=headers, data=payload, verify=False)
except:
    print(r1.text)

When I run the code as is, the response I get is:

'{"code":3,"message":"Missing Query Parameter: location","details":[{"@type":"CauseInfo","causes":[{"code":7,"module":"pan_api","description":"Missing Query Parameter: location"}]}]}'

If I alter the URL to include the location, as so:

url = "https://w0t809-pan-mgmt.mitre.org/restapi/v10.1/Objects/Addresses?location=shared"

The description part of the response becomes:

"description":"Missing Query Parameter: name"

So for starters, I'm not sure what belongs in the URL, and what belongs in the payload, as some of the data seems to be duplicated. 

 

If I add the name to the URL:

url = "https://w0t809-pan-mgmt.mitre.org/restapi/v10.1/Objects/Addresses?location=shared&name=" + name

The response changes to

"description":"Invalid Object: Edit breaks config validity."


 Can anybody share what I'm doing wrong?  I'm sure I'm not the first person to attempt this.

1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

Hi @DaveFitz ,

 

This is what worked for me in Postman.

 

 

URL = https://{{hostname}}.{{domain}}.com/restapi/v10.2/Objects/Addresses?location=shared&name=Test-1-2-3
Body = 
{
    "entry": [
        {
            "@location": "shared",
            "@name": "Test-1-2-3",
            "ip-netmask": "10.21.46.0/24",
            "tag": {
                "member": [
                    "API"
                ]
            },
            "description": "Miami Voice Network"
        }
    ]
}
Response =
{
    "@status": "success",
    "@code": "20",
    "msg": "command succeeded"
}

 

 

The name needs to be in the URL according to this example:  https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-panorama-api/get-started-with-the-pan-os-rest-ap...

 

My "API" tag already existed.  Here is the newly created object in the Panorama GUI:

 

TomYoung_0-1715017580446.png

 

 

Thanks,

 

Tom

Help the community: Like helpful comments and mark solutions.

View solution in original post

1 REPLY 1

Cyber Elite
Cyber Elite

Hi @DaveFitz ,

 

This is what worked for me in Postman.

 

 

URL = https://{{hostname}}.{{domain}}.com/restapi/v10.2/Objects/Addresses?location=shared&name=Test-1-2-3
Body = 
{
    "entry": [
        {
            "@location": "shared",
            "@name": "Test-1-2-3",
            "ip-netmask": "10.21.46.0/24",
            "tag": {
                "member": [
                    "API"
                ]
            },
            "description": "Miami Voice Network"
        }
    ]
}
Response =
{
    "@status": "success",
    "@code": "20",
    "msg": "command succeeded"
}

 

 

The name needs to be in the URL according to this example:  https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-panorama-api/get-started-with-the-pan-os-rest-ap...

 

My "API" tag already existed.  Here is the newly created object in the Panorama GUI:

 

TomYoung_0-1715017580446.png

 

 

Thanks,

 

Tom

Help the community: Like helpful comments and mark solutions.
  • 1 accepted solution
  • 1722 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!