01-27-2020 09:33 AM - edited 12-11-2020 09:39 AM
Panhandler is an open-source application that allows you to import and playback any skillet using a web interface.
Complete documentation for Panhandler can be found at https://panhandler.readthedocs.io.
Below is a quick summary for installation, importing skillets, playing skillets, and setting the user environment.
Panhandler runs inside a docker container so the installation platform must support a docker environment. It is also a simple web server so an open port will be used on the installed platform.
NOTE: The installation instructions shown below and in the video are for Mac/Linux platforms. Windows users should refer to the Windows-specific install instructions at https://panhandler.readthedocs.io/en/master/windows_install.html
Panhandler is installed using the following curl command to pull down and run the docker container. It can also be used to check for and install updates.
curl -s -k -L http://bit.ly/2xui5gM | bash
Here is what you should see after a few minutes of download, installation, and running the container.
The last line in the output message shows the url including the assigned port for Panhandler access. This example shows port 9999 while other ports such as 8080 may be used. Also note that users can use the server IP address instead of localhost for remote access.
Panhandler requires simple login to the web interface.
Panhandler uses a default username/password: paloalto/panhandler.
The pulldown menu in the upper left of the screen allows the user to perform a variety of tasks.
The import menu leads you to a list of recommended skillets or the ability to import ad hoc skillets.
Import will checkout the master branch. However, some branches may use software versioned branches. Switching is done in the Skillet Repository page.
NOTE: When importing be sure to use the clone url ending in .git and not the website url.
Once imported, you can immediately run a skillet using links from the bottom of the page or click into a named Collection.
Once in the Skillet Collection page, choose the collection containing the skillet you wish to run. You can also select All Skillets and search by skillet name.
Inside the Collection, you'll see a list of Skillets. These can be filtered by task, type, or quick find with search.
Click Go to run a skillet.
NOTE: Some skillets are classified as "workflow," which runs a series of skillets instead of a single task.
The Skillet Repository page will show all of the imported skillet repositories.
Inside the repository detail, you can Update to Latest to pull the latest skillet changes or Remove Repository to delete unused repos.
If you need to switch to another version/branch, click on the branch name, which takes you to the bottom of the page for branch selection.
You may still have to Update to Latest after the checkout of a new branch.
Skillets are design to prompt the user for username, password, and device address when API calls are required. If multiple devices are periodically used or you wish to bypass the password entry each time, you can create and customize user environments naming and setting attributes for each device.
Choose Environments from the upper right pulldown menu.
This data is stored encrypted on the user's local disk. You are prompted for an admin password on the first time that is used to access environments in the future.
Environment attributes most common used are TARGET_IP, TARGET_USERNAME, and TARGET_PORT to see api call targets.
For more details using environments see: https://panhandler.readthedocs.io/en/master/environments.html
It's too bad this tool isn't maintained. I try to switch to other iron-skillets (e.g., panos_vXX.0) and it fails. The output on the day one config can't be used. I opened a ticket https://github.com/PaloAltoNetworks/iron-skillet/issues/172.