Who Me Too'd this topic

Who Me Too'd this topic

L4 Transporter

Custom App-ID creation via XML-API

Hello Gurus,

 

I am working on a project to automate the creation of Custom App-IDs using the XML-API.

I am following the guidance on this page: https://www.paloaltonetworks.com/documentation/71/pan-os/xml-api/get-started-with-the-pan-os-xml-api...

to determine the correct xpath ((/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/application/entry[@name='BlueIris']/signature))

The build seems fairly straight-forward:

<request cmd="edit" obj="/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/application/entry[@name='BlueIris']" cookie="8250537722113679">
  <entry name="BlueIris">
    <default>
      <port>
        <member>tcp/80</member>
      </port>
    </default>
    <subcategory>photo-video</subcategory>
    <category>media</category>
    <technology>client-server</technology>
    <risk>1</risk>
    <parent-app>web-browsing</parent-app>
    <signature>
      <entry name="UI2">
        <and-condition>
          <entry name="And Condition 1">
            <or-condition>
              <entry name="Or Condition 1">
                <operator>
                  <pattern-match>
                    <pattern>BlueIris </pattern>
                    <context>http-rsp-headers</context>
                  </pattern-match>
                </operator>
              </entry>
            </or-condition>
          </entry>
        </and-condition>
        <scope>session</scope>
        <order-free>yes</order-free>
      </entry>
    </signature>
    <consume-big-bandwidth>yes</consume-big-bandwidth>
    <file-type-ident>yes</file-type-ident>
    <virus-ident>yes</virus-ident>
    <data-ident>yes</data-ident>
  </entry>
</request>

I'm just curious if anyone on live has done a similar project and can help me understand any gotchas?

 

Tags (2)
Who Me Too'd this topic