06-17-2021 06:12 AM - edited 06-17-2021 06:12 AM
Hello.
In the Palo Alto GUI you have the option of global find on an object and get a list of all references where said object is used.
I would like to automate removal of object and references when a server get decommissioned, and thought of this function.
Using panorama and ansible you would have various device groups to pull and iterate through, and my understanding of this that whenever you create a new device group, you would have to update your ansible playbooks to reflect this.
I have tried to find a way to use this global find function by any of the automation options you have, but I haven't really found any.
I haven't seen it for CLI (yea there is config out put set with | match, but that is partial info, not the complete reference list), ansible or API.
Does anyone have a any idea if this function is possible in any other way than GUI?
Another way of making it fully automatic would be to list out device groups in Panorama, preferably by ansible. I haven't found any way of doing that either in the ansible modules from the Pan-OS collection.
