About seanbarbour

seanbarbour · ‎02-25-2020

Worked like a charm for me. Thank you!

seanbarbour · ‎04-04-2019

Thank you for the information, it helped. I did not think of running the command in the CLI with debug on. I will need to look up on how to do that!

seanbarbour · ‎03-20-2019

I am trying to figure out how to get the hit count for rules via the REST API. I used the REST API browser and found that the URI path is https://URL-to-Palo/api/?type=op&cmd=<show><rule-hit-count></rule-hit-count></show>&key=<key> . However when I run the comamnd in a rest client (Insomnia or postman)I get a code 400. If I run just cmd=<show><rule-hit-count></rule-hit-count></show> I get "Illegal parameter [request]". I have tried running: https://URL-to-Palo/api/?type=op&cmd=<show><rule-hit-count>'rulename'</rule-hit-count></show>&key=<key> (where rule name is the name of a rule) But I get the following output: <response status="error" code="17"> <msg> <line> <![CDATA[ show -> rule-hit-count unexpected here]]> </line> <line> <![CDATA[ show -> rule-hit-count is unexpected ]]> </line> <line> <![CDATA[ show is unexpected ]]> </line> </msg> </response> I have tried different ways to get this to work but so far I have been unsuccessfull. Any help would be greatly appreciated.

seanbarbour · ‎02-15-2018

It appears the issue is with PS not liking the certificate we used for the management interface. I added the following two lines which resolved the issue: $AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12' [System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols The top of my script looks like this: add-type @" using System.Net; using System.Security.Cryptography.X509Certificates; public class TrustAllCertsPolicy : ICertificatePolicy { public bool CheckValidationResult( ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) { return true; } } "@ $AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12' [System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy Hopefully this will help someone else.

seanbarbour · ‎02-05-2018

I will try, never had to sanatize a packet capture before.

seanbarbour · ‎01-29-2018

I get the following error message when I use a variable that builds the URI: Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a send. At C:\Users\meowz\Documents\Scripts\powershell\palo-search-ps\palo-rest.ps1:20 char:1 + Invoke-WebRequest -Method Get -Uri $strUri + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand When I use the URI directly in the call (invoke-webrequest -method...) i get the following error: Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a send. At C:\Users\meowz\Documents\Scripts\powershell\palo-search-ps\palo-rest.ps1:20 char:1 + Invoke-WebRequest -Method Get -Uri "https://<URL TO PALO>/ap ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand When I copy the URI and use it in the browser I get the list of addresses returned. If I attempt to use Invoke-ResetMethod I get the same errors.

seanbarbour · ‎01-26-2018

I have a script that I use that reads a copy of my palo's configuration that I manually export. I am looking to create a PowerShell script that can call the rest service instead of having to manually export the XML configuration file. I also want to be able to give the script to co-workers (using their own key). However, when I go to call the service I either the error that the connection was closed or an HTTP error. I tested the URI that I am using in small python script and received a 200 status code. I do not know Python well enough to be able to write the script in it and Python is widely installed in my office. I have been fighting this for a while I am at my wits end as I cannot figure out what it is that I am doing wrong. Here is my code: $rKey = "<KEY>" $Headers = "$rKey application" $type = "config" $xpath = "/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/address" $strUri ="https://<URL>/api/?type=config&action=get&key=$dKey&xpath=$xpath" #Tried this after the first failed. Same results. Invoke-WebRequest -Method Get -Uri "https://<URL>/api/?type=config&action=get&key=$rKey&xpath=/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/address" #started with this, had error message. Invoke-WebRequest -Method Get -Uri $strUri I am new to using rest and this is my first attempt at something other than using a cmdlet to get my external IP. Any help would be greatly appreciated. Thanks, Sean

Member Since	‎10-14-2013 09:33 AM
Date Last Visited	‎07-07-2020 12:16 PM
Posts	9
Total Likes Received	2

Online Status	Offline
Date Last Visited	‎07-07-2020 12:16 PM

About seanbarbour

Re: MineMeld install on 16.04 fails with i386 architecture support

Re: policy rules hit count from API

policy rules hit count from API

Re: Rest calls from PowerShell failing

Re: Rest calls from PowerShell failing

Re: Rest calls from PowerShell failing

Re: MineMeld install on 16.04 fails with i386 architecture support

Re: MineMeld install on 16.04 fails with i386 architecture support

Re: policy rules hit count from API

policy rules hit count from API

Re: Rest calls from PowerShell failing

Re: Rest calls from PowerShell failing

Re: Rest calls from PowerShell failing

Rest calls from PowerShell failing

Network Security

Cloud Security

Security Operations

About seanbarbour