Is anyone mining (own) firewalls reports?
I hate to reinvent wheel, so would appreciate any suggestions.
Use case: Teamviewer
They are not publishing their IPs ( https://community.teamviewer.com/t5/Knowledge-Base/Which-ports-are-used-by-TeamViewer/ta-p/4139 ). We have a few firewalls and running custom report on application Teamviewer from Panorama gives a nice list of addresses. I would like to feed those addresses back to EDL and use it to restrict use of Teamviewer. I am not trying to create any instant solution to prevent use of tw, just trying to help people comply to company policy.
What I am thinking is to first use curl (and API) to trigger report and then curl report in to minemeld using job number from previous curl reply and then move it under www and mine it. Only bad part is plaintext apikey in curl. And fact that this feels somewhat shaky.
So anyone mining firewall reports directly?
... View more