Conflicts with Automation & Regular Configuration Tasks

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Conflicts with Automation & Regular Configuration Tasks

L0 Member

Hi everyone,

 

I want to integrate the Palo Alto (Panorama) API into Demisto in order to do automatic blacklisting of malicious IPs (as determined in a phishing playbook). One concern the infrastructure team has is whether or not the automatic adding to the blacklist might prematurely commit changes if - for instance - the infrastructure engineer was changing ACLs or routing rules at the time. I believe that an API call to blacklist should have no affect on whatever is occuring in the UI as far as configuration goes, but I figured I'd run it past the pros anyway. 

 

Thanks!

1 REPLY 1

L2 Linker

Have a look at mindmeld and external dynamic lists.

 

https://github.com/PaloAltoNetworks/minemeld/wiki

  • 2104 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!