Palo Alto PAN-OS Inspector

This document provides the steps required to configure the Palo Alto PAN-OS Inspector.

👍

Quick Details

Recommended Agent: On-Premises
Supported Agents: On-Premises or Self-Hosted
Is Auto-Discovered By: N/A
Can Auto-Discover: N/A
Inspection via: API
Data Summary: Here

Overview

The Palo Alto inspector uses the Pan-OS XML API. Please reference this document for more information.

Inspector Setup Preparation

Gather the Pan-OS API key

The only way to gather the API key is by making an API request. You can use any BASH shell or Putty to accomplish this.

*Input the username, password, and IP parameters in the script, then run this in the shell.

[The Pan-OS Docs]((https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-panorama-api/get-started-with-the-pan-os-xml-api/get-your-api-key.html#) provide further information about acquiring the API key

USERNAME='input_username_here'
PASSWORD='input_password_here'
IP='input_palo_alto_firewall_ip_here'

curl -X GET "https://$IP/api/?type=keygen&user=$USERNAME&password=$PASSWORD"

Liongard Inspector Setup

In Liongard, navigate to Admin > Inspectors > Preview (Beta) > Navigate to the Palo Alto Inspector > Select Add System.

Fill in the following information:

  • Environment: Select the Environment this System should be associated to
  • Friendly Name: Suggested "Palo Alto [Environment Name]"
  • Agent: Select the On-premises Agent or Self-Hosted Agent installed for this Environment
  • Inspector Version: Latest
  • IP/Host Name: IP or Host Name used to access the device
  • Token: API user token from Palo Alto API user.
  • Scheduling: The Inspector will default to run once a day at the time the Inspector is set up. Here you can adjust the schedule

Select Save. The Inspector will now be triggered to run within the minute.


Did this page help you?