Palo Alto Firewall record

/api/2.0/fo/auth/palo_alto_firewall/

[POST]

Create, update, list and delete Palo Alto Firewall records for authenticated scans of Palo Alto Firewall instances. Supported are vulnerability and compliance scans (using VM, PC).

Requirements:

- The user account you provide for authentication must either have the predefined role "Superuser (read-only)" or a custom role with these XML API privileges enabled: Configuration and Operational Requests.

- We use the PANOS XML API to retrieve system information from Palo Alto Firewall on port 443 so this port must be open.

Tip - We strongly recommend you create one or more dedicated user accounts to be used solely by the Qualys Cloud Platform to authenticate to Palo Alto Firewall instances.

Input Parameters

Parameter	Description
action={action}	(Required) Specify create, update, delete (using POST) or list (using GET or POST). See List Auth Records for type
echo_request={0\|1}	(Optional) Specify 1 to view (echo) input parameters in the XML output. By default these are not included.
ids={value}	(Required to update or delete record) Record IDs to update/delete. Specify record IDs and/or ID ranges (for example, 1359-1407). Multiple entries are comma separated.
title={value}	(Required to create record) A title for the record. The title must be unique. Maximum 255 characters (ascii).
comments={value}	(Optional to create or update record) User defined comments. Maximum of 1999 characters.
Login Credentials
username={value}	(Required to create record, optional to update record) The username of the account to be used for authentication. If password is specified this is the username of a Palo Alto Firewall account. If login_type=vault is specified, this is the username of a vault account. Maximum 255 characters (ascii).
password={value}	(To create record password or login_type=vault is required) The password of the Palo Alto Firewall account to be used for authentication. Maximum 100 characters (ascii).
login_type=vault	(To create record password or login_type=vault is required) Set to vault if a third party vault will be used to retrieve password. Vault parameters need to be provided in the record. Click here for vault parameters
Target Hosts
ips={value}	(Required to create record) The IP address(es) the server will log into using the record’s credentials. Multiple entries are comma separated. (Optional to update record) IPs specified will overwrite existing IPs in the record, and existing IPs will be removed. This parameter and the add_ips parameter or the remove_ips parameter cannot be specified in the same request.
add_ips={value}	(Optional to update record) Add IPs and/or ranges to the IPs list for this record. Multiple IPs/ranges are comma separated. This parameter and the ips parameter cannot be specified in the same request.
remove_ips={value}	(Optional to update record) IPs to be removed from your record. You may enter a combination of IPs and ranges. Multiple entries are comma separated. This parameter and the ips parameter cannot be specified in the same request.

Sample - Create Palo Alto Firewall record

API request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl Sample" -d "action=create&title=palo-4&ips=10.10.10.10&login_type=basic&username=root&password=123123" "https://qualysapi.qualys.com/api/2.0/fo/auth/palo_alto_firewall/"

XML output

<?xml version="1.0" encoding="UTF-8" ?>

<!DOCTYPE BATCH_RETURN SYSTEM "https://qualysapi.qualys.com/api/2.0/batch_return.dtd">

<BATCH_RETURN>

<BATCH_LIST>

<BATCH>

<TEXT>Successfully Created</TEXT>

<ID_SET>

</ID_SET>

</BATCH>

</BATCH_LIST>

</RESPONSE>

</BATCH_RETURN>

Sample - Create Palo Alto Firewall record, using vault