Palo Alto Networks PAN-OS SDK for Python

Overview

Palo Alto Networks PAN-OS SDK for Python

The PAN-OS SDK for Python (pan-os-python) is a package to help interact with Palo Alto Networks devices (including physical and virtualized Next-generation Firewalls and Panorama). The pan-os-python SDK is object oriented and mimics the traditional interaction with the device via the GUI or CLI/API.


Latest version released on PyPi Python versions License Documentation Status Chat on GitHub Discussions

semantic-release Conventional Commits Powered by DepHell GitHub contributors


Features

  • Object model of Firewall and Panorama configuration
  • Multiple connection methods including Panorama as a proxy
  • All operations natively vsys-aware
  • Support for high availability pairs and retry/recovery during node failure
  • Batch User-ID operations
  • Device API exception classification

Status

Palo Alto Networks PAN-OS SDK for Python is considered stable. It is fully tested and used in many production environments. Semantic versioning is applied to indicate bug fixes, new features, and breaking changes in each version.

Install

Install using pip:

pip install pan-os-python

Upgrade to the latest version:

pip install --upgrade pan-os-python

If you have poetry installed, you can also add pan-os-python to your project:

poetry add pan-os-python

How to import

To use pan-os-python in a project:

import panos

You can also be more specific about which modules you want to import:

from panos import firewall
from panos import network

A few examples

For configuration tasks, create a tree structure using the classes in each module. Nodes hierarchy must follow the model in the Configuration Tree.

The following examples assume the modules were imported as such:

from panos import firewall
from panos import network

Create an interface and commit:

fw = firewall.Firewall("10.0.0.1", api_username="admin", api_password="admin")
eth1 = network.EthernetInterface("ethernet1/1", mode="layer3")
fw.add(eth1)
eth1.create()
fw.commit()

Operational commands leverage the 'op' method of the device:

fw = firewall.Firewall("10.0.0.1", api_username="admin", api_password="admin")
print fw.op("show system info")

Some operational commands have methods to refresh the variables in an object:

# populates the version, serial, and model variables from the live device
fw.refresh_system_info()

See more examples in the Usage Guide.

Upgrade from pandevice

This pan-os-python package is the evolution of the older pandevice package. To upgrade from pandevice to pan-os-python, follow these steps.

Step 1. Ensure you are using python3

Python2 is end-of-life and not supported by pan-os-python.

Step 2. Uninstall pandevice:

pip uninstall pandevice
 # or
poetry remove pandevice

Step 3. Install pan-os-python:

pip3 install pan-os-python
 # or
poetry add pan-os-python

Step 4. Change the import statements in your code from pandevice to panos. For example:

import pandevice
from pandevice.firewall import Firewall

 # would change to

import panos
from panos.firewall import Firewall

Step 5. Test your script or application

There are no known breaking changes between pandevice v0.14.0 and pan-os-python v1.0.0, but it is a major upgrade so please verify everything works as expected.

Contributors

Thank you to Kevin Steves, creator of the pan-python library

Comments
  • Updating panorama template default_vsys after creation

    Updating panorama template default_vsys after creation

    I cannot find a way to do this? Can someone point me in the right direction?

    pandevice.errors.PanDeviceXapiError:  dev -> settings -> default-vsys 'vsys1' is not a valid reference
     dev -> settings -> default-vsys is invalid
    
    opened by DaveHewy 15
  • feat: add rip support

    feat: add rip support

    Description

    Adding RIP configuration objects to be added to panos.network.VirtualRouter instance.

    The following classes have been added to enable this functionality:

    • Rip
    • RipInterface
    • RipAuthProfile
    • RipAuthProfileMd5
    • RipExportRules

    Added Unit tests to cover the additional classes

    • TestRip
    • TestRipAuthProfile
    • TestRipAuthProfileMd5
    • TestRipInterface
    • TestRipExportRules

    Feature enhancement #329

    Motivation and Context

    Current network design requires RIP routing configuration on VirtualRouter objects.

    How Has This Been Tested?

    pylint pass flake8 pass pytest live tests pass

    image

    Functionality tested with the following driver script:

    import os
    
    from panos.firewall import Firewall
    from panos.network import (
        RedistributionProfile,
        Rip,
        RipAuthProfile,
        RipAuthProfileMd5,
        RipExportRules,
        RipInterface,
        VirtualRouter,
    )
    
    HOSTNAME = os.environ["PAN_HOSTNAME"]
    USERNAME = os.environ["PAN_USERNAME"]
    PASSWORD = os.environ["PAN_PASSWORD"]
    
    VR_NAME = "vr_1"
    REDIST_NAME = "redist_1"
    VR_INTERFACES = ["ethernet1/1"]
    REDIST_INTERFACE = "ethernet1/1"
    
    
    fw = Firewall(HOSTNAME, USERNAME, PASSWORD)
    
    # find or create a virtual router
    vr = fw.find_or_create(VR_NAME, VirtualRouter, interface=VR_INTERFACES)
    
    # create redist profile
    redist_profile = RedistributionProfile(
        name=REDIST_NAME, priority=1, action="redist"
    )
    vr.add(redist_profile)
    
    rip_spec = {
        "enable": True,
        "reject_default_route": True,
        "allow_redist_default_route": True,
        "delete_intervals": 121,
        "expire_intervals": 181,
        "interval_seconds": 2,
        "update_intervals": 31,
    }
    rip = Rip(**rip_spec)
    
    # add rip auth (password)
    rip_auth = RipAuthProfile(
        name="rip_profile_1", auth_type="password", password="#Password1"
    )
    rip.add(rip_auth)
    
    # add rip auth (md5)
    rip_auth = RipAuthProfile(name="rip_profile_2", auth_type="md5")
    md5 = RipAuthProfileMd5(keyid=1, key="#Password1", preferred=True)
    rip_auth.add(md5)
    rip.add(rip_auth)
    
    # add rip export rules
    rip_export = RipExportRule(name=REDIST_NAME, metric=10)
    rip.add(rip_export)
    
    # add rip interfaces
    rip_interface_spec = {
        "name": REDIST_INTERFACE,
        "enable": True,
        "advertise_default_route": "advertise",
        "metric": 11,
        "auth_profile": "rip_profile_1",
        "mode": "passive",
    }
    rip_interface = RipInterface(**rip_interface_spec)
    rip.add(rip_interface)
    
    # add rip config to virtual router and apply changes
    vr.add(rip)
    vr.apply()
    
    

    Result

    image image image image

    Types of changes

    • New feature (non-breaking change which adds functionality)

    Checklist

    • [x] I have updated the documentation accordingly.
    • [x] I have read the CONTRIBUTING document.
    • [x] I have added tests to cover my changes if appropriate.
    • [x] All new and existing tests passed.
    released 
    opened by markharden817 10
  • add support for hit count in Panorama Object

    add support for hit count in Panorama Object

    Is your feature request related to a problem?

    I would like to gather hit_count for security rules from Panorama. I've seen this feature implemented with the Firawall object and I was wondering if we could do the same for the Panoram object. Unless I missed something it seems that there is nothing similar for panorama.

    Describe the solution you'd like

    Something similar to this commit: https://github.com/PaloAltoNetworks/pan-os-python/commit/7a2e95b3746faeb386c58dedbb40b71d81a5cff0

    Describe alternatives you've considered

    I could pass an xml to Panorama.op but I rather work with object.

    I see a panos.policies.RulebaseOpState imbricated in SecurityRule response and I trying to leverage this with no success. I want to be able to retrieve security rules and their associated hit_count. If a process already exist please let me know how to do it.

    enhancement released 
    opened by devbollinger 9
  • add full BGP support

    add full BGP support

    I've added support for basic BGP configuration of a VirtualRouter, including peer groups and peers. I'm planning to complete the policy and advanced options but I thought I would submit the progress thus far.

    Any feedback is appreciated.

    opened by freakinhippie 9
  • Getting objects in DeviceGroup Hierarchy based

    Getting objects in DeviceGroup Hierarchy based

    Hi

    For example, Lets have Devicegroup hierarchy level in Panorama are as below,

    -- Base ----childbase1 ------childbase2

    When I try to refreshall objects from childbase2, it should return objects from Base, childbase1, childbase2 (maybe shared as well).

    I kinda stuck in this stage, How can it be achieved through panospython ?

    question 
    opened by FrancisPrakash 8
  • Create Rules dont accept uppercase in zone_ip, destination IP and service

    Create Rules dont accept uppercase in zone_ip, destination IP and service

    We create object with uppercase and when we use create_security_rule we obtains error from pandevice.policies

    [2018-03-13 16:52:37,596] {#flaskit/resource.py:232} 100a688b ERROR - datacenter -> pre-rulebase -> security -> rules -> Test1 -> source '['PHMBUPIAPIA']' is not an allowed keyword datacenter -> pre-rulebase -> security -> rules -> Test1 -> source ['PHMBUPIAPIA'] is an invalid ipv4/v6 address datacenter -> pre-rulebase -> security -> rules -> Test1 -> source '['PHMBUPIAPIA']' is not a valid reference datacenter -> pre-rulebase -> security -> rules -> Test1 -> source ['PHMBUPIAPIA'] range separator('-') not found datacenter -> pre-rulebase -> security -> rules -> Test1 -> source is invalid Traceback (most recent call last):

    opened by stephrobert 8
  • Support for retrieving predefined objects.ApplicationObject and objects.ServiceObject

    Support for retrieving predefined objects.ApplicationObject and objects.ServiceObject

    Per conversation in previous FR, I am opening this issue to formally request this functionality.

    Again, the wish is to pull in the predefined objects that exist in firewall. Perhaps as an optional parameter "include_predefined" in the refresh methods?

    enhancement 
    opened by lampwins 8
  • dyn_address_group.py: error: unrecognized arguments: General

    dyn_address_group.py: error: unrecognized arguments: General

    Hi I am trying to tag existing IP 10.34.20.94 on firewall 10.34.2.21 (PANOS 7.1.7 - model 5060 multi vsys) with tag General , getting error below:

    $ python dyn_address_group.py 10.34.2.21 admin 'password' 10.34.20.94 General
    usage: dyn_address_group.py [-h] [-v] [-q] [-r REGISTER] [-u UNREGISTER] [-l]
                                [-c]
                                hostname username password ip
    dyn_address_group.py: error: unrecognized arguments: General
    

    I am using pandevice (0.3.5)

    bug question 
    opened by irom77 7
  • SecurityRule 'any' attributes inconsistent behavior

    SecurityRule 'any' attributes inconsistent behavior

    policies.SecurityRule has certain attributes that default to the string value 'any'. However when a SecurityRule is created from a live device and that rule has attributes actually set to 'any' the value is represented as a list ['any']. This is inconsistent behavior and leads the developer to add extra checks to deal with these attributes when their value is actually set to 'any'.

    bug 
    opened by lampwins 7
  • >>> from pandevice import firewall gives SyntaxError: invalid syntax

    >>> from pandevice import firewall gives SyntaxError: invalid syntax

    I got SyntaxError: invalid syntax for 'from pandevice import firewall'

    $ python
    Python 2.6.6 (r266:84292, May 22 2015, 08:34:51) 
    [GCC 4.4.7 20120313 (Red Hat 4.4.7-15)] on linux2
    Type "help", "copyright", "credits" or "license" for more information.
    >>> import pandevice
    
    >>> from pandevice import firewall
    Traceback (most recent call last):
      File "<stdin>", line 1, in <module>
      File "/usr/lib/python2.6/site-packages/pandevice/firewall.py", line 32, in <module>
        from pandevice import device
      File "/usr/lib/python2.6/site-packages/pandevice/device.py", line 22, in <module>
        from base import PanObject, Root, MEMBER, ENTRY
      File "/usr/lib/python2.6/site-packages/pandevice/base.py", line 1095
        option_paths = {opt: re.sub(r"\([\w\d|-]*\)", opt, path) for opt in options}
                                                                   ^
    SyntaxError: invalid syntax
    
    opened by irom77 7
  • add optional timeout for userid register()

    add optional timeout for userid register()

    Description

    Ben Parker 2:39 PM

    So this call should actaully support another argument https://pan-os-python.readthedocs.io/en/latest/module-userid.html#panos.userid.UserId.audit_registered_ip

    the timeout like argument like https://pan-os-python.readthedocs.io/en/latest/module-userid.html#panos.userid.UserId.audit_registered_ip

    Ben Parker 2:40 PM Here is what the whole API call looks like

    https://{{host}}/api?key={{key}}&type=user-id&cmd=<uid-message><version>2.0</version><type>update</type><payload><register><entry ip="{{tagged-ip}}"><tag><member timeout="60">{{tag}}</member></tag></entry></register></payload></uid-message>
    

    Motivation and Context

    Need update to XML API call

    How Has This Been Tested?

    New unit test cases included

    Types of changes

    • Bug fix (non-breaking change which fixes an issue)

    Checklist

    • [x] I have updated the documentation accordingly.
    • [x] I have read the CONTRIBUTING document.
    • [x] I have added tests to cover my changes if appropriate.
    • [x] All new and existing tests passed.
    released 
    opened by devsecfranklin 6
  • Add admins parameter to Panorama push

    Add admins parameter to Panorama push

    Description

    Adding support for the PAN-OS 10.2 feature of Administrator-Level Push from Panorama to Managed Devices

    Motivation and Context

    Motivation is adding support for a new PAN-OS feature, and also to support adding this feature in pan-os-ansible (ref)

    How Has This Been Tested?

    Tested locally, with Panorama 11.0.0 and managed firewall 10.2.3

        panorama = Panorama(HOSTNAME, USERNAME, PASSWORD)
    
        cmd = PanoramaCommitAll(
            style="device group",
            name="poc-dg",
            include_template=False,
            force_template_values=False,
            admins=["other"],
        )
    
        sync = False
        sync_all = True
    
        result = panorama.commit(cmd=cmd, sync=sync, sync_all=sync_all)
    

    Screenshots (if appropriate)

    Screenshot 2022-12-22 at 13 09 56

    Types of changes

    • New feature (non-breaking change which adds functionality)

    Checklist

    • [x] I have updated the documentation accordingly.
    • [x] I have read the CONTRIBUTING document.
    • [ ] I have added tests to cover my changes if appropriate.
    • [x] All new and existing tests passed.
    enhancement 
    opened by jamesholland-uk 0
  • vsys attribute returns Device Group

    vsys attribute returns Device Group

    Describe the bug

    Unable to receive the vsys of a SecurityRule, device group is being returned.

    Expected behavior

    rules = SecurityRule.refreshall(rb)
    rule = rules[0]
    rule.vsys
    'policy-targetted-vsys-name-here'
    

    Current behavior

    rules = SecurityRule.refreshall(rb)
    rule = rules[0]
    rule.vsys
    'policy-targetted-device-group-name-here'
    

    It does not look like vsys is a captured value.

    pprint.pprint(vars(rule))
    {'_params': (<VersionedParamPath fromzone=['any'] default=['any'] 0x7ff31e8d66a0>,
                 <VersionedParamPath tozone=['any'] default=['any'] 0x7ff31e8d6430>,
                 <VersionedParamPath source=['TEST_DMZ'] default=['any'] 0x7ff31e8d6640>,
                 <VersionedParamPath source_user=['any'] default=['any'] 0x7ff31e8d67f0>,
                 <VersionedParamPath hip_profiles=None default=['any'] 0x7ff31e8d66d0>,
                 <VersionedParamPath destination=['TEST_K8S'] default=['any'] 0x7ff31e8d65b0>,
                 <VersionedParamPath application=['any'] default=['any'] 0x7ff31e8d6220>,
                 <VersionedParamPath service=['K8S_OVERLAY'] default=application-default 0x7ff31e8d63a0>,
                 <VersionedParamPath category=['any'] default=['any'] 0x7ff31e8d6d00>,
                 <VersionedParamPath action=allow default=None 0x7ff31e8d6d60>,
                 <VersionedParamPath log_setting=None default=None 0x7ff31e8d62e0>,
                 <VersionedParamPath log_start=None default=None 0x7ff31e8d6820>,
                 <VersionedParamPath log_end=None default=None 0x7ff31e8d6880>,
                 <VersionedParamPath description=Test rule to allow traffic towards k8s cluster default=None 0x7ff31e8d6280>,
                 <VersionedParamPath type=universal default=universal 0x7ff31e8d6970>,
                 <VersionedParamPath tag=None default=None 0x7ff31e8d6dc0>,
                 <VersionedParamPath negate_source=None default=None 0x7ff31e8d6550>,
                 <VersionedParamPath negate_destination=None default=None 0x7ff31e8d61f0>,
                 <VersionedParamPath disabled=None default=None 0x7ff31e8d6ca0>,
                 <VersionedParamPath schedule=None default=None 0x7ff31e8d60d0>,
                 <VersionedParamPath icmp_unreachable=None default=None 0x7ff31e8d65e0>,
                 <VersionedParamPath disable_server_response_inspection=None default=None 0x7ff31e8d6760>,
                 <VersionedParamPath group=None default=None 0x7ff31e8d6070>,
                 <VersionedParamPath negate_target=False default=None 0x7ff31e8d6100>,
                 <VersionedParamPath target=['123456789011', '123456789012'] default=None 0x7ff31e8d68e0>,
                 <VersionedParamPath virus=None default=None 0x7ff31e8d6400>,
                 <VersionedParamPath spyware=None default=None 0x7ff31e8d6460>,
                 <VersionedParamPath vulnerability=None default=None 0x7ff31e8d68b0>,
                 <VersionedParamPath url_filtering=None default=None 0x7ff31e8d6c40>,
                 <VersionedParamPath file_blocking=None default=None 0x7ff31e8d6a60>,
                 <VersionedParamPath wildfire_analysis=None default=None 0x7ff31e8d6b80>,
                 <VersionedParamPath data_filtering=None default=None 0x7ff31e8d6b20>,
                 <VersionedParamPath uuid=12345678-1234-1234-1234-123456789011 default=None 0x7ff31e8d6a00>,
                 <VersionedParamPath source_devices=['any'] default=['any'] 0x7ff31e8c4df0>,
                 <VersionedParamPath destination_devices=['any'] default=['any'] 0x7ff31e8c44c0>,
                 <VersionedParamPath group_tag=None default=None 0x7ff31e8c4730>),
    '_stubs': <panos.base.VersionedStubs object at 0x7ff31e8d62b0>,
    '_xpaths': <panos.base.ParentAwareXpath object at 0x7ff31e8d6df0>,
    'children': [],
    'name': 'Test rule to allow traffic towards k8s cluster',
    'opstate': <panos.base.OpStateContainer object at 0x7ff31e8c4550>,
    

    Possible solution

    Targeting a vsys is a common need for customers with multi-vsys systems, so there is an expectation that the vsys attribute will return the appropriate value.

    vsys information is presented within the REST API for the SecurityPostRules, but it requires an addititional query.

    /restapi/v10.1/Policies/SecurityPostRules?location=device-group&device-group=production&name=Test%20rule%20to%20allow%20traffic%20towards%20k8s%20cluster
    
    {
      "@status": "success",
      "@code": "19",
      "result": {
        "@total-count": "1",
        "@count": "1",
        "entry": [
          {
            "@name": "Test rule to allow traffic towards k8s cluster",
    ...
            "target": {
              "devices": {
                "entry": [
                  {
                    "@name": "123456789011",
                    "vsys": {
                      "entry": [
                        {
                          "@name": "vsys5"
                        }
                      ]
                    }
                  },
                  {
                    "@name": "123456789012",
                    "vsys": {
                      "entry": [
                        {
                          "@name": "vsys5"
                        }
                      ]
                    }
                  }
                ]
              },
              "negate": "no"
            }
          }
        ]
      }
    }
    

    This requires making an API call to "/restapi/v10.1/Device/VirtualSystems?location=template&template=Production" and capturing the indexed fifth entry to reveal the assigned vsys.

    This gives hope that the data can be captured from the XML API and could be presented through asking for the vsys attribute of a policy rule object.

    Steps to reproduce

    1. run the following within the repl
    from panos.panorama import Panorama, DeviceGroup
    from panos.policies import PostRulebase, SecurityRule
    
    pano = Panorama("panorama", "username", "password")
    dg = DeviceGroup("production")
    rb = PostRulebase()
    pano.add(dg)
    dg.add(rb)
    
    rules = SecurityRule.refreshall(rb)
    rules[0].name
    rule = rules[0]
    rule.vsys
    

    Screenshots

    2022-11-15_07-16-31

    Context

    Using diffsync library with Nautobot, this enables a workflow where security policies are defined within Nautobot's database and synced to Panorama through the pan-os-python SDK.

    Your Environment

    • Version used: 1.7.3
    • Environment name and version (e.g. Chrome 59, node.js 5.4, python 3.7.3): python 3.7
    • Operating System and version (desktop or mobile): Ubuntu 20.04 (WSL2)
    • Link to your project: private repository
    bug 
    opened by cdot65 1
  • Feature/new log settings

    Feature/new log settings

    Description

    Created the following new classes for the missing log setting formats:

    • class LogSettingsGlobalProtect
    • class LogSettingsUserId
    • class LogSettingsIpTag
    • class LogSettingsHipMatch
    • class LogSettingsCorrelation

    Added the the new class references as CHILDTYPES parameter to the following classes:

    • panos.device: class Vsys
    • panos.panorama: class TemplateStack and class Template
    • panos.firewall: class Firewall

    Motivation and Context

    We need to update log settings across multiple firewalls/Panorama Device groups, however as of now only System and Configuration log settings are supported in the SDIK. The following log settings types are missing:

    • Global Protect (PanOS 9.1)
    • User ID
    • IP Tag (PanOS 9.0)
    • HIP Match
    • Correlation

    How Has This Been Tested?

    Tested the new classes for Log Setting retrieval and configuration against Panorama.

    Screenshots (if appropriate)

    NA

    Types of changes

    • New feature (non-breaking change which adds functionality)

    Checklist

    • [x] I have updated the documentation accordingly.
    • [x] I have read the CONTRIBUTING document.
    • [x] I have added tests to cover my changes if appropriate.
    • [x] All new and existing tests passed.
    opened by BatD2 0
  • Interface full_delete fails if static route references any other interface

    Interface full_delete fails if static route references any other interface

    Describe the bug

    If a static route exists on the firewall which references an interface, a full_delete() will fail on a different interface.

    Expected behavior

    full_delete() should complete without throwing an exception

    Current behavior

    A TypeError exception is thrown, such as:

    File "/work/panos/network.py", line 595, in full_delete elif "__iter__" in dir(obj.interface) and self in obj.interface: TypeError: 'in ' requires string as left operand, not EthernetInterface

    Possible solution

    StaticRoute's interface attribute gets populated as a string, whereas the full_delete code appears to expect a list (which is the case for other objects such as VirtualRouter or Zone). Since the str type will also pass the __iter__ check, a more specific type check may be needed to avoid the in test that results at network.py:595.

    Steps to reproduce

    Minimal pan-os-python reproduction without a live firewall (StaticRoute is being added directly to Firewall for brevity but error still triggers with VirtualRouter):

    from panos.network import EthernetInterface, StaticRoute
    from panos.firewall import Firewall
    
    firewall = Firewall()
    ethernet1 = firewall.add(EthernetInterface("ethernet1/1", mode="layer3"))
    ethernet2 = firewall.add(EthernetInterface("ethernet1/2", mode="layer3"))
    route = firewall.add(StaticRoute("test", interface="ethernet1/1"))
    
    ethernet2.full_delete()  # generates error
    

    Context

    This can be a really tricky situation to avoid since the StaticRoute that triggers the error is unrelated to the interface being changed. Routes targeted at interfaces rather than next-hops can be common in environments with IPSec tunnels, but the interface can also be present in addition to a next-hop for any static route.

    Your Environment

    Python 3.9.15 pan-os-python 1.7.3

    bug  opened by tintedcorals 1
  • Add support for Security Profiles

    Add support for Security Profiles

    Is your feature request related to a problem?

    I am unable to create a complete firewall security policy solely via pan-os-python because it is missing support for Security Profiles. The SDK supports Profile Groups but this is not enough to build a comprehensive policy with the SDK.

    Describe the solution you'd like

    I would like to have the ability to create, modify, and delete all types of Security Profiles:

    • Vulnerability
    • Antivirus
    • Anti-spyware
    • URL-filtering
    • File blocking
    • Data filtering
    • Wildfire

    There should be individual classes for all these types of profiles under panos.objects

    Describe alternatives you've considered

    The current alternatives are to pre-create the required objects manually (which ruins the whole idea of having and managing policy-as-a-code), or to use XML API "patches" (which ruins the elegance of object-oriented programming with the SDK).

    Additional context

    We are building a next-gen risk-based web-filtering policy for our firm. It leverages a lot of PAN-OS/pan-os-python features (amongst others) such as Security and Decryption rules, Application Groups and Filters, Custom URL categories, Tags, EDLs and Profile Groups. The latter one operates with some 15 different individual Security Profiles.

    The policy is being designed to be portable so that we were able to deploy it to different device groups and different Panorama instances as well as standalone firewalls. Thus, a need for the manual creation of any policy elements (such as Security Profiles) becomes a significant shortcoming of the solution.

    enhancement 
    opened by nikolay-matveev-kkr 3
  • Expose mem_used in show_system_resources

    Expose mem_used in show_system_resources

    Is your feature request related to a problem?

    In Firewall.show_system_resources, only the memory total and memory free metrics are exposed. In unix, total = free + used + buffers, so using memory_free for ram usage computation is inaccurate as it is likely to stay in the high 90s% since unix will use as much buffers as possible

    Describe the solution you'd like

    It would be nice to expose mem_used (and maybe also mem_buffer?) in this method.

    Describe alternatives you've considered

    Alternative is doing show system resources manually and parse the output, which is not ideal.

    Additional context

    enhancement 
    opened by Yamakaky 1
  • Releases(v1.7.3)
    Owner
    Palo Alto Networks
    We ensure each day is safer and more secure than the one before.
    Palo Alto Networks
    Graviti-python-sdk - Graviti Data Platform Python SDK

    Graviti Python SDK Graviti Python SDK is a python library to access Graviti Data

    Graviti 13 Dec 15, 2022
    A wrapper for aqquiring Choice Coin directly through a Python Terminal. Leverages the TinyMan Python-SDK.

    CHOICE_TinyMan_Wrapper A wrapper that allows users to acquire Choice Coin directly through their Terminal using ALGO and various Algorand Standard Ass

    Choice Coin 16 Sep 24, 2022
    AWS SDK for Python

    Boto3 - The AWS SDK for Python Boto3 is the Amazon Web Services (AWS) Software Development Kit (SDK) for Python, which allows Python developers to wri

    the boto project 7.8k Jan 8, 2023
    Python SDK for Facebook's Graph API

    Facebook Python SDK This client library is designed to support the Facebook Graph API and the official Facebook JavaScript SDK, which is the canonical

    Mobolic 2.7k Jan 7, 2023
    Box SDK for Python

    Box Python SDK Installing Getting Started Authorization Server-to-Server Auth with JWT Traditional 3-legged OAuth2 Other Auth Options Usage Documentat

    Box 371 Dec 29, 2022
    The Official Dropbox API V2 SDK for Python

    The offical Dropbox SDK for Python. Documentation can be found on Read The Docs. Installation Create an app via the Developer Console. Install via pip

    Dropbox 828 Jan 5, 2023
    Evernote SDK for Python

    Evernote SDK for Python Evernote API version 1.28 This SDK is intended for use with Python 2.X For Evernote's beta Python 3 SDK see https://github.com

    Evernote 612 Dec 30, 2022
    Python SDK for IEX Cloud

    iexfinance Python SDK for IEX Cloud. Architecture mirrors that of the IEX Cloud API (and its documentation). An easy-to-use toolkit to obtain data for

    Addison Lynch 640 Jan 7, 2023
    Unofficial Medium Python Flask API and SDK

    PyMedium - Unofficial Medium API PyMedium is an unofficial Medium API written in python flask. It provides developers to access to user, post list and

    Engine Bai 157 Nov 11, 2022
    The Python SDK for the Rackspace Cloud

    pyrax Python SDK for OpenStack/Rackspace APIs DEPRECATED: Pyrax is no longer being developed or supported. See openstacksdk and the rackspacesdk plugi

    PyContribs 238 Sep 21, 2022
    :snake: Python SDK to query Scaleway APIs.

    Scaleway SDK Python SDK to query Scaleway's APIs. Stable release: Development: Installation The package is available on pip. To install it in a virtua

    Scaleway 114 Dec 11, 2022
    Skyscanner Python SDK

    Skyscanner Python SDK Important As of May 1st, 2020, the project is deprecated and no longer maintained. The latest update in v1.1.5 includes changing

    Skyscanner 118 Sep 23, 2022
    WeChat SDK for Python

    ___ __ _______ ________ ___ ___ ________ _________ ________ ___ ___ |\ \ |\ \|\ ___ \ |\ ____\|\ \|\ \|\ __ \|\___

    wechatpy 3.3k Dec 26, 2022
    Python SDK for the Buycoins API.

    This library provides easy access to the Buycoins API using the Python programming language. It provides all the feature of the API so that you don't need to interact with the API directly. This library can be used with Python 3.6+

    Musa Rasheed 48 May 4, 2022
    Graviti TensorBay Python SDK

    TensorBay Python SDK is a python library to access TensorBay and manage your datasets. It provides: A pythonic way to access your

    Graviti 72 Aug 22, 2022
    A Python script for rendering glTF files with V-Ray App SDK

    V-Ray glTF viewer Overview The V-Ray glTF viewer is a set of Python scripts for the V-Ray App SDK that allow the parsing and rendering of glTF (.gltf

    Chaos 24 Dec 5, 2022
    qualysclient - a python SDK for interacting with the Qualys API

    qualysclient - a python SDK for interacting with the Qualys API

    null 5 Oct 28, 2022
    A Python SDK for connecting devices to Microsoft Azure IoT services

    V2 - We are now GA! This repository contains code for the Azure IoT SDKs for Python. This enables python developers to easily create IoT device soluti

    Microsoft Azure 381 Dec 30, 2022