Skip to main content

Palo Alto Networks Panorama V2

palo-alto-networks-panorama-v2

Version: 2.5
Updated: May 29, 2024

Utilize Palo Alto Panorama to list current applications and issue containment actions during incident investigation.

Actions

  • List Tags (Enrichment) - List all available tags.
  • List Dynamic User Groups (Enrichment) - List all dynamic user groups.
  • List Connected Devices (Enrichment) - List all connected devices.
  • List Firewall User Attributes (Enrichment) - List firewall user attributes.
  • List Application (Enrichment) - Pull a list of current applications and associated ports.
  • List Address (Enrichment) - List an address.
  • List Service (Enrichment) - List a service.
  • Get Policy Rules (Enrichment) - Get policy rules.
  • Get Firewall User Group Members (Enrichment) - Get a list of all members of a firewall user group.
  • Get Address Groups (Enrichment) - Get address groups.
  • Get Service Groups (Enrichment) - Get service groups.
  • Get URL Category (Enrichment) - Get URL categories.
  • Get URL Filter (Enrichment) - Get URL filter.
  • Get Devices (Enrichment) - Get all devices.
  • Create Tag (Containment) - Create a new tag.
  • Create Dynamic User Group (Containment) - Create a new dynamic user group.
  • Create Policy Rule (Containment) - Create a new policy rule.
  • Create Address Group ( Containment) - Create a new address group.
  • Create Address ( Containment ) - Create a new address.
  • Create Service Group ( Containment ) - Create a service group.
  • Create Service (Containment ) - Create a service.
  • Create Tag (Containment ) - Create a tag.
  • Create URL Category (Containment ) - Create a URL category.
  • Create URL Filter (Containment ) - Create URL filter.
  • Commit (Containment) - Commit a change.
  • Delete Address Group (Containment ) - Delete an address group.
  • Delete Address (Containment ) - Delete an address.
  • Delete Policy Rule (Containment ) - Delete a policy rule.
  • Delete Service Group (Containment ) - Delete a service group.
  • Delete Service (Containment ) - Delete a service.
  • Delete URL Category (Containment ) - Delete a URL category.
  • Delete URL Filter (Containment ) - Delete a URL filter.
  • Register Tag For Users (Containment) - Register a tag for users.
  • Unregister Tag For User (Containment) - Unregister a tag for a user.
  • Unregister All Tags For User (Containment) - Unregister all tags for a user.
  • Move Policy Rule (Containment) - Move an existing policy rule.
  • Update Policy Rule ( Containment ) - Update a policy rule.
  • Update URL Category ( Containment ) - Update a URL category.

Notes

Dynamic User Groups

  • The following actions must be committed to the firewall:
    • Create Tag
    • List Tags
    • List Devices Group (Device Group - Location)
    • Create Dynamic User Group (Match/Filter is only based on Tags)
    • List Dynamic User Groups
    • Create Policy Rule (Possibility to Add Dynamic User Group as Source User)
    • Commit
    • Get Policy Rules
  • The following actions will be redirected to Firewall through Panorama, with no need to commit:
    • List Connected Devices (to get the serial number)
    • List Firewall User Attributes (List local Firewall users of Active Directory)
    • Register Tag For Users (include/add any user Dynamically to Dynamic User Groups using a tag)
    • Get Firewall User Group Members (Get Dynamic User Groups Members of Firewall or any local user group of the Firewall)
    • Unregister Tag For User (Remove a user from a tag, it means, will remove users from Dynamic User Groups if the tag is already associated with it)
    • Unregister All Tags For User (remove a user from all the tags and it will be removed from all the Dynamic User Groups)

External Libraries

Configure Palo Alto Networks Panorama V2 in Automation Service and Cloud SOAR

Before you can use the integration, you must configure it so that the vendor can communicate with Sumo Logic. For general guidance, see Configure Authentication for Integrations.

  1. Access App Central and install the integration.
  2. Select the installed integration in the Integrations page.
    Classic UI. In the main Sumo Logic menu, select Automation and then select Integrations in the left nav bar.
    New UI. In the main Sumo Logic menu, select Automation > Integrations. You can also click the Go To... menu at the top of the screen and select Integrations.
  3. Select the integration.
  4. Hover over the resource name and click the Edit button that appears.
    Edit a resource
  5. In the Add Resource dialog, enter the authentication needed by the resource. When done, click TEST to test the configuration, and click SAVE to save the configuration.

For information about Palo Alto Networks Panorama, see Palo Alto Networks Panorama documentation.

Change Log

  • January 14, 2020 - First upload
  • May 22, 2020 - Added support for Dynamic User Groups
  • July 21, 2023 (v2.2) - Updated the integration with Environmental Variables
  • September 4, 2023 (v2.3) - Fixed a bug where if the timeout was not specified, an error would occur
  • September 19, 2023 (v2.4) - Versioning
  • May 29, 2024 (v2.5) - Docker updated
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.