Merge branch 'hotfix/v3.3.2'

PaloAltoNetworks · Sep 12, 2013 · ac6763e · ac6763e
2 parents 4c7b2e5 + 5fb1093
commit ac6763e
Show file tree

Hide file tree

Showing 6 changed files with 17 additions and 15 deletions.
diff --git a/README.md b/README.md
@@ -11,8 +11,8 @@ Networks Firewall
 #### Version ####
 
 * Splunk Version: 5.x
-* App Version: 3.3.1
-* Last Modified: June 2013
+* App Version: 3.3.2
+* Last Modified: Sept 2013
 * Authors:
     * Monzy Merza - Splunk, Inc.
     * Brian Torres-Gil - Palo Alto Networks
@@ -133,6 +133,12 @@ Keep in mind that searches that have longer time ranges may take a little longer
 
 ## What's new in this version ##
 
+Version 3.3.2  
+- Fix: URL in WildFire dashboard corrected
+- Fix: Overview dashboard colors were gray on some servers, set back to white
+- Fix: Corrected description fields in commands.conf that resulted in log errors
+- Fix: Corrected sourcetype in inputs.conf.sample
+
 Version 3.3.1  
 - Fix: App setup screen allows blank values
 - Fix: Several GUI fixes and enhancements

diff --git a/appserver/static/pan_overview.css b/appserver/static/pan_overview.css
@@ -768,6 +768,7 @@ background-image: none;
 /* used on some dashbaords */
 .SingleValueHolder {
 background-color:#194775;
+color: #fff
 }
 
 /* tighten up dashboard title displays */
@@ -779,4 +780,4 @@ background-color:#194775;
 
 .dashboardContent h3 {
     margin-top: 0;
-}
+}
diff --git a/default/app.conf b/default/app.conf
@@ -5,7 +5,7 @@ label = Splunk for Palo Alto Networks
 [launcher]
 author= btorres-gil@paloaltonetworks.com
 description= The Splunk for Palo Alto Networks app is a set of field extractions, reports, lookups and dashboards which provide visibility into the Palo Alto Networks Firewall data. 
-version = 3.3.1
+version = 3.3.2
 
 [package]
 id= SplunkforPaloAltoNetworks

diff --git a/default/data/ui/views/wildfire_overview.xml b/default/data/ui/views/wildfire_overview.xml
@@ -349,7 +349,7 @@
                                                 </module>
                                             </module>
                                           <module name="StaticContentSample" layoutPanel="panel_row3_col1">
-                                            <param name="text">This table shows hosts that may be compromised because they show network behavior consistent with an analyzed malware sample. This data is based on a correlation of traffic logs and malware network behavior from WildFire Cloud analysis reports.  (Note: To download WildFire reports, this correlation requires a <![CDATA[<a href="http://localhost:8000/en-US/manager/SplunkforPaloAltoNetworks/apps/local/SplunkforPaloAltoNetworks/setup?action=edit">WildFire API Key</a>]]>)
+                                            <param name="text">This table shows hosts that may be compromised because they show network behavior consistent with an analyzed malware sample. This data is based on a correlation of traffic logs and malware network behavior from WildFire Cloud analysis reports.  (Note: To download WildFire reports, this correlation requires a <![CDATA[<a href="/manager/SplunkforPaloAltoNetworks/apps/local/SplunkforPaloAltoNetworks/setup?action=edit">WildFire API Key</a>]]>)
                                             </param>
                                           </module>
                                         </module>

diff --git a/default/searchbnf.conf b/default/searchbnf.conf
@@ -4,8 +4,7 @@
 [panblock-command]
 syntax = panblock
 shortdesc = Add/Remove host on the Palo Alto Firewall
-description = Given a table containing an IP address or a fully qualified domain name (FQDN), adds or removes the IP or FQDN from a specified group. 
-Options are action: vsys, group, device. It may take up to a minute before the submitted action is committed to the PAN config. You have to set the username and password for the device in the panChange.py file in $SPLUNK_HOME/etc/apps/SplunkforPaloAltoNetworks/bin/ . The password is stored in clear text. 
+description = Given a table containing an IP address or a fully qualified domain name (FQDN), adds or removes the IP or FQDN from a specified group.  Options are action: vsys, group, device. It may take up to a minute before the submitted action is committed to the PAN config. You have to set the username and password for the device in the panChange.py file in $SPLUNK_HOME/etc/apps/SplunkforPaloAltoNetworks/bin/ . The password is stored in clear text. 
 usage = public
 example1 = index=pan_logs 1.1.1.1 | stats dc(dst_ip) by dst_ip | panblock action="add" group="badboys"
 comment1 = Adds the IP 1.1.1.1 
@@ -17,14 +16,10 @@ tags = pan
 [panupdate-command]
 syntax = panupdate device=<Panorama IP> devicegroup=<group to be updated>
 shortdesc = Adds Dynamic Address objects and maps users to those objects
-description = The command take user-id and IP addresses and inputs the Panorama and individual firewall configurations with those IP addresses. The command expects two fields, addrip and addruser. Use the rename command if your userid and ip fields have different labels.
-It may take up to a minute for the changes to take effect in the Panorama and PAN devices.
-The credentials for Panorama must be set using the Splunk for PaloAlto Network app's setup page. 
-The devicegroup must exist in the Panorama prior to execution of the command
-Debugging and other output is here: $SPLUNK_HOME/var/log/splunk/python.log
+description = The command take user-id and IP addresses and inputs the Panorama and individual firewall configurations with those IP addresses. The command expects two fields, addrip and addruser. Use the rename command if your userid and ip fields have different labels.  It may take up to a minute for the changes to take effect in the Panorama and PAN devices.  The credentials for Panorama must be set using the Splunk for PaloAlto Network app's setup page.  The devicegroup must exist in the Panorama prior to execution of the command Debugging and other output is here: $SPLUNK_HOME/var/log/splunk/python.log
 example1 = index=main sourcetype=radius | panupdate device="192.168.4.211" devicegroup="homedev" 
 comment1 = Search for all RADIUS logs and update the Panorama's homedev devicegroup with the user-id and IP's. 
 example2 = index=main sourcetype=authlog | rename user AS addruser | rename src_ip AS addrip | panupdate device="192.168.4.211" devicegroup="hotel-lobby"
 comment2 = Search for all authlogs. Reanme the user and src_ip fields as addruser and addrip, respectively. Update the 'hotel-lobby' device group with the user-id's and IP's
 related = panblock
-tags = pan
+tags = pan
diff --git a/local/inputs.conf.sample b/local/inputs.conf.sample
@@ -3,5 +3,5 @@
 #[udp://5155]
 #index= pan_logs
 #connection_host = ip
-#ourcetype = pan_log
-#no_appending_timestamp = true
+#sourcetype = pan_log
+#no_appending_timestamp = true