-
Notifications
You must be signed in to change notification settings - Fork 1.6k
/
PANOSPolicyOptimizer.yml
187 lines (187 loc) · 5.39 KB
/
PANOSPolicyOptimizer.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
category: Network Security
commonfields:
id: PAN-OS Policy Optimizer
version: -1
configuration:
- display: Server URL (e.g., https://192.168.0.1:443)
name: server_url
required: true
type: 0
- display: Username
name: credentials
required: true
type: 9
- display: Vsys - Firewall instances only
name: vsys
required: false
type: 0
- display: Device Group - Panorama instances only
name: device_group
required: false
type: 0
- defaultvalue: 8
display: PAN-OS Version (The exact version, e.g., 10.1.4, 1.1, 9)
name: version
type: 0
- display: Trust any certificate (not secure)
name: insecure
required: false
type: 8
- display: Use system proxy settings
name: proxy
required: false
type: 8
description: Automate your AppID Adoption by using this integration together with your Palo Alto Networks Next-Generation Firewall or Panorama.
display: PAN-OS Policy Optimizer (Beta)
name: PAN-OS Policy Optimizer
script:
commands:
- deprecated: false
description: Gets the Policy Optimizer statistics.
execution: false
name: pan-os-po-get-stats
outputs:
- contextPath: PanOS.PolicyOptimizer.Stats.no_app_specified
description: Number of rules with no apps specified.
type: Number
- contextPath: PanOS.PolicyOptimizer.Stats.unused
description: Number of unused security policies.
type: Number
- contextPath: PanOS.PolicyOptimizer.Stats.unused_apps
description: Number of unused apps in security policies.
type: Number
- contextPath: PanOS.PolicyOptimizer.Stats.unused_in_30_days
description: Number of unused security policies in 30 days.
type: Number
- contextPath: PanOS.PolicyOptimizer.Stats.unused_in_90_days
description: Number of unused security policies in 90 days.
type: Number
- deprecated: false
description: Shows all security policies with no apps specified.
execution: false
name: pan-os-po-no-apps
outputs:
- contextPath: PanOS.PolicyOptimizer.NoApps
description: Contains information about the rules that have no apps specified. For example, Source and Destination.
type: Unknown
- deprecated: false
description: Gets the unused apps.
execution: false
name: pan-os-po-unused-apps
outputs:
- contextPath: PanOS.PolicyOptimizer.UnusedApps
description: Shows all security rules with unused apps.
type: String
- arguments:
- default: false
defaultValue: '30'
description: The time frame in days to show the unused rules.
isArray: false
name: timeframe
required: false
secret: false
- auto: PREDEFINED
default: false
defaultValue: Unused
description: Rule usage type to filter by. Can be Unused, Used, or Any.
isArray: false
name: usage
predefined:
- Unused
- Used
- Any
required: false
secret: false
- default: false
defaultValue: 'false'
description: Whether to exclude rules reset during the last x days, where x is the value defined in the timeframe argument. It will not exclude rules by default.
isArray: false
name: exclude
predefined:
- 'false'
- 'true'
required: false
secret: false
- auto: PREDEFINED
default: false
description: Whether to get pre-rules, post-rules or both. 'pre' for pre rules, 'post' for post-rules, only for panorama instances.
isArray: false
name: position
defaultValue: 'both'
predefined:
- pre
- post
- both
required: false
secret: false
- default: false
defaultValue: security
description: Which type of rules to query.
isArray: false
name: rule_type
predefined:
- security
- nat
- qos
- pbf
- decryption
- tunnel-inspect
- application-override
- authentication
- dos
- sdwan
required: false
secret: false
deprecated: false
description: Gets unused, used, or any rules.
execution: false
name: pan-os-po-get-rules
outputs:
- contextPath: PanOS.PolicyOptimizer.UnusedRules
description: Shows all unused security rules.
type: String
- contextPath: PanOS.PolicyOptimizer.AnyRules
description: Shows all security rules.
type: String
- contextPath: PanOS.PolicyOptimizer.UsedRules
description: Shows all used security rules.
type: String
- arguments:
- default: false
description: The UUID of the security rule.
isArray: false
name: rule_uuid
required: true
secret: false
deprecated: false
description: Gets the app usage statistics for a specific security rule.
execution: false
name: pan-os-po-app-and-usage
outputs:
- contextPath: PanOS.PolicyOptimizer.AppsAndUsage
description: Shows detailed app usage statistics for specific security rules.
type: Unknown
- arguments:
- default: false
description: Dynamic address group name.
isArray: false
name: dag
required: true
secret: false
deprecated: false
description: Gets a specific dynamic address group.
execution: false
name: pan-os-get-dag
dockerimage: demisto/python3:3.10.11.58677
feed: false
isfetch: false
longRunning: false
longRunningPort: false
runonce: false
script: '-'
subtype: python3
type: python
tests:
- No tests (auto formatted)
fromversion: 6.0.0
beta: true