demisto · yaakovpraisler · Mar 13, 2024 · Feb 21, 2024 · Feb 21, 2024 · Feb 21, 2024
@@ -13660,6 +13660,184 @@ def pan_os_delete_tag_command(args: dict) -> CommandResults:
     )
 
 
+def prettify_security_profile_groups(sp_groups_list: list) -> list:
+    """Prettify the keys in the security profile groups for the HR table.
+
+    Args:
+        sp_groups_list (list): The security profile groups list
+
+    Returns:
+        list: List of prettified security profile groups.
+    """
+
+    profile_to_change_map = {
+        "virus": "Antivirus Profile",
+        "spyware": "Anti-Spyware Profile",
+        "vulnerability": "Vulnerability Protection Profile",
+        "url-filtering": "URL Filtering Profile",
+        "file-blocking": "File Blocking Profile",
+        "data-filtering": "Data Filtering Profile",
+        "wildfire-analysis": "WildFire Analysis Profile",
+    }
+
+    prettified_sp_groups_list = []
+    for sp_group in sp_groups_list:
+
+        prettified_sp_group = {"Name": sp_group["name"], "Location": sp_group["location"]}
+        for key in sp_group:
+
+            if key not in ("name", "location"):
+                sp_group[key] = extract_objects_info_by_key(sp_group, key)
+                prettified_sp_group[profile_to_change_map.get(key, key)] = sp_group[key]
+
+        prettified_sp_groups_list.append(prettified_sp_group)
+
+    return prettified_sp_groups_list
+
+
+def pan_os_list_security_profile_group_command(args: dict) -> CommandResults:
+    """
+    Returns a list of security profile groups.
+
+    Args:
+        args (dict): The command arguments.
+
+    Returns:
+        CommandResults: The command results with raw response, outputs and readable outputs.
+    """
+    xpath = f"{XPATH_RULEBASE}profile-group/entry"
+    if group_name := args.get("group_name"):
+        xpath += f"[@name='{group_name}']"
+
+    params = {
+        "type": "config",
+        "action": "get",
+        "key": API_KEY,
+        "xpath": xpath
+    }
+    raw_response = http_request(URL, 'GET', params=params)
+    sp_groups_response_list = raw_response.get("response", {}).get("result", {}).get("entry") or []
+    if not isinstance(sp_groups_response_list, list):
+        sp_groups_response_list = [sp_groups_response_list]
+
+    for sp_group in sp_groups_response_list:
+        parse_pan_os_un_committed_data(sp_group, ['@admin', '@dirtyId', '@time'])
+        sp_group["name"] = sp_group.pop("@name", "")
+        sp_group["location"] = sp_group.pop("@loc", "")
+
+    prettified_sp_groups_list = prettify_security_profile_groups(sp_groups_response_list)
+
+    return CommandResults(
+        raw_response=raw_response,
+        outputs=sp_groups_response_list,
+        readable_output=tableToMarkdown(
+            f'Security Profile Groups:',
+            prettified_sp_groups_list,
+            ["Name", "Location", "Antivirus Profile", "Anti-Spyware Profile", "Vulnerability Protection Profile",
+             "URL Filtering Profile", "File Blocking Profile", "Data Filtering Profile", "WildFire Analysis Profile"],
+        ),
+        outputs_prefix='Panorama.ProfileGroup',
+        outputs_key_field='name'
+    )
+
+
+def pan_os_create_security_profile_group_command(args: dict) -> CommandResults:
+    """
+    Creates a security profile groups in the given Panorama instance.
+
+    Args:
+        args (dict): The command arguments.
+
+    Returns:
+        CommandResults: The command results with raw response and readable outputs.
+    """
+    group_name = args.get('group_name')
+    params = {
+        "type": "config",
+        "action": "set",
+        "key": API_KEY,
+        "xpath": f"{XPATH_RULEBASE}profile-group/entry[@name='{group_name}']",
+        "element": (add_argument(args.get("antivirus_profile"), "virus", True)
+                    + add_argument(args.get("anti_spyware_profile"), "spyware", True)
+                    + add_argument(args.get("vulnerability_protection_profile"), "vulnerability", True)
+                    + add_argument(args.get("URL_filtering_profile"), "url-filtering", True)
+                    + add_argument(args.get("file_blocking_profile"), "file-blocking", True)
+                    + add_argument(args.get("data_filtering_profile"), "data-filtering", True)
+                    + add_argument(args.get("wildfire_analysis_profile"), "wildfire-analysis", True))
+    }
+
+    raw_response = http_request(URL, "GET", params=params)
+    return CommandResults(
+        raw_response=raw_response,
+        readable_output=f'Successfully created Security Profile Group: "{group_name}"',
+    )
+
+
+def pan_os_edit_security_profile_group_command(args: dict) -> CommandResults:
+    """
+    Edits a given security profile groups in the given Panorama instance.
+
+    Args:
+        args (dict): The command arguments.
+
+    Returns:
+        CommandResults: The command results with raw response and readable outputs.
+    """
+    group_name = args.get("group_name")
+    profile_to_change = args.get("profile_to_change", "")
+    profile_value = args.get("profile_value")
+
+    profile_to_change_map = {
+        "Antivirus Profile": "virus",
+        "Anti-Spyware Profile": "spyware",
+        "Vulnerability Protection Profile": "vulnerability",
+        "URL Filtering Profile": "url-filtering",
+        "File Blocking Profile": "file-blocking",
+        "Data Filtering Profile": "data-filtering",
+        "WildFire Analysis Profile": "wildfire-analysis",
+    }
+
+    params = {
+        "type": "config",
+        "action": "edit",
+        "key": API_KEY,
+        "xpath": f"{XPATH_RULEBASE}profile-group/entry[@name='{group_name}']/{profile_to_change_map.get(profile_to_change)}",
+        "element": add_argument(profile_value, profile_to_change_map.get(profile_to_change), True)  # type: ignore
+    }
+
+    raw_response = http_request(URL, "GET", params=params)
+    return CommandResults(
+        raw_response=raw_response,
+        readable_output=f'Successfully edited Security Profile Group: "{group_name}"',
+    )
+
+
+def pan_os_delete_security_profile_group_command(args: dict) -> CommandResults:
+    """
+    Deletes a given security profile groups in the given Panorama instance.
+
+    Args:
+        args (dict): The command arguments.
+
+    Returns:
+        CommandResults: The command results with raw response and readable outputs.
+    """
+    group_name = args.get("group_name")
+
+    params = {
+        "type": "config",
+        "action": "delete",
+        "key": API_KEY,
+        "xpath": f"{XPATH_RULEBASE}profile-group/entry[@name='{group_name}']",
+    }
+
+    raw_response = http_request(URL, "GET", params=params)
+    return CommandResults(
+        raw_response=raw_response,
+        readable_output=f'Successfully deleted Security Profile Group: "{group_name}"',
+    )
+
+
 """ Fetch Incidents """
 
 
@@ -14805,6 +14983,14 @@ def main():  # pragma: no cover
             return_results(list_device_groups_names())
         elif command == 'pan-os-export-tech-support-file':
             return_results(export_tsf_command(args))
+        elif command == 'pan-os-list-security-profile-group':
+            return_results(pan_os_list_security_profile_group_command(args))
+        elif command == 'pan-os-create-security-profile-group':
+            return_results(pan_os_create_security_profile_group_command(args))
+        elif command == 'pan-os-edit-security-profile-group':
+            return_results(pan_os_edit_security_profile_group_command(args))
+        elif command == 'pan-os-delete-security-profile-group':
+            return_results(pan_os_delete_security_profile_group_command(args))
         else:
             raise NotImplementedError(f'Command {command} is not implemented.')
     except Exception as err:

@@ -9364,6 +9364,97 @@ script:
       description: The job ID to use when polling.
     description: Exports a tech support file (TSF).
     polling: true
+  - arguments:
+    - description: A given group name to return the data for.
+      name: group_name
+    - description: The device group that the security profile groups are part of.
+      name: device-group
+    description: Returns a list of security profile groups from Panorama.
+    name: pan-os-list-security-profile-group
+    outputs:
+    - contextPath: Panorama.ProfileGroup.name
+      description: The name of the group.
+      type: String
+    - contextPath: Panorama.ProfileGroup.location
+      description: The security profile group's device group location.
+      type: String
+    - contextPath: Panorama.ProfileGroup.virus
+      description: The antivirus profile.
+      type: String
+    - contextPath: Panorama.ProfileGroup.spyware
+      description: The anti-spyware profile.
+      type: String
+    - contextPath: Panorama.ProfileGroup.vulnerability
+      description: The vulnerability protection profile.
+      type: String
+    - contextPath: Panorama.ProfileGroup.url-filtering
+      description: The URL filtering profile.
+      type: String
+    - contextPath: Panorama.ProfileGroup.file-blocking
+      description: The file blocking profile.
+      type: String
+    - contextPath: Panorama.ProfileGroup.data-filtering
+      description: The data filtering profile.
+      type: String
+    - contextPath: Panorama.ProfileGroup.wildfire-analysis
+      description: The wildFire analysis profile.
+      type: String
+    - contextPath: Panorama.ProfileGroup.disable-override
+      description: Whether overriding the security profile group is disabled.
+      type: String
+  - arguments:
+    - description: The name of the security profile group.
+      name: group_name
+      required: true
+    - description: The device group that the security profile group will be part of.
+      name: device-group
+    - description: The antivirus profile of the group. You can get the possible values for this argument by running the pan-os-get-security-profile command.
+      name: antivirus_profile
+    - description: The anti-spyware profile of the group. You can get the possible values for this argument by running the pan-os-get-security-profile command.
+      name: anti_spyware_profile
+    - description: The vulnerability protection profile of the group. You can get the possible values for this argument by running the pan-os-get-security-profile command.
+      name: vulnerability_protection_profile
+    - description: The URL filtering profile of the group. You can get the possible values for this argument by running the pan-os-get-security-profile command.
+      name: URL_filtering_profile
+    - description: The file blocking profile of the group. You can get the possible values for this argument by running the pan-os-get-security-profile command.
+      name: file_blocking_profile
+    - description: The data filtering profile of the group. You can get the possible values for this argument by running the pan-os-get-security-profile command.
+      name: data_filtering_profile
+    - description: The wildfire analysis profile of the group. You can get the possible values for this argument by running the pan-os-get-security-profile command.
+      name: wildfire_analysis_profile
+    description: Creates a new security profile group in Panorama.
+    name: pan-os-create-security-profile-group
+  - arguments:
+    - description: The name of the security profile group to edit.
+      name: group_name
+      required: true
+    - description: The profile to edit in the group.
+      name: profile_to_change
+      auto: PREDEFINED
+      predefined:
+      - 'Antivirus Profile'
+      - 'Anti-Spyware Profile'
+      - 'Vulnerability Protection Profile'
+      - 'URL Filtering Profile'
+      - 'File Blocking Profile'
+      - 'Data Filtering  Profile'
+      - 'WildFire Analysis Profile'
+      required: true
+    - description: The value to set in the profile. You can get the possible values for this argument by running the pan-os-get-security-profile command.
+      name: profile_value
+      required: true
+    - description: The device group that the security profile group is part of.
+      name: device-group
+    description: Edits the security profile group in Panorama.
+    name: pan-os-edit-security-profile-group
+  - arguments:
+    - description: The name of the security profile group to delete.
+      name: group_name
+      required: true
+    - description: The device group that the security profile group is part of.
+      name: device-group
+    description: Deletes a security profile group from Panorama.
+    name: pan-os-delete-security-profile-group
   dockerimage: demisto/pan-os-python:1.0.0.87401
   isfetch: true
   runonce: false