search

PaloAltoNetworks / pan-os-python

The PAN-OS SDK for Python is a package to help interact with Palo Alto Networks devices (including physical and virtualized Next-generation Firewalls and Panorama). The pan-os-python SDK is object oriented and mimics the traditional interaction with the device via the GUI or CLI/API.
https://pan-os-python.readthedocs.io
ISC License
340 stars 168 forks source link

Objects in module "device" not available under shared #451

Closed BatD2 closed 2 years ago

BatD2 commented 2 years ago

Describe the bug

Objects in module device, when added as child to Panorama template are only available under vsys1, but not if configured under shared. There is no option to set the hierarchy to "shared"

Current behavior

Example SyslogServerProfile:

syslog_prof = device.SyslogServerProfile('profile_name')
template1.add(syslog_prof)
syslog_prof.xpath()

"/config/devices/entry[@name='localhost.localdomain']/template/entry[@name='ptemplate_name']/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/log-settings/syslog/entry[@name='profile_name']"

However the xpath, as taken from panroama should be:

Expected behavior

"/config/devices/entry[@name='localhost.localdomain']/template/entry[@name='ptemplate_name']/config/shared/log-settings/syslog/entry[@name='profile_name']"

welcome-to-palo-alto-networks[bot] commented 2 years ago

:tada: Thanks for opening your first issue here! Welcome to the community!

shinmog commented 2 years ago

You device hierarchy is incorrect if you want it under "shared" within the template. An object that is saved in a vsys will default to a vsys of "vsys1" if none is specified for the firewall. If you want it in shared, then just tell pan-os-python you want it in shared:

In [1]: from panos.panorama import Panorama, Template                                                              

In [2]: p = Panorama('a', 'b', 'c')                                                                                

In [3]: template1 = Template('foo')                                                                                

In [4]: p.add(template1)                                                                                           
Out[4]: <Template foo 0x109c12690>

In [5]: from panos.device import Vsys, SyslogServerProfile                                                         

In [6]: v = Vsys('shared')                                                                                         

In [7]: template1.add(v)                                                                                           
Out[7]: <Vsys shared 0x1098c5310>

In [8]: ssp = SyslogServerProfile('bar')                                                                           

In [9]: v.add(ssp)                                                                                                 
Out[9]: <SyslogServerProfile bar 0x109c15110>

In [10]: ssp.xpath()                                                                                               
Out[10]: "/config/devices/entry[@name='localhost.localdomain']/template/entry[@name='foo']/config/shared/log-settings/syslog/entry[@name='bar']"

In [11]: