Clarification on usage?

[nfields03]

I'm looking to pull the list of current GlobalProtect users from a PA using this module, and I can connect to the PA okay using Get-PaDevice so I know the creds are good. When I try to show the current GP users, I get an Illegal parameter [request] error. I may be using the command wrong but there weren't any examples provided. Is there a clarification on the intent of the Invoke-PaApiOperation cmdlet? Happy to retract the issue if I'm using the module wrong...

PS C:\Users\test> Invoke-PaApiOperation -Cmd ""

Invoke-WebRequest: C:\Users\test\Documents\PowerShell\Modules\PowerAlto\4.0.46\Classes\Main\PaloAltoDevice.Class.ps1:163:26 Line | 163 | $rawResult = Invoke-WebRequest @QueryParams | ~~~~~~ | Illegal parameter [request]

[mrjcap]

Hey @nfields03,

I don't know if you have found a solution but I needed something similar and I came across this issue.

1. Go to: https://firewall1/php/rest/browse.php XML API > Operational Commands > show > global-protect-gateway > current-user.

2. Copy the contents from the xml text area:

   <show><global-protect-gateway><current-user></current-user></global-protect-gateway></show>

3. Connect to the firewall:

   Get-PaDevice -DeviceAddress firewall1 -Credential (Get-Secret -Name supersecretapikey)

4. Paste the contents of the xml text aera in the -Cmd parameter of the Invoke-PaApiOperation and execute the command:

$Response = (Invoke-PaApiOperation -Cmd "<show><global-protect-gateway><current-user></current-user></global-protect-gateway></show>").response

6. View the current GP users:

 $Response.result.entry | Select-Object -Property *

[robinmalik]

In general, it'd be great if there were more usage examples to help jump start users in using this module.