Closed bethatasitmay closed 4 months ago
Note that I changed the output of the greater than/less than signs to parentheses as the former weren't formatting correctly.
Oh, and if I remove the ,HitCount parameter, the command completes successfully.
I do not exactly know how Windows WSL CLI is working, but I recomment to use single quote around actions command:
php -r "require_once 'C:/tools/pan/pan-os-php/utils/pan-os-php.php';" type=rule in=api://panorama.dcswins.com location=FW1 ruletype=security 'actions=exportToExcel:Disabled-tagged-pre-SC-B.xls,HitCount' 'filter=(rule is.disabled) and (tag has DISABLED)'
please try this out.
This has nothing to do with pan-os-php. this is how your CLI is working and understand the input
While WSL appears to be installed, it isn't working:
wsl -l -v The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
The only time I've had to surround an action or parameter with '' is when there is a space involved - the command has worked fine for other things.
In fact, I accidentally ran this a couple of days ago (note the questionable filter):
php -r "require_once 'C:/tools/pan/pan-os-php/utils/pan-os-php.php';" type=rule in=api://panorama.domain.com location=FW1 ruletype=security actions=exportToExcel:Disabled-rules-pre-FW1-A.xls,HitCount 'filter=and !(tag has DISABLED)'
Which dumps the other 1,618 rules with no issues.
I went ahead and tried the command from my initial report again with the entire action= section surrounded by '' as per you comment above and it stops at the same point with the same messages.
I also made the following attempts:
php -r "require_once 'C:/tools/pan/pan-os-php/utils/pan-os-php.php';" type=rule in=api://panorama.domain.com location=FW1 ruletype=security actions=exportToExcel:Disabled-tagged-GenericA-017-only.xls,HitCount 'filter=(rule is.disabled) and (tag has DISABLED) and (name eq GenericA-017)'
Works fine (one rule output)
php -r "require_once 'C:/tools/pan/pan-os-php/utils/pan-os-php.php';" type=rule in=api://panorama.domain.com location=FW1 ruletype=security actions=exportToExcel:GenericA-017-only.xls,HitCount 'filter=(name eq GenericA-017)'
Works fine (one rule output)
php -r "require_once 'C:/tools/pan/pan-os-php/utils/pan-os-php.php';" type=rule in=api://panorama.domain.com location=FW1 ruletype=security actions=exportToExcel:All-FW1-rules.xls,HitCount
Fails in the same spot.
Oh......
It occurred to me that if the failure is happening between GenericA-007 and GenericA-017, I should try just those two rules:
php -r "require_once 'C:/tools/pan/pan-os-php/utils/pan-os-php.php';" type=rule in=api://panorama.domain.com location=FW1 ruletype=security actions=exportToExcel:GenericA-007-GenericA-017.xls,HitCount 'filter=(name eq GenericA-007) or (name eq GenericA-017)'
And indeed it fails in the same spot - GenericA-007 shows XML output and then it fails before anything for GenericA-017 appears.
do you think there will be a way to share an example config which is very similar to these two rules?
That's what I was thinking - start at the first rule and then go to the end of the second rule (or maybe even go one earlier and one later). Would you like it as XML or set commands (or both)?
With that said, I think the problem is with GenericA-007 - I just ran a dump of only that rule and it failed.
XML would be perfect:
pan-os-php type=rule actions=xml-extract 'filter=(name eq GenericA-017)' location=FW1
something like this would be display the xml part of this rule
but the problem could be also with the API request / response.
maybe run your command first with debugapi
DebugAPI:
) php -r "require_once 'C:/tools/pan/pan-os-php/utils/pan-os-php.php';" DebugAPI type=rule in=api://panorama.domain.com location=FW1 ruletype=security actions=exportToExcel:Disabled-tagged-pre-FW1-F.xls,HitCount 'filter=(name eq GenericA-007)'
*** pan-os-php.php type=rule UTILITY **
PAN-OS-PHP version: 2.1.23 [WIN] [8.3.4]
Downloading config from API... API call: "https://panorama.domain.com/api/?&type=op&cmd=(show)(config)(saved)candidate-config(/saved)(/config)(/show)"
Detected platform type is 'panorama'
No 'template' provided so using default ='any'
filter after sanitization : (name eq GenericA-007)
Loading configuration through PAN-OS-PHP library... API call: "https://panorama.domain.com/api/?&type=op&cmd=(show)(devices)(connected/)(/devices)(/show)" (1.10 seconds, 62.91 mb memory)
PAN-OS-PHP APP-ID version: 8828-8658
PAN-OS APP-ID version: 8832-8674
PAN-OS AV version: 4785-5303
PAN-OS WF version: 515890-518890
PAN-OS THREAT version: 8832-8674
PAN-OS version: 101
PAN-OS Device timezone: US/Pacific is used. actual time: 2024/04/11 13:38:55
processing ruleset 'PanoramaConf: / DeviceGroup:FW1 / RuleStore:Security' that holds 1873 rules
objects processed in DG/Vsys 'FW1' : 1 filtered over 1873 available
ERROR * unsupported
Backtrace 0 backtrace_print() ::C:\tools\pan\pan-os-php\lib\pan_php_framework.php line 617 1 derr() ::C:\tools\pan\pan-os-php\utils\common\RuleCallContext.php line 275 2 Action:'exportToExcel' / Args: filename=Disabled-tagged-pre-FW1-F.xls, additionalFields=HitCount, RuleCallContext::enclose() @ C:\tools\pan\pan-os-php\utils\common\RuleCallContext.php line 802 3 Action:'exportToExcel' / Args: filename=Disabled-tagged-pre-FW1-F.xls, additionalFields=HitCount, RuleCallContext::ruleFieldHtmlExport() @ C:\tools\pan\pan-os-php\utils\common\actions-rule.php line 4679 4 {closure}() ::C:\tools\pan\pan-os-php\utils\common\CallContext.php line 138 5 Action:'exportToExcel' / Args: filename=Disabled-tagged-pre-FW1-F.xls, additionalFields=HitCount, CallContext::executeGlobalFinishAction() @ C:\tools\pan\pan-os-php\utils\lib\UTIL.php line 1942 6 UTIL::GlobalFinishAction() @ C:\tools\pan\pan-os-php\utils\lib\RULEUTIL.php line 40 7 RULEUTIL::utilStart() @ C:\tools\pan\pan-os-php\utils\lib\UTIL.php line 214 8 UTIL::__construct() @ C:\tools\pan\pan-os-php\lib\misc-classes\PH.php line 1050 9 callPANOSPHP() ::C:\tools\pan\pan-os-php\utils\pan-os-php.php line 118 10 **** require_once() ::Command line code line 1
xml-extract:
) php -r "require_once 'C:/tools/pan/pan-os-php/utils/pan-os-php.php';" type=rule in=api://panorama.domain.com location=FW1 actions=xml-extract 'filter=(name eq GenericA-007) or (name eq GenericA-017)'
*** pan-os-php.php type=rule UTILITY **
PAN-OS-PHP version: 2.1.23 [WIN] [8.3.4]
Downloading config from API...
Detected platform type is 'panorama'
No 'template' provided so using default ='any'
No 'ruleType' specified, using 'security' by default
filter after sanitization : (name eq GenericA-007) or (name eq GenericA-017)
Loading configuration through PAN-OS-PHP library... (1.13 seconds, 62.91 mb memory)
PAN-OS-PHP APP-ID version: 8828-8658
PAN-OS APP-ID version: 8832-8674
PAN-OS AV version: 4785-5303
PAN-OS WF version: 515890-518890
PAN-OS THREAT version: 8832-8674
PAN-OS version: 101
PAN-OS Device timezone: US/Pacific is used. actual time: 2024/04/11 13:54:35
processing ruleset 'PanoramaConf: / DeviceGroup:FW1 / RuleStore:Security' that holds 1873 rules
object 'GenericA-007' passing through Action='xml-extract'
object 'GenericA-017' passing through Action='xml-extract'
objects processed in DG/Vsys 'FW1' : 2 filtered over 1873 available
PROCESSED 2 objects over 1873 available
***** END OF SCRIPT pan-os-php.php type=rule ****
For the xml-extract, there doesn't appear to be anything unique or improper about the rules. While the tag, zones, src/dst, and descriptions aren't the same, they appear to be using the same kinds of things
ok, thanks. What I figured out is, that for the exporttoexcel there is a field which is a different variable type as right now supported.
it is not yet fixed but for your configuration there is a need to get more data related to the real issue:
Can you please use this repository, and send me the output: https://github.com/swaschkut/pan-os-php/tree/develop_2-1-X
php -r "require_once 'C:/tools/pan/pan-os-php/utils/pan-os-php.php';" DebugAPI type=rule in=api://panorama.domain.com location=FW1 ruletype=security actions=exportToExcel:Disabled-tagged-pre-FW1-F.xls,HitCount 'filter=(name eq GenericA-007)'
Can you please use this repository, and send me the output: https://github.com/swaschkut/pan-os-php/tree/develop_2-1-X
Sorry, how do I send the output to you through that tree?
Please use this repository: https://github.com/swaschkut/pan-os-php/tree/develop_2-1-X to update/install pan-os-php
to execute this command php -r "require_once 'C:/tools/pan/pan-os-php/utils/pan-os-php.php';" DebugAPI type=rule in=api://panorama.domain.com location=FW1 ruletype=security actions=exportToExcel:Disabled-tagged-pre-FW1-F.xls,HitCount 'filter=(name eq GenericA-007)'
and send me the output for this execution. The repository mentioned above has new code, which will hopefully help to come closure to the real issue
I understand what you're looking for - I just don't know how to send you the information through the specific repository.
Do I upload a file or something else?
When I click on issues after I click on that link I'm just brought back to this section - it's not unique to the repository.
just bring the output into this issue.
(deleted due to not being correct output)
are you using the correct repository? you are still on version 2.1.23 which is the latest version;
the develop version is already on 2.1.24 which is available here: https://github.com/swaschkut/pan-os-php/tree/develop_2-1-X
you did not update your pan-os-php code correctly.
example git:
git clone --branch develop_2-1-X swaschkut/pan-os-php
I have no clue how you are doing this in your windows environment, this is the reason why I started years ago to official ONLY support Docker container, as I can not be involved in any update issues based on specific user environment
Sorry, I'm an idiot - I understand what you're saying now. Sorry again - I haven't had much sleep this week and my brain is slowly melting.
As far as Docker goes, I can't use Docker because (1) my company (or at least my boss) won't buy it and (2) the networking of Docker can't be controlled and it overlaps with my company's enterprise network.
So, I normally do the git clone like this:
git clone https://github.com/swaschkut/pan-os-php.git
(or from when you were at PAN like this: git clone https://github.com/PaloAltoNetworks/pan-os-php.git)
Any thoughts on how to clone an individual version? If not, I'll ask our PowerShell guru on Monday.
I tried all of these methods:
PS C:\tools\pan> git clone https://github.com/swaschkut/pan-os-php/tree/develop_2-1-X Cloning into 'develop_2-1-X'... fatal: repository 'https://github.com/swaschkut/pan-os-php/tree/develop_2-1-X/' not found
PS C:\tools\pan> git clone https://github.com/swaschkut/pan-os-php/tree/develop_2-1-X.git Cloning into 'develop_2-1-X'... fatal: repository 'https://github.com/swaschkut/pan-os-php/tree/develop_2-1-X.git/' not found
PS C:\tools\pan> git clone https://github.com/swaschkut/pan-os-php/tree/develop_2-1-X/pan-os-php.git Cloning into 'pan-os-php'... fatal: repository 'https://github.com/swaschkut/pan-os-php/tree/develop_2-1-X/pan-os-php.git/' not found
PS C:\tools\pan> git clone --branch develop_2-1-X swaschkut/pan-os-php fatal: repository 'swaschkut/pan-os-php' does not exist
PS C:\tools\pan> git clone -branch develop_2-1-X swaschkut/pan-os-php fatal: repository 'develop_2-1-X' does not exist
The only other thing about how we install it, is that in the php.ini file we change enable_dl = off to enable_dl = on.
is this not working?
git clone --branch develop_2-1-X https://github.com/swaschkut/pan-os-php.git
also this should work git clone -b develop_2-1-X https://github.com/swaschkut/pan-os-php.git
Oh, that worked w/ the full URL - see, I wasn't lying when I said I'm not thinking straight :-)
Success - v2.1.24 worked without error.
I'm now running a full security policy dump to see if it snags on anything else, but I would expect it to be clean at this point.
This will take a while to run - I'll update after it finishes (probably later Saturday - it's just before 23:58 Friday.
Sorry, forgot to make an update - the full policy dump worked fine - no errors.
Describe the bug
I've used the HitCount parameter quite a few times and hadn't had an issue until now. I'm getting after processing a few rules' hit count XML:
along with Backtrace info and there is no file output.
Expected behavior
The processing of the XML should complete and allow the exportToExcel to complete.
Current behavior
This has been sanitized and trimmed. I did look at the rule that would be next (GenericA-017 in the sanitized version) and there's nothing special about in the GUI that I can see. It is very similar in settings (disabled) and tags to GenericaA-007 (this, of course, assumes that's the rule where the issue lies).
*** pan-os-php.php type=rule UTILITY **
PAN-OS-PHP version: 2.1.23 [WIN] [8.3.4]
Downloading config from API...
Detected platform type is 'panorama'
No 'template' provided so using default ='any'
filter after sanitization : (rule is.disabled) and (tag has DISABLED)
Loading configuration through PAN-OS-PHP library... (1.41 seconds, 62.91 mb memory)
PAN-OS-PHP APP-ID version: 8828-8658
PAN-OS APP-ID version: 8832-8674
PAN-OS AV version: 4784-5302
PAN-OS WF version: 515890-518890
PAN-OS THREAT version: 8832-8674
PAN-OS version: 101
PAN-OS Device timezone: US/Pacific is used. actual time: 2024/04/10 14:06:00
processing ruleset 'PanoramaConf: / DeviceGroup:FW1 / RuleStore:Security' that holds 1873 rules
object 'GenericA-002a' passing through Action='exportToExcel' Args: filename=Disabled-tagged-pre-FW1-B.xls, additionalFields=HitCount,
object 'GenericA-003' passing through Action='exportToExcel' Args: filename=Disabled-tagged-pre-FW1-B.xls, additionalFields=HitCount,
object 'GenericA-004' passing through Action='exportToExcel' Args: filename=Disabled-tagged-pre-FW1-B.xls, additionalFields=HitCount,
object 'GenericA-005' passing through Action='exportToExcel' Args: filename=Disabled-tagged-pre-FW1-B.xls, additionalFields=HitCount,
object 'GenericA-007' passing through Action='exportToExcel' Args: filename=Disabled-tagged-pre-FW1-B.xls, additionalFields=HitCount,
object 'GenericA-017' passing through Action='exportToExcel' Args: filename=Disabled-tagged-pre-FW1-B.xls, additionalFields=HitCount,
...trimmed...
objects processed in DG/Vsys 'FW1' : 254 filtered over 1873 available
action 'exportToExcel' has tasks to process before shutdown.
action 'exportToExcel' has tasks to process before shutdown. (entry name="GenericA-002a") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-002a") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-002a") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-002a") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-003") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-003") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-003") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-003") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-004") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)8(/hit-count) (last-hit-timestamp)1684968789(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)1684968789(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-004") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)8(/hit-count) (last-hit-timestamp)1684968789(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)1684968789(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-004") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)8(/hit-count) (last-hit-timestamp)1684968789(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)1684968789(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-004") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)8(/hit-count) (last-hit-timestamp)1684968789(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)1684968789(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-005") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-005") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-005") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-005") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685638184(/last-receive-timestamp) (rule-creation-timestamp)1636742713(/rule-creation-timestamp) (rule-modification-timestamp)1664921921(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count)0(/hit-count) (last-hit-timestamp)0(/last-hit-timestamp) (last-reset-timestamp)0(/last-reset-timestamp) (first-hit-timestamp)0(/first-hit-timestamp) (last-receive-timestamp)1685117964(/last-receive-timestamp) (rule-creation-timestamp)1636742714(/rule-creation-timestamp) (rule-modification-timestamp)1664921918(/rule-modification-timestamp) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-007") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count/) (last-hit-timestamp/) (last-reset-timestamp/) (first-hit-timestamp/) (last-receive-timestamp/) (rule-creation-timestamp/) (rule-modification-timestamp/) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count/) (last-hit-timestamp/) (last-reset-timestamp/) (first-hit-timestamp/) (last-receive-timestamp/) (rule-creation-timestamp/) (rule-modification-timestamp/) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-007") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count/) (last-hit-timestamp/) (last-reset-timestamp/) (first-hit-timestamp/) (last-receive-timestamp/) (rule-creation-timestamp/) (rule-modification-timestamp/) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count/) (last-hit-timestamp/) (last-reset-timestamp/) (first-hit-timestamp/) (last-receive-timestamp/) (rule-creation-timestamp/) (rule-modification-timestamp/) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-007") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count/) (last-hit-timestamp/) (last-reset-timestamp/) (first-hit-timestamp/) (last-receive-timestamp/) (rule-creation-timestamp/) (rule-modification-timestamp/) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count/) (last-hit-timestamp/) (last-reset-timestamp/) (first-hit-timestamp/) (last-receive-timestamp/) (rule-creation-timestamp/) (rule-modification-timestamp/) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry) (entry name="GenericA-007") (device-vsys) (entry name="FW1/0123456789/vsys1") (hit-count/) (last-hit-timestamp/) (last-reset-timestamp/) (first-hit-timestamp/) (last-receive-timestamp/) (rule-creation-timestamp/) (rule-modification-timestamp/) (device-state)yes(/device-state) (/entry) (entry name="FW1/9876543210/vsys1") (hit-count/) (last-hit-timestamp/) (last-reset-timestamp/) (first-hit-timestamp/) (last-receive-timestamp/) (rule-creation-timestamp/) (rule-modification-timestamp/) (device-state)yes(/device-state) (/entry) (/device-vsys) (/entry)
ERROR * unsupported
Backtrace 0 backtrace_print() ::C:\tools\pan\pan-os-php\lib\pan_php_framework.php line 617 1 derr() ::C:\tools\pan\pan-os-php\utils\common\RuleCallContext.php line 275 2 Action:'exportToExcel' / Args: filename=Disabled-tagged-pre-FW1-B.xls, additionalFields=HitCount, RuleCallContext::enclose() @ C:\tools\pan\pan-os-php\utils\common\RuleCallContext.php line 802 3 Action:'exportToExcel' / Args: filename=Disabled-tagged-pre-FW1-B.xls, additionalFields=HitCount, RuleCallContext::ruleFieldHtmlExport() @ C:\tools\pan\pan-os-php\utils\common\actions-rule.php line 4679 4 {closure}() ::C:\tools\pan\pan-os-php\utils\common\CallContext.php line 138 5 Action:'exportToExcel' / Args: filename=Disabled-tagged-pre-FW1-B.xls, additionalFields=HitCount, CallContext::executeGlobalFinishAction() @ C:\tools\pan\pan-os-php\utils\lib\UTIL.php line 1942 6 UTIL::GlobalFinishAction() @ C:\tools\pan\pan-os-php\utils\lib\RULEUTIL.php line 40 7 RULEUTIL::utilStart() @ C:\tools\pan\pan-os-php\utils\lib\UTIL.php line 214 8 UTIL::__construct() @ C:\tools\pan\pan-os-php\lib\misc-classes\PH.php line 1050 9 callPANOSPHP() ::C:\tools\pan\pan-os-php\utils\pan-os-php.php line 118 10 **** require_once() ::Command line code line 1
Steps to reproduce
Basically, I'm looking for all disabled rules that have the DISABLED tag. I also ran it for tagged rules that weren't disabled & it worked fine, but that was only 4 rules vs.
Your Environment