Forum Discussion

mnagel's avatar
mnagel
Icon for Professor rankProfessor
6 years ago

Palo Alto Improvements

Here are some datasources we added to get better information on Palo Alto firewalls:

Certificate Status: KFWLJ9

High Availability Detail: EMXWRR (this one includes a bunch of HA info, including HA link status, compat status and so forth.  Many auto properties for reference on the local and peer units.  All datapoints currently use the default alert templates, but I am hoping to extend that and leverage the auto properties for those messages)

Support Status: 3YJJCZ

License Status: DXEAP4

All use the XML API, so will require security review (no idea how long that takes).

  • OK, thanks.  These all were shared here, so not sure why the became private.  Will check...

  • Anonymous's avatar
    Anonymous

     

    14 hours ago, Michael Rodrigues said:

    We switched everything to "Private" unless it was shared on this forum, out of an abundance of caution.

     

    We'll be talking about the new Exchange features in a href="https://communities.logicmonitor.com/topic/5865-youre-invited-10-june-2020-lm-exchange/" rel="">today's webinar. One of the things we can discuss in the Q&A is the public/private status of community submitted modules.

  • Anonymous's avatar
    Anonymous

    a href="https://communities.logicmonitor.com/topic/5873-public-vs-private-modules-and-the-new-exchange" rel="">The conversation about modules that used to be public that are now private is continued here.

  • Anonymous's avatar
    Anonymous

    The author needs to verify that the module has been published to the public repository. In simple cases, it's automatically made public at that point. If there is code in the module, it will undergo manual security review by the LM staff before it is made publicly available.

  • 20 minutes ago, Stuart Weenig said:

    The author needs to verify that the module has been published to the public repository. In simple cases, it's automatically made public at that point. If there is code in the module, it will undergo manual security review by the LM staff before it is made publicly available.

    Almost certainly there is code as Palo Alto checks virtually always require API access.  Review has seemed in most cases I have been involved with to be a mostly ad hoc process (or if not, definitely opaque). I suggested in one of our UI/UX meetings that there be a "Request Review" button or similar to create or escalate a request for security review.  As a bonus, use a ticketing system (this would be welcome for feedback as well, which as I understand generates internal-only tickets).  A unified customer visible ticket system for feedback and module review would be very helpful.

  • I’m interested in EMXWRR, but I don’t see that in the Exchange though I do see the other three mentioned above (KFWLJ9, 3YJJCZ, and DXEAP4).  Any chance that’s available somewhere I’m missing?