Palo Alto Improvements


Userlevel 6
Badge +11

Here are some datasources we added to get better information on Palo Alto firewalls:

Certificate Status: KFWLJ9

High Availability Detail: EMXWRR (this one includes a bunch of HA info, including HA link status, compat status and so forth.  Many auto properties for reference on the local and peer units.  All datapoints currently use the default alert templates, but I am hoping to extend that and leverage the auto properties for those messages)

Support Status: 3YJJCZ

License Status: DXEAP4

All use the XML API, so will require security review (no idea how long that takes).


18 replies

Userlevel 3
Badge +4

@mnagel I went ahead and got these through security review for you, so they should be available to all.

Thanks for being such a great contributor to LogicMonitor!

Userlevel 6
Badge +11

Excellent!  Thanks very much...

These are great! Thanks for sharing!

These are very useful thanks!

For some reason EMXWRR currently set to private @mnagel

Userlevel 6
Badge +11

I have no idea how that happened -- I submitted them way back before LM Exchange (beta) provided that capability.  Sounds like a glitch in the repository system....

Userlevel 3
Badge +4

Hey @mnagel we didn't have the concept of Private vs Public back then. We switched everything to "Private" unless it was shared on this forum, out of an abundance of caution.

You can go toggle it to "Public" in the My Repo tab (must use card view to see the toggle for now).

 

Userlevel 6
Badge +11

OK, thanks.  These all were shared here, so not sure why the became private.  Will check...

 

14 hours ago, Michael Rodrigues said:

We switched everything to "Private" unless it was shared on this forum, out of an abundance of caution.

 

We'll be talking about the new Exchange features in a href="https://communities.logicmonitor.com/topic/5865-youre-invited-10-june-2020-lm-exchange/" rel="">today's webinar. One of the things we can discuss in the Q&A is the public/private status of community submitted modules.

a href="https://communities.logicmonitor.com/topic/5873-public-vs-private-modules-and-the-new-exchange" rel="">The conversation about modules that used to be public that are now private is continued here.

Looks like EMXWRR is still private. Can LM staff fix this or does the ds author have to intervene?

The author needs to verify that the module has been published to the public repository. In simple cases, it's automatically made public at that point. If there is code in the module, it will undergo manual security review by the LM staff before it is made publicly available.

Userlevel 6
Badge +11
20 minutes ago, Stuart Weenig said:

The author needs to verify that the module has been published to the public repository. In simple cases, it's automatically made public at that point. If there is code in the module, it will undergo manual security review by the LM staff before it is made publicly available.

Almost certainly there is code as Palo Alto checks virtually always require API access.  Review has seemed in most cases I have been involved with to be a mostly ad hoc process (or if not, definitely opaque). I suggested in one of our UI/UX meetings that there be a "Request Review" button or similar to create or escalate a request for security review.  As a bonus, use a ticketing system (this would be welcome for feedback as well, which as I understand generates internal-only tickets).  A unified customer visible ticket system for feedback and module review would be very helpful.

I’m interested in EMXWRR, but I don’t see that in the Exchange though I do see the other three mentioned above (KFWLJ9, 3YJJCZ, and DXEAP4).  Any chance that’s available somewhere I’m missing?

 

Userlevel 7
Badge +17

@Michael Rodrigues 

Userlevel 3
Badge +4

EMXWRR is set to “private”.

I’m hoping to have more information about a better review process this quarter. We don’t have anything planned around customer visible tickets related to review status at this time.

@mnagel, any chance you could switch that to public? 

Userlevel 6
Badge +11

Sure, I just dug around and found that option. It is challenging to manage uploaded modules especially when you have multiple portals. Getting actual Multi-tenancy is another battle I grew tired of long ago….

Thank you!  I see it now, this is great.

Reply