Get the list of firewalls from Palo Alto's Panorama via Powershell - Store results CSV

This is a guest post from Vinamra Bhatnagar a Palo Alto guru whom I work with. 

A request was made by one of our readers to get this information from Panorama. Vinamra was kind enough to assist with a guest post. Hope you enjoy it.

Sample Code

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40

Add-Type -AssemblyName System.Web [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 #change directory Set-Location "{output directory}" $OutputCsvFile = "PaloAltoDevices.csv" $PanoramaIPAddress = "{panorama fqdn or IP without HTTPS}" #generate api key. https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-panorama-api/get-started-with-the-pan-os-xml-api/get-your-api-key $APIKey= "{Panorama API Key}" $url = "https://{0}/api/?type=op&cmd=<show><devices><all><%2Fall><%2Fdevices><%2Fshow>&key={1}" -f $PanoramaIPAddress , $APIKey Write-Host "Fetching Data From Panorama API..." $WebClient = New-Object system.Net.WebClient; [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} try { $result= [Xml]$WebClient.downloadString($url) If ($result.response.status -eq 'success'){ #Save Device Properties To CSV File $result.response.result.devices.entry | Export-Csv -Path $OutputCsvFile -NoTypeInformation $msg = "{0} Firewalls Found. Details Are Saved to CSV File: {1}" -f $result.response.result.devices.entry.count, $OutputCsvFile; Write-Host $msg } } Catch [System.Net.WebException]{ Write-Host 'Invalid credentials.'; } finally { #empty result variable at end. Important. $result = "" }

Usage Info:

First you should generate your API keys, using this guidance as provided by Vinamra.

Follow this document to generate API key. https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-panorama-api/get-started-with-the-pan-os-xml-api/get-your-api-key

Once you have your keys, perform.

Easiest way to run this ps1 script is to copy paste it in notepad and update the variables and paste it in Powershell. Sometime due to enterprise policies ps1 files are not allowed to execute. 

1	C:\Users\testuser\Documents> .\PanoramaConnectedDevicesToCSV.ps1 Fetching Data From Panorama API... 2 Firewalls Found. Details Are Saved to CSV File: PaloAltoDevices.csv

Sample Results:

1 2 3

name,serial,connected,unsupported-version,deactivated,hostname,ip-address,ipv6-address,uptime,family,model,sw-version,app-version,av-version,wildfire-version,threat-version,url-db,url-filtering-version,logdb-version,global-protect-client-package-version,prev-app-version, prev-av-version,prev-threat-version,prev-wildfire-version,domain,is-dhcp,vpn-disable-mode,operational-mode,certificate-status,certificate-subject-name,certificate-expiry,connected-at,custom-certificate-usage,multi-vsys,vsys,device-cert-present,device-cert-expiry-date 12345678,12345678,yes,no,no,LabPaloAlto1,172.16.1.1,unknown,"31 days, 1:34:40",vm,PA-VM,8.1.16,8364-6497,0,524895-527899,8364-6497,paloaltonetworks,20210115.2,8.1.8,0.0.0,8362-6491,0,8362-6491,524892-527896,,yes,no,normal,,12345,8/1/2020 20:05,12/27/2020 15:15,no,no,Syst em.Xml.XmlElement,None,N/A 124335678,124335678,yes,no,,LabPaloAlto2,172.16.2.1,unknown,"785 days, 18:59:47",vm,PA-VM,8.1.16,8365-6501,3591-4102,0,8365-6501,paloaltonetworks,20210115.2,8.1.8,0.0.0,,,,,,,no,normal,,1234345,4/1/2029 11:24,12/17/2020 2:59,no,no,System.Xml.XmlElement,,N/A

Feel free to check out Vinamra's GitHub to learn more.