Module: objects¶
Inheritance diagram¶
Class Reference¶
Objects module contains objects that exist in the ‘Objects’ tab in the firewall GUI
-
class
pandevice.objects.
AddressGroup
(*args, **kwargs)[source]¶ Address Group
Parameters: - name (str) – Name of the address group
- static_value (list) – Values for a static address group
- dynamic_value (str) – Registered-ip tags for a dynamic address group
- description (str) – Description of this object
- tag (list) – Administrative tags (not to be confused with registered-ip tags)
-
class
pandevice.objects.
AddressObject
(*args, **kwargs)[source]¶ Address Object
Parameters: - name (str) – Name of the object
- value (str) – IP address or other value of the object
- type (str) – Type of address: * ip-netmask (default) * ip-range * fqdn
- description (str) – Description of this object
- tag (list) – Administrative tags
-
class
pandevice.objects.
ApplicationContainer
(*args, **kwargs)[source]¶ ApplicationContainer object
This is a special class that is used in the predefined module. It acts much like an ApplicationGroup object but exists only in the predefined context. It is more or less a way that Palo Alto groups predefined applications together.
Parameters: applications (list) – List of memeber applications
-
class
pandevice.objects.
ApplicationFilter
(*args, **kwargs)[source]¶ ApplicationFilter Object
Parameters: - name (str) – Name of the object
- category (list) – Application category
- subcategory (list) – Application subcategory
- technology (list) – Application technology
- risk (list) – Application risk
- evasive (bool) –
- excessive_bandwidth_use (bool) –
- prone_to_misuse (bool) –
- is_saas (bool) –
- transfers_files (bool) –
- tunnels_other_apps (bool) –
- used_by_malware (bool) –
- has_known_vulnerabilities (bool) –
- pervasive (bool) –
- tag (list) – Administrative tags
-
class
pandevice.objects.
ApplicationGroup
(*args, **kwargs)[source]¶ ApplicationGroup Object
Parameters: - name (str) – Name of the object
- value (list) – List of application values
- tag (list) – Administrative tags
-
class
pandevice.objects.
ApplicationObject
(*args, **kwargs)[source]¶ Application Object
Parameters: - name (str) – Name of the object
- category (str) – Application category
- subcategory (str) – Application subcategory
- technology (str) – Application technology
- risk (int) – Risk (1-5) of the application
- default_type (str) – Default identification type of the application
- default_value (list) – Values for the default type
- parent_app (str) – Parent Application for which this app falls under
- timeout (int) – Default timeout
- tcp_timeout (int) – TCP timeout
- udp_timeout (int) – UDP timeout
- tcp_half_closed_timeout (int) – TCP half closed timeout
- tcp_time_wait_timeout (int) – TCP wait time timeout
- evasive_behavior (bool) – Applicaiton is actively evasive
- consume_big_bandwidth (bool) – Application uses large bandwidth
- used_by_malware (bool) – Application is used by malware
- able_to_transfer_file (bool) – Application can do file transfers
- has_known_vulnerability (bool) – Application has known vulnerabilities
- tunnel_other_application (bool) –
- tunnel_applications (list) – List of tunneled applications
- prone_to_misuse (bool) –
- pervasive_use (bool) –
- file_type_ident (bool) –
- virus_ident (bool) –
- data_ident (bool) –
- description (str) – Description of this object
- tag (list) – Administrative tags
Please refer to https://applipedia.paloaltonetworks.com/ for more info on these params
-
class
pandevice.objects.
CustomUrlCategory
(*args, **kwargs)[source]¶ Custom url category group
Parameters: - name (str) – The name
- url_value (list) – Values to include in custom URL category object
- description (str) – Description of this object
-
class
pandevice.objects.
DynamicUserGroup
(*args, **kwargs)[source]¶ Dynamic user group.
Note: PAN-OS 9.1+
Parameters: - name – Name of the dynamic user group
- description (str) – Description of this object
- filter – Tag-based filter.
- tag (list) – Administrative tags
-
class
pandevice.objects.
LogForwardingProfile
(*args, **kwargs)[source]¶ A log forwarding profile.
Note: This is valid for PAN-OS 8.0+
Parameters: - name (str) – The name
- description (str) – The description
- enhanced_logging (bool) – (PAN-OS 8.1+) Enabling enhanced application logging
-
class
pandevice.objects.
LogForwardingProfileMatchList
(*args, **kwargs)[source]¶ A log forwarding profile match list entry.
Note: This is valid for PAN-OS 8.0+
Parameters: - name (str) – The name
- description (str) – Description
- log_type (str) – Log type. Valid values are traffic, threat, wildfire, url, data, gtp, tunnel, auth, or sctp (PAN-OS 8.1+).
- filter (str) – The filter.
- send_to_panorama (bool) – Send to panorama or not
- snmp_profiles (str/list) – List of SnmpServerProfiles.
- email_profiles (str/list) – List of EmailServerProfiles.
- syslog_profiles (str/list) – List of SyslogServerProfiles.
- http_profiles (str/list) – List of HttpServerProfiles.
-
class
pandevice.objects.
LogForwardingProfileMatchListAction
(*args, **kwargs)[source]¶ Action for a log forwarding profile match list entry.
Note: This is valid for PAN-OS 8.0+
Parameters: - name (str) – The name
- action_type (str) – Action type. Valid values are tagging (default) or (PAN-OS 8.1+) integration.
- action (str) – The action. Valid values are add-tag, remove-tag, or (PAN-OS 8.1+) Azure-Security-Center-Integration.
- target (str) – The target. Valid values are source-address or destination-address.
- registration (str) – Registration. Valid values are localhost, panorama, or remote.
- http_profile (str) – The HTTP profile for registration of “remote”.
- tags (str/list) – List of administrative tags.
- timeout (int) – (PAN-OS 9.0+) Timeout in minutes
-
class
pandevice.objects.
SecurityProfileGroup
(*args, **kwargs)[source]¶ Security Profile Group object
Parameters: - name (str) – The group name
- virus (str) – Antivirus profile
- spyware (str) – Anti-spyware profile
- vulnerability (str) – Vulnerability protection profile
- url_filtering (str) – URL filtering profile
- file_blocking (str) – File blocking profile
- data_filtering (str) – Data filtering profile
- wildfire_analysis (str) – WildFire analysis profile
-
class
pandevice.objects.
ServiceGroup
(*args, **kwargs)[source]¶ ServiceGroup Object
Parameters: - name (str) – Name of the object
- value (list) – List of service values
- tag (list) – Administrative tags
-
class
pandevice.objects.
ServiceObject
(*args, **kwargs)[source]¶ Service Object
Parameters: - name (str) – Name of the object
- protocol (str) – Protocol of the service, either tcp or udp
- source_port (str) – Source port of the protocol, if any
- destination_port (str) – Destination port of the service
- description (str) – Description of this object
- tag (list) – Administrative tags
-
class
pandevice.objects.
Tag
(*args, **kwargs)[source]¶ Administrative tag
Parameters: - name (str) – Name of the tag
- color (str) – Color ID (eg. ‘color1’, ‘color4’, etc). You can
use
color_code()
to generate the ID. - comments (str) – Comments