Automatically Check for and Install Content Updates (API)
Table of Contents
Automatically Check for and Install Content Updates (API)
Using the XML API, you can programmatically
check and install new content updates, including antivirus, WildFire,
and GlobalProtect updates. Check for new updates available and download
updates that have been released for at least one week.
Download,
upgrade, and installation requests are asynchronous. The API responds
with a job ID while it processes your request. In your subsequent
request, you use this job ID to check on the result of your original
request:
curl -X POST 'https://firewall/api?type=op&cmd=<show><jobs><id></id></jobs></show>&key=<apikey>"
- Check for installed content on your firewall. Run the following request to view current system information:curl -X POST 'https://firewall/api?type=op&cmd=<show><system><info></info></system></show>&key=<apikey>"Confirm that the API response to the request in the previous step includes the currently installed updates on your firewall:<response status="success"> <result> <system> <hostname>pm-firewall</hostname> <ip-address>10.47.0.8</ip-address> <netmask>255.255.254.0</netmask> <default-gateway>10.47.0.1</default-gateway> <is-dhcp>no</is-dhcp> <ipv6-address>unknown</ipv6-address> <ipv6-link-local-address>fe80::21b:17ff:feff:c04a/64</ipv6-link-local-address> <ipv6-default-gateway/> <mac-address>00:1b:17:ff:c0:4a</mac-address> <time>Mon Jul 11 17:51:37 2016</time> <uptime>11 days, 7:38:34</uptime> <devicename>pm-firewall</devicename> <family>3000</family> <model>PA-3020</model> <serial>0018010.2104</serial> <sw-version>7.1.3</sw-version> <global-protect-client-package-version>2.0.0</global-protect-client-package-version> <app-version>598-3427</app-version> <app-release-date>2016/07/09 22:30:55</app-release-date> <av-version>2416-2855</av-version> <av-release-date>2016/07/10 11:27:57</av-release-date> <threat-version>598-3427</threat-version> <threat-release-date>2016/07/09 22:30:55</threat-release-date> <wf-private-version>0</wf-private-version> <wf-private-release-date>unknown</wf-private-release-date> <url-db>paloaltonetworks</url-db> <wildfire-version>80426-81466</wildfire-version> <wildfire-release-date>2016/07/11 17:45:11</wildfire-release-date> <url-filtering-version>2016.07.11.248</url-filtering-version> <global-protect-datafile-version>1468280405</global-protect-datafile-version> <global-protect-datafile-release-date>2016/07/11 23:40:05</global-protect-datafile-release-date> <logdb-version>7.0.9</logdb-version> <platform-family>3000</platform-family> <vpn-disable-mode>off</vpn-disable-mode> <multi-vsys>on</multi-vsys> <operational-mode>normal</operational-mode> </system> </result> </response>Note the currently installed versions for the following updates, so that you can compare the values after you check for the latest updates:
- global-protect-client-package-version: GlobaProtect
- app-version: Application and threat signatures.
- av-version: Antivirus signatures
- wildfire-version: WildFire malware and antivirus signatures
Check for new, available updates with the following requests and store the version field in the response, which is theversionfield for GlobalProtect, and theapp-versionfield for all others:- GlobalProtect:
curl -X POST 'https://firewall/api?type=op&cmd=<request><global-protect-client><software><check></check></software></global-protect-client></request>&key=<apikey>"- WildFire:
curl -X POST 'https://firewall/api?type=op&cmd=<request><wildfire><upgrade><check></check></upgrade></wildfire></request>&key=<apikey>"- Application & Threat:
curl -X POST 'https://firewall/api?type=op&cmd=<request><content><upgrade><check></check></upgrade></content></request>&key=<apikey>"- Antivirus:
curl -X POST 'https://firewall/api?type=op&cmd=<request><anti-virus><upgrade><check></check></upgrade></anti-virus></request>&key=<apikey>"Example response:<response status="success"> <result> <sw-updates last-updated-at="2016/05/19 14:34:34"> <msg/> <versions> <entry> <version>4.0.0-c16</version> <filename>PanGP-4.0.0-c16</filename> <size>44</size> <size-kb>45321</size-kb> <released-on>2016/07/08 15:41:18</released-on> <release-notes> <![CDATA[ https://firewall/updates/ReleaseNotes.aspx?type=sw&versionNumber=4.0.0-c16&product=gpclient&platform=any ]]> </release-notes> <downloaded>no</downloaded> <current>no</current> <latest>no</latest> <uploaded>no</uploaded> </entry> <!--TRUNCATED-->Take note of thereleased-onXML field to verify that updates have been released for at least a week.In your script or code, compare the version values for currently installed updates to new, available updates. It is recommended that you only install updates that have been available for at least a week.Download the latest content updates with these requests:- GlobalProtect:
curl -X POST 'https://firewall/api?type=op&cmd=<request><global-protect-client><software><download><version>versionnumber</version></download></software></global-protect-client></request>&key=<apikey>"- WildFire:
curl -X POST 'https://firewall/api?type=op&cmd=<request><wildfire><upgrade><download><latest></latest></download></upgrade></wildfire></request>&key=<apikey>"- Application & Threat:
curl -X POST 'https://firewall/api?type=op&cmd=<request><content><upgrade><download><latest></latest></download></upgrade></content></request>"- Antivirus:
curl -X POST 'https://firewall/api?type=op&cmd=<request><anti-virus><upgrade><download><latest></latest></download></upgrade></anti-virus></request>&key=<apikey>"The response contains a job ID that you can use to check on the status of the request. Example:<response status="success" code="19"> <result> <msg> <line>Content install job enqueued with jobid 299</line> </msg> <job>299</job> </result> </response>Learn more about Asynchronous and Synchronous Requests to the PAN-OS XML API.Install the latest content updates with these requests:- GlobalProtect:
curl -X POST 'https://firewall/api?type=op&cmd=<request><global-protect-client><software><activate><version>versionnumber</version></activate></software></global-protect-client></request>&key=<apikey>"- WildFire:
curl -X POST 'https://firewall/api?type=op&cmd=<request><wildfire><upgrade><install><version>latest</version></install></upgrade></wildfire></request>&key=<apikey>"- Application & Threat:
curl -X POST 'https://firewall/api?type=op&cmd=<request><content><upgrade><install>latest</latest></install></upgrade></content></request>&key=<apikey>"- Antivirus:
curl -X POST 'https://firewall/api?type=op&cmd=<request><anti-virus><upgrade><install><version>latest</version></install></upgrade></anti-virus></request>&key=<apikey>"The response contains a job ID that you can use to check on the status of the request.