Next-Generation Firewall
Export Files (API)
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
-
-
-
-
-
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 8.1 (EoL)
-
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 10.2
- PAN-OS 10.1
Export Files (API)
You can export certain types of files from the firewall
using thetype=export parameter in the API
request.
Use the category parameter to specify the type of file that you
want to export.
- Configuration—category=configuration
- Certificates/Keys—category=certificate
- Response pages—category= application-block-page | captive-portal-text | file-block-continue-page | file-block-page | global-protect-portal-custom-help-page | global-protect-portal-custom-login-page | global-protect-portal-custom-welcome-page | ssl-cert-status-page | ssl-optout-text | url-block-page | url-coach-text | virus-block-page>
- Technical support data—category=tech-support
- Device State—category=device-state
Use cURL tools to export the file from the firewall and save
locally with a local file name:
curl -o <filename> "https://<firewall>/api/??key=apikey&<query-parameters>"
When using the API query from a web browser, you can specifyto=filename as
an optional parameter if you would like to provide a different name
when saving the file locally.
Export Packet Captures
Application PCAPs are organized by a directory/filename structure where the directory
is a date inyyyymmdd format. Filenames for application pcaps
use
aSourceIP-SourcePort-DestinationIP-DestinationPort-SessionID.pcap
format.
|
Application PCAP Type
|
API Request
|
|---|---|
|
Application PCAP directory list.
|
|
|
List of files under a directory using
thefrom parameter to indicate date.
|
|
|
Application PCAP file by name using
thefrom parameter.
| The file will be retrieved and saved locally using the name yyyymmdd-filename. |
|
Application PCAP file saved locally with a custom name using
theto parameter.
|
|
Export Keys and Certificates
To export certificates and keys, specify query parameterscertificate-name,format, andpassphrasehttps://<firewall>/api/?key=apikey&type=export&category=<certificate> &certificate-name=<certificate_name> &passphrase=<passphrase> &format=<pkcs12><pem><pkcs10> &include-key=<yes><no>&vsys=<vsys> <omit this parameter to import it into a shared location>
- certificate-name—name of the certificate object on the firewall
- passphrase—required when including the certificate key
- format—certificate format:pkcs12,pem, orpkcs10
- include-key—yes or no parameter to include or exclude the key
- vsys—virtual system where the certificate object is used. Ignore this parameter if the certificate is a shared object.
Export Threat, Filter, and Data Filtering PCAPs
To export threat PCAPs, you need to provide the PCAP ID from the threat log and the
search time, which is the time that the PCAP was received on the firewall. Threat
PCAP filenames use apcapID.pcap format.
|
PCAP Type
|
API Request
|
|---|---|
|
Threat PCAP using PCAP ID, device name, session ID, and
search
|
|
|
List of filtered PCAPs
|
|
|
Specific filtered PCAP file
|
|
|
List of data filtering PCAP file names
|
|
|
Specific data filtering PCAP file
|
|