Focus

WildFire API Reference

Submit Multiple Website Links to WildFire (API)

Table of Contents

Submit Multiple Website Links to WildFire (API)

Use this resource to submit multiple website URLs (up to 1000) for WildFire analysis. This resource is preferable when you have a large list of URLs to be analyzed.

Resource

/submit/links/

Request Parameters

Use the following request parameters when you submit website URLs for WildFire analysis:

Parameters	Description	Example
apikey	(`Required for API key authentication`) API key	Example: apikey=<API KEY>
Authorization	(`Required for token-based authentication`) HTTP request header for token-based authentication. To obtain an access token, create a WildFire API token in Strata Cloud Manager, then generate an access token from the authentication service.	Example: -H "Authorization: Bearer <ACCESS_TOKEN>"
agent	(`Required for Prisma Access and Prisma Cloud Compute-based WildFire public API keys`) Designates the API key type	Example: agent=pcc Options include: pcc—for use with Prisma Cloud Compute-based WildFire public API keys prismaaccessapi—for use with Prisma Access-based WildFire public API keys
file	(`Required`) Local path to text file that contains up to 1000 URLs	Example: file=@c:\websitelist.txt All links must be in a single text file. The file should first include panlnk at the top of the file and can have the following types of line endings: \r\n, \r, and, \n. Example contents of file: panlnk http://example.com

Example Request

Make a POST request to the /submit/links resource and include the file path that contains a list of links. The file should first include panlnk at the top of the file:

panlnk 
http://example.com 
http://example.net

The text file that you create can have the following types of line endings: \r\n, \r, and, \n. In the request, include the path to the local file. Authenticate using one of the following methods:

API key authentication—Pass the API key as a form field:

curl -F 'apikey=<API KEY>' -F 'file=@websitelist.txt' 'https://wildfire.paloaltonetworks.com/publicapi/submit/links'

Token-based authentication—Pass a Bearer token in the Authorization header:

curl -F 'file=@websitelist.txt' -H 'Authorization: Bearer <ACCESS_TOKEN>' 'https://wildfire.paloaltonetworks.com/publicapi/submit/links'

The XML response contains the original URLs along with the SHA256 and MD5 hash:

<wildfire> 
  <submit-link-info> 
    <url>http://example.com</url> 
    <sha256>f0e6a6a97042a4f1f1c87f5f7d44315b2d852c2df5c7991cc66241bf7072d1c4</sha256> 
    <md5>a9b9f04336ce0181a08e774e01113b31</md5> 
  </submit-link-info> 
  <submit-link-info> 
    <url>http://example.net</url> 
    <sha256>1a451f9b7ac34a1eaca15f23de263901ae343f60de9d7c324cadaaee3a380255</sha256> 
    <md5>cd36281827c9cdf2d40b45194ab30f02</md5> 
  </submit-link-info> 
</wildfire>

Submit a Website Link to WildFire (API)

Submit a Sample Verdict Change (API)