Try SpotterManage application objects on PAN-OS devices.
| "added in version" 2.0.0 of paloaltonetworks.panos"
Authors: Michael Richardson (@mrichardson03)
Install with ansible-galaxy collection install paloaltonetworks.panos:==2.19.1
collections:
- name: paloaltonetworks.panos
version: 2.19.1Manage application objects on PAN-OS devices.
- name: Create custom application
paloaltonetworks.panos.panos_application_object:
provider: '{{ provider }}'
name: 'custom-app'
category: 'business-systems'
subcategory: 'auth-service'
technology: 'client-server'
risk: 1
- name: Remove custom application
paloaltonetworks.panos.panos_application_object:
provider: '{{ provider }}'
name: 'custom-app'
state: 'absent'
tag:
description:
- Administrative tags
elements: str
type: list
name:
description:
- Name of the tag.
type: str
port:
default: 443
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The port number to connect to the PAN-OS device on.
type: int
risk:
choices:
- 1
- 2
- 3
- 4
- 5
description:
- Risk (1-5) of the application
type: int
vsys:
default: vsys1
description:
- The vsys this object belongs to.
type: str
state:
choices:
- present
- absent
- replaced
- merged
- deleted
- gathered
default: present
description:
- The state.
type: str
api_key:
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The API key to use instead of generating it using I(username) / I(password).
type: str
timeout:
description:
- Default timeout
type: int
category:
description:
- Application category
type: str
password:
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The password to use for authentication. This is ignored if I(api_key) is specified.
type: str
provider:
description:
- A dict object containing connection details.
suboptions:
api_key:
description:
- The API key to use instead of generating it using I(username) / I(password).
type: str
ip_address:
description:
- The IP address or hostname of the PAN-OS device being configured.
type: str
password:
description:
- The password to use for authentication. This is ignored if I(api_key) is specified.
type: str
port:
default: 443
description:
- The port number to connect to the PAN-OS device on.
type: int
serial_number:
description:
- The serial number of a firewall to use for targeted commands. If I(ip_address)
is not a Panorama PAN-OS device, then this param is ignored.
type: str
username:
default: admin
description:
- The username to use for authentication. This is ignored if I(api_key) is specified.
type: str
type: dict
version_added: 1.0.0
version_added_collection: paloaltonetworks.panos
username:
default: admin
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The username to use for authentication. This is ignored if I(api_key) is specified.
type: str
data_ident:
description:
- Scan for data types
type: bool
ip_address:
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The IP address or hostname of the PAN-OS device being configured.
type: str
parent_app:
description:
- Parent Application for which this app falls under
type: str
technology:
description:
- Application technology
type: str
description:
description:
- Description of this object
type: str
subcategory:
description:
- Application subcategory
type: str
tcp_timeout:
description:
- TCP timeout
type: int
udp_timeout:
description:
- UDP timeout
type: int
virus_ident:
description:
- Scan for viruses
type: bool
default_port:
description:
- Default ports.
elements: str
type: list
default_type:
choices:
- port
- ident-by-ip-protocol
- ident-by-icmp-type
- ident-by-icmp6-type
description:
- Default identification type of the application.
type: str
device_group:
default: shared
description:
- (Panorama only) The device group the operation should target.
type: str
pervasive_use:
description:
- Application is used pervasively
type: bool
file_type_ident:
description:
- Scan for files
type: bool
gathered_filter:
description:
- When I(state=gathered).
- An advanced filtering option to filter results returned from PAN-OS.
- Refer to the guide discussing I(gathered_filter) for more information.
type: str
prone_to_misuse:
description:
- Application is prone to misuse
type: bool
used_by_malware:
description:
- Application is used by malware
type: bool
evasive_behavior:
description:
- Application is actively evasive
type: bool
default_icmp_code:
description:
- Default ICMP code.
type: int
default_icmp_type:
description:
- Default ICMP type.
type: int
default_ip_protocol:
description:
- Default IP protocol.
type: str
tunnel_applications:
description:
- List of tunneled applications
elements: str
type: list
able_to_transfer_file:
description:
- Application can do file transfers
type: bool
consume_big_bandwidth:
description:
- Application uses large bandwidth
type: bool
tcp_time_wait_timeout:
description:
- TCP wait time timeout
type: int
has_known_vulnerability:
description:
- Application has known vulnerabilities
type: bool
tcp_half_closed_timeout:
description:
- TCP half closed timeout
type: int
tunnel_other_application:
description:
- Application can tunnel other applications
type: bool