paloaltonetworks / paloaltonetworks.panos / 2.19.1 / module / panos_export export file from PAN-OS devices | "added in version" 2.0.0 of paloaltonetworks.panos" Authors: Michael Richardson (@mrichardson03)paloaltonetworks.panos.panos_export (2.19.1) — module
Install with ansible-galaxy collection install paloaltonetworks.panos:==2.19.1
collections: - name: paloaltonetworks.panos version: 2.19.1
Export files from PAN-OS device
- name: Export configuration paloaltonetworks.panos.panos_export: provider: '{{ provider }}' category: 'configuration' filename: 'running-config.xml'
- name: Export application block page paloaltonetworks.panos.panos_export: provider: '{{ provider }}' category: 'application-block-page' filename: 'application-block-page.html'
- name: Export tech support (module will wait until file is ready) paloaltonetworks.panos.panos_export: provider: '{{ provider }}' category: 'tech-support' filename: 'tech-support.tgz'
- name: Export threat packet capture paloaltonetworks.panos.panos_export: provider: '{{ provider }}' category: 'threat-pcap' threat_pcap_id: '1206450340254187521' threat_pcap_search_time: '2020/07/20 18:20:19' filename: 'threat.pcap'
port: default: 443 description: - B(Deprecated) - Use I(provider) to specify PAN-OS connectivity instead. - HORIZONTALLINE - The port number to connect to the PAN-OS device on. type: int api_key: description: - B(Deprecated) - Use I(provider) to specify PAN-OS connectivity instead. - HORIZONTALLINE - The API key to use instead of generating it using I(username) / I(password). type: str timeout: default: 600 description: - When category is set to 'tech-support', 'stats-dump', or 'device-state', the operating can take a while to complete. This is the maximum amount of time to wait, in seconds. type: int category: choices: - application-block-page - application-pcap - captive-portal-text - certificate - configuration - credential-block-page - credential-coach-text - data-filter-block-page - device-state - dlp-pcap - file-block-continue-page - file-block-page - filter-pcap - global-protect-portal-custom-help-page - global-protect-portal-custom-home-page - global-protect-portal-custom-login-page - global-protect-portal-custom-welcome-page - mfa-login-page - safe-search-block-page - ssl-cert-status-page - ssl-optout-text - stats-dump - tech-support - threat-pcap - url-block-page - url-coach-text - virus-block-page default: configuration description: - Element type to export. type: str filename: description: - Local path to output file (if any). type: str password: description: - B(Deprecated) - Use I(provider) to specify PAN-OS connectivity instead. - HORIZONTALLINE - The password to use for authentication. This is ignored if I(api_key) is specified. type: str provider: description: - A dict object containing connection details. suboptions: api_key: description: - The API key to use instead of generating it using I(username) / I(password). type: str ip_address: description: - The IP address or hostname of the PAN-OS device being configured. type: str password: description: - The password to use for authentication. This is ignored if I(api_key) is specified. type: str port: default: 443 description: - The port number to connect to the PAN-OS device on. type: int serial_number: description: - The serial number of a firewall to use for targeted commands. If I(ip_address) is not a Panorama PAN-OS device, then this param is ignored. type: str username: default: admin description: - The username to use for authentication. This is ignored if I(api_key) is specified. type: str type: dict version_added: 1.0.0 version_added_collection: paloaltonetworks.panos username: default: admin description: - B(Deprecated) - Use I(provider) to specify PAN-OS connectivity instead. - HORIZONTALLINE - The username to use for authentication. This is ignored if I(api_key) is specified. type: str ip_address: description: - B(Deprecated) - Use I(provider) to specify PAN-OS connectivity instead. - HORIZONTALLINE - The IP address or hostname of the PAN-OS device being configured. type: str dlp_password: description: - Password used to decrypt DLP packet capture. type: str dlp_pcap_name: description: - When I(category=dlp-pcap), this value can be a blank string, or a packet capture name. If the value is blank, a list of packet capture files will be returned. If the value is a packet capture file name, the file will be written to I(filename). type: str threat_pcap_id: description: - When I(category=threat-pcap), this value is a unique identifier for the packet capture, and can be obtained from the 'pcap_id' field in the THREAT log. type: str certificate_name: description: - Name of the certificate to export. type: str create_directory: default: false description: - Whether to create directory when exporting. type: bool filter_pcap_name: description: - When I(category=filter-pcap), this value can be a blank string, or a packet capture name. If the value is blank, a list of packet capture files will be returned. If the value is a packet capture file name, the file will be written to I(filename). type: str certificate_format: choices: - pem - pkcs10 - pkcs12 description: - Format for the certificate. type: str threat_pcap_serial: description: - When I(category=threat-pcap), this value is required when exporting from Panorama and is used to specify the device to fetch the packet capture from. type: str application_pcap_name: description: - When I(category=application-pcap), this can be a blank string, a packet capture directory name, or a packet capture name. If the value is either blank or a directory name, a list of directories or packet capture files will be returned. If the value is a packet capture file name, the file will be written to I(filename). type: str certificate_passphrase: description: - Passphrase used to encrypt the certificate and/or private key. type: str threat_pcap_search_time: description: - When I(category=threat-pcap), this value is is used to narrow the search for the 'pcap_id' and is used to set a time window in the range -5 minutes to +2 hours of the time specified. The search time is typically set to the **receive_time** field in the THREAT log. The PAN-OS log time string format is used, for example '2015/01/20 10:51:09'. If the value is not specified, it will be set to the threat epoch time which is part of the 'pcap_id'. type: str certificate_include_keys: default: false description: - Whether to include the private key in the export. type: bool
stdout: description: If the output gives a directory listing, give the listing as JSON formatted string returned: success sample: '{''dir-listing'': {''file'': [''/capture-rx'', ''/capture-tx'', ''/capture-fw'']}}' type: str stdout_xml: description: If the output gives a directory listing, give the listing as XML formatted string returned: success sample: <dir-listing><file>/capture-rx</file><file>/capture-tx</file><file>/capture-fw</file></dir-listing> type: str