Try Spotterexport file from PAN-OS devices
| "added in version" 2.0.0 of paloaltonetworks.panos"
Authors: Michael Richardson (@mrichardson03)
Install with ansible-galaxy collection install paloaltonetworks.panos:==2.19.1
collections:
- name: paloaltonetworks.panos
version: 2.19.1Export files from PAN-OS device
- name: Export configuration
paloaltonetworks.panos.panos_export:
provider: '{{ provider }}'
category: 'configuration'
filename: 'running-config.xml'
- name: Export application block page
paloaltonetworks.panos.panos_export:
provider: '{{ provider }}'
category: 'application-block-page'
filename: 'application-block-page.html'
- name: Export tech support (module will wait until file is ready)
paloaltonetworks.panos.panos_export:
provider: '{{ provider }}'
category: 'tech-support'
filename: 'tech-support.tgz'
- name: Export threat packet capture
paloaltonetworks.panos.panos_export:
provider: '{{ provider }}'
category: 'threat-pcap'
threat_pcap_id: '1206450340254187521'
threat_pcap_search_time: '2020/07/20 18:20:19'
filename: 'threat.pcap'
port:
default: 443
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The port number to connect to the PAN-OS device on.
type: int
api_key:
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The API key to use instead of generating it using I(username) / I(password).
type: str
timeout:
default: 600
description:
- When category is set to 'tech-support', 'stats-dump', or 'device-state', the operating
can take a while to complete. This is the maximum amount of time to wait, in seconds.
type: int
category:
choices:
- application-block-page
- application-pcap
- captive-portal-text
- certificate
- configuration
- credential-block-page
- credential-coach-text
- data-filter-block-page
- device-state
- dlp-pcap
- file-block-continue-page
- file-block-page
- filter-pcap
- global-protect-portal-custom-help-page
- global-protect-portal-custom-home-page
- global-protect-portal-custom-login-page
- global-protect-portal-custom-welcome-page
- mfa-login-page
- safe-search-block-page
- ssl-cert-status-page
- ssl-optout-text
- stats-dump
- tech-support
- threat-pcap
- url-block-page
- url-coach-text
- virus-block-page
default: configuration
description:
- Element type to export.
type: str
filename:
description:
- Local path to output file (if any).
type: str
password:
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The password to use for authentication. This is ignored if I(api_key) is specified.
type: str
provider:
description:
- A dict object containing connection details.
suboptions:
api_key:
description:
- The API key to use instead of generating it using I(username) / I(password).
type: str
ip_address:
description:
- The IP address or hostname of the PAN-OS device being configured.
type: str
password:
description:
- The password to use for authentication. This is ignored if I(api_key) is specified.
type: str
port:
default: 443
description:
- The port number to connect to the PAN-OS device on.
type: int
serial_number:
description:
- The serial number of a firewall to use for targeted commands. If I(ip_address)
is not a Panorama PAN-OS device, then this param is ignored.
type: str
username:
default: admin
description:
- The username to use for authentication. This is ignored if I(api_key) is specified.
type: str
type: dict
version_added: 1.0.0
version_added_collection: paloaltonetworks.panos
username:
default: admin
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The username to use for authentication. This is ignored if I(api_key) is specified.
type: str
ip_address:
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The IP address or hostname of the PAN-OS device being configured.
type: str
dlp_password:
description:
- Password used to decrypt DLP packet capture.
type: str
dlp_pcap_name:
description:
- When I(category=dlp-pcap), this value can be a blank string, or a packet capture
name. If the value is blank, a list of packet capture files will be returned. If
the value is a packet capture file name, the file will be written to I(filename).
type: str
threat_pcap_id:
description:
- When I(category=threat-pcap), this value is a unique identifier for the packet capture,
and can be obtained from the 'pcap_id' field in the THREAT log.
type: str
certificate_name:
description:
- Name of the certificate to export.
type: str
create_directory:
default: false
description:
- Whether to create directory when exporting.
type: bool
filter_pcap_name:
description:
- When I(category=filter-pcap), this value can be a blank string, or a packet capture
name. If the value is blank, a list of packet capture files will be returned. If
the value is a packet capture file name, the file will be written to I(filename).
type: str
certificate_format:
choices:
- pem
- pkcs10
- pkcs12
description:
- Format for the certificate.
type: str
threat_pcap_serial:
description:
- When I(category=threat-pcap), this value is required when exporting from Panorama
and is used to specify the device to fetch the packet capture from.
type: str
application_pcap_name:
description:
- When I(category=application-pcap), this can be a blank string, a packet capture
directory name, or a packet capture name. If the value is either blank or a directory
name, a list of directories or packet capture files will be returned. If the value
is a packet capture file name, the file will be written to I(filename).
type: str
certificate_passphrase:
description:
- Passphrase used to encrypt the certificate and/or private key.
type: str
threat_pcap_search_time:
description:
- When I(category=threat-pcap), this value is is used to narrow the search for the
'pcap_id' and is used to set a time window in the range -5 minutes to +2 hours of
the time specified. The search time is typically set to the **receive_time** field
in the THREAT log. The PAN-OS log time string format is used, for example '2015/01/20
10:51:09'. If the value is not specified, it will be set to the threat epoch time
which is part of the 'pcap_id'.
type: str
certificate_include_keys:
default: false
description:
- Whether to include the private key in the export.
type: bool
stdout:
description: If the output gives a directory listing, give the listing as JSON formatted
string
returned: success
sample: '{''dir-listing'': {''file'': [''/capture-rx'', ''/capture-tx'', ''/capture-fw'']}}'
type: str
stdout_xml:
description: If the output gives a directory listing, give the listing as XML formatted
string
returned: success
sample: <dir-listing><file>/capture-rx</file><file>/capture-tx</file><file>/capture-fw</file></dir-listing>
type: str