paloaltonetworks.panos.panos_state_snapshot (2.19.1) — module

Install collection

Install with ansible-galaxy collection install paloaltonetworks.panos:==2.19.1

Add to requirements.yml

  collections:
    - name: paloaltonetworks.panos
      version: 2.19.1

Description

A wrapper around the PAN-OS Upgrade Assurance package.

The module takes a snapshot of a state of specified areas. It runs the package's CheckFirewall.run_snapshots() L(method, https://pan.dev/panos/docs/panos-upgrade-assurance/api/check_firewall/#checkfirewallrun_snapshots). Since it's just a wrapper, the way you would configure snapshot area is exactly the same as if you would run the class directly. Please refer to package's documentation for L(syntax,https://pan.dev/panos/docs/panos-upgrade-assurance/configuration-details/#readiness-checks) and L(configuration dialect,https://pan.dev/panos/docs/panos-upgrade-assurance/dialect/).

Requirements

• pan-python can be obtained from PyPI U(https://pypi.python.org/pypi/pan-python)
• pandevice can be obtained from PyPI U(https://pypi.python.org/pypi/pandevice)
• pan-os-upgrade-assurance can be obtained from PyPI U(https://pypi.python.org/pypi/pan-os-upgrade-assurance)

Usage examples

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Run snapshot of all areas except for session statistics
  panos_state_snapshot:
    provider: '{{ device }}'
    state_areas:
      - '!session_stats'
    register: snapshot

Inputs

    
port:
    default: 443
    description:
    - B(Deprecated)
    - Use I(provider) to specify PAN-OS connectivity instead.
    - HORIZONTALLINE
    - The port number to connect to the PAN-OS device on.
    type: int

vsys:
    default: vsys1
    description:
    - The vsys this object belongs to.
    type: str

api_key:
    description:
    - B(Deprecated)
    - Use I(provider) to specify PAN-OS connectivity instead.
    - HORIZONTALLINE
    - The API key to use instead of generating it using I(username) / I(password).
    type: str

password:
    description:
    - B(Deprecated)
    - Use I(provider) to specify PAN-OS connectivity instead.
    - HORIZONTALLINE
    - The password to use for authentication.  This is ignored if I(api_key) is specified.
    type: str

provider:
    description:
    - A dict object containing connection details.
    suboptions:
      api_key:
        description:
        - The API key to use instead of generating it using I(username) / I(password).
        type: str
      ip_address:
        description:
        - The IP address or hostname of the PAN-OS device being configured.
        type: str
      password:
        description:
        - The password to use for authentication.  This is ignored if I(api_key) is specified.
        type: str
      port:
        default: 443
        description:
        - The port number to connect to the PAN-OS device on.
        type: int
      serial_number:
        description:
        - The serial number of a firewall to use for targeted commands. If I(ip_address)
          is not a Panorama PAN-OS device, then this param is ignored.
        type: str
      username:
        default: admin
        description:
        - The username to use for authentication.  This is ignored if I(api_key) is specified.
        type: str
    type: dict
    version_added: 1.0.0
    version_added_collection: paloaltonetworks.panos

username:
    default: admin
    description:
    - B(Deprecated)
    - Use I(provider) to specify PAN-OS connectivity instead.
    - HORIZONTALLINE
    - The username to use for authentication.  This is ignored if I(api_key) is specified.
    type: str

ip_address:
    description:
    - B(Deprecated)
    - Use I(provider) to specify PAN-OS connectivity instead.
    - HORIZONTALLINE
    - The IP address or hostname of the PAN-OS device being configured.
    type: str

state_areas:
    default:
    - all
    description:
    - A list of Firewall state areas that we should take a snapshot of. For the details
      on currently supported list please refer to L(package documentation, https://pan.dev/panos/docs/panos-upgrade-assurance/configuration-details/#state-snapshots).
    - To capture the actual snapshot data use a register.
    elements: str
    type: list

Outputs

response:
  description:
  - This is a B(dict) where keys are state areas names just as you specify them in
    the I(state_areas) property.
  - Values contain the snapshot data. Type and structure differs per state area. Please
    refer to L(package documentation, https://pan.dev/panos/docs/panos-upgrade-assurance/configuration-details/#state-snapshots)
    for details.
  returned: always
  sample:
    arp_table: {}
    content_version:
      version: 8635-7675
    ip_sec_tunnels: {}
    license:
      DNS Security:
        authcode: null
        base-license-name: PA-VM
        description: Palo Alto Networks DNS Security License
        expired: false
        expires: December 31, 2023
        feature: DNS Security
        issued: April 13, 2023
        serial: xxxxxxxxxxxxxxxxx
      PA-VM:
        authcode: null
        description: Standard VM-300
        expired: false
        expires: December 31, 2023
        feature: PA-VM
        issued: April 13, 2023
        serial: xxxxxxxxxxxxxxxxx
    routes: {}
    session_stats:
      age-accel-thresh: '80'
      age-accel-tsf: '2'
      age-scan-ssf: '8'
      age-scan-thresh: '80'
      age-scan-tmo: '10'
      cps: '0'
      dis-def: '60'
      dis-sctp: '30'
      dis-tcp: '90'
      dis-udp: '60'
      icmp-unreachable-rate: '200'
      kbps: '0'
      max-pending-mcast: '0'
      num-active: '0'
  type: dict