Bring Back Date Modified and Date Created to PaloAlto Security Rules

[pjrwlazlo]

Is your feature request related to a problem?

There are no timestamps coming from the API pull for when a Security Rule for Post Rule or Pre rules where Modified or Created. For Auditing purposes my company would like to look at all the firewalls in our fleet have last updated their rules.

Describe the solution you'd like

Have the pan-os-python latest update include the date the rule was created and the date when the rule was last modified.

Describe alternatives you've considered

I have looked at old methods that use xpath at it seems like this used to be an option.

from pandevice import firewall

# Create a connection to Panorama
pano = panorama.Panorama(api_username='admin', api_password='password', hostname='panorama')

# Get a list of all the managed firewalls
fw_list = pano.refresh_devices()

# Get a specific firewall by name
fw = firewall.Firewall('firewall1')
pano.add(fw)

# Retrieve the modification timestamp for a specific security rule on the firewall
xpath = "/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/rulebase/security/rules/entry[@name='my_rule']"
response = fw.xapi.show(xpath=xpath, cmd_xml=False)

# Extract the modification timestamp from the response
timestamp = response.find('./result/entry/timestamp').text

print(f"The last modified timestamp for the rule is: {timestamp}")

However since the configuration of Palo Alto does not the date the rule was created and the date when the rule was last modified it is not coming through the pan-os-api.

[welcome-to-palo-alto-networks]

🎉 Thanks for opening your first issue here! Welcome to the community!

[pjrwlazlo]

Is there somewhere else I have to go to get a response?

[pjrwlazlo]

Is there somewhere else I have to go to get a response?

[pjrwlazlo]

Is there somewhere else I have to go to get a response?