valitydev/Cortex-Analyzers
14
0
Fork 0
mirror of https://github.com/valitydev/Cortex-Analyzers.git synced 2024-11-06 17:15:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
456bf91c26
Cortex-Analyzers/responders/PaloAltoNGFW_unblock_port
History
staf711 1a8dfc338b Add responce for PaloAltoNGFW
2020-10-20 21:07:09 +03:00
..
.Unblock_port.py.swp Add responce for PaloAltoNGFW 2020-10-20 21:07:09 +03:00
PaloAltoNGFW_unblock_port.json Add responce for PaloAltoNGFW 2020-10-20 21:07:09 +03:00
README.md Add responce for PaloAltoNGFW 2020-10-20 21:07:09 +03:00
Unblock_port.py Add responce for PaloAltoNGFW 2020-10-20 21:07:09 +03:00

README.md

Block external IP address for Palo Alto NGFW

Response module for block external IP address for Palo Alto NGFW

Installation

need install:

  1. pan-os-python
  2. thehive4py

ToDo

to work, you need to create Address_Group in PaloAltoNGFW and create security polites and name them in "name_internal_Service_Group" and "name_external_Service_Group".

principle of operation:

  1. the value is selected from the alert the hive.
  2. if ioc added in Service_Groups, script deleted ioc
  3. if ioc in AddressObject, script deleted ioc