Wednesday, March 7, 2018

Palo Alto Networks - Querying Multiple URL Categories at Once

Palo Alto Networks offers a way to query a URL via However, if you want to query multiple URLs at the same time, then you need to leverage the API.
  • Generate the API key for the firewall. See this link for instructions.
  • Create a text file with all the URLs you want to check. For example, create a file called urls.txt with the URLs entered in the following format:

  • Create a bash file to query PAN-DB using the text file created in the previous step. For example, create a file called url_checker with the following details:
for url in $(cat urls.txt); 
do curl -k 'https://{firewall ip}/api/?type=op&cmd=<test><url>'$url'</url></test>&key={api key here}'; 
  • From the command line, run the bash script. For example, in OSX, ./url_checker
  • The output should give you a list of all URLs in the file and their corresponding categories.
SJCMACF0UPG8WM:Desktop smitchell$ ./url_checker
<response cmd="status" status="success"><result> search-engines (Base db) expires in 3000 seconds search-engines (Cloud db)
</result></response><response cmd="status" status="success"><result> social-networking (Base db) expires in 3000 seconds social-networking (Cloud db)
</result></response><response cmd="status" status="success"><result> internet-portals (Base db) expires in 3000 seconds internet-portals (Cloud db)
</result></response><response cmd="status" status="success"><result> home-and-garden (Base db) expires in 0 seconds home-and-garden (Cloud db)
</result></response><response cmd="status" status="success"><result> financial-services (Base db) expires in 9000 seconds financial-services (Cloud db)
</result></response>SJCMACF0UPG8WM:Desktop smitchell$

No comments:

Post a Comment