FR-14032022-1 - Security Profile and Security Profile Group reference counts #520
Labels
enhancement
New feature or request
Comments
|
first part available here: docker run -v ${PWD}:/share -it swaschkut/pan-os-php:develop --pull always with this command: |
|
the counters regarding SecurityRules and how many of them have:
I am planning to extend this: for this output how helpful this would be? |
|
given the amount of information available in the stats type, I think it's a good fit. And it would add to the 360 bird's eye view of the entire configuration and its scale. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem?
I am looking for a possibility to create a breakdown of how many rules reference each specific Security Profile Group (SPG) and how many rules are referencing Security Profiles directly without using an SPG.
Describe the solution you'd like
The script should be able to identify all SPGs inside Shared and then create a list of how many rules per each Device Group reference said SPG. Then it needs to go through SPGs inside each Device Group and list the number of rules referencing those. Lastly, it should be able to identify the number of rules which use Security Profiles instead of an SPG. If it's possible to create a breakdown for each Security Profile and how many times it's used directly inside a rule, that would be an added bonus. But at least being able to identify the number of rules with Sec Profiles instead of an SPG, should be enough for reporting purposes.
Describe alternatives you've considered
The breakdown is currently possible using Excel Pivot Tables and Global Search in PAN-OS. The problem is that the Global Search has to be done per SPG.
Additional context
Here is an example of the SPG breakdown across all Device Groups
Here is an example of the Shared SPG breakdown showing per-DG use
The text was updated successfully, but these errors were encountered: