Needs a nice way to add Panorama audit comments to policy changes #209

dataway · 2020-02-24T17:22:03Z

Is your feature request related to a problem?

Our Panorama setup requires audit comments for any policy changes. Currently, pandevice doesn't offer any good way to set them.

Currently I'm doing this with hand written XML along the following lines:

panorama = pandevice.panorama.Panorama()
rule = pandevice.policies.SecurityRule()
...
rule.description = 'Alteration'
rule.update('description')
comment = "Audit comment"
panorama.op('<set><audit-comment><xpath>{0}</xpath><comment>{1}</comment></audit-comment></set>'.format(rule.xpath(), comment), cmd_xml=False)

Describe the solution you'd like

An API along the lines of
rule.audit_comment("Audit comment")
which would perform the correct operation.

Describe alternatives you've considered

Already using the aforementioned, ugly code.

The text was updated successfully, but these errors were encountered:

shinmog · 2021-03-18T16:39:39Z

Once #310 is finalized, the intent is that this will be added next.

This adds an `audit_comment` namespace onto the rules in the `policies` library. Also adds a few new unittests for the XML returned from the XML API. Fixes #272 Fixes #209

* feat: Add audit comment support for rules This adds an `audit_comment` namespace onto the rules in the `policies` library. Also adds a few new unittests for the XML returned from the XML API. Fixes #272 Fixes #209 * review comments * updating acctests * pan python has the `query` as `filter` so use that

## [1.1.0](v1.0.2...v1.1.0) (2021-05-06) ### Features * Add `PanDevice.plugins()` ([fa1e4a6](fa1e4a6)), closes [#263](#263) * Add audit comment support for rules ([#323](#323)) ([350840f](350840f)), closes [#272](#272) [#209](#209) * Add Authentication profile/sequance ([#286](#286)) ([a66a01d](a66a01d)) * Add device group hierarchy support ([#321](#321)) ([ef90979](ef90979)) * Add DHCP relay support ([#319](#319)) ([fde1fe4](fde1fe4)), closes [#251](#251) [#259](#259) * Add hit count support (opstate) ([#310](#310)) ([ba1f4d5](ba1f4d5)), closes [#239](#239) * Add PanDevice.whoami() ([#318](#318)) ([f00d587](f00d587)), closes [#261](#261) * Add static route path monitoring ([7662496](7662496)), closes [#296](#296) * Add Zone 8.0+ support ([21f7026](21f7026)), closes [#158](#158) * Content version by refresh_system_info() ([00f982f](00f982f)) * Save versions during device refresh ([7d7a7f9](7d7a7f9)) ### Bug Fixes * Add missing tag colors ([d021922](d021922)), closes [#267](#267) * Anti-replay specified twice ([#274](#274)) ([aa30205](aa30205)) * AuthenticationSequence class name ([9632c93](9632c93)) * Correct `clock()` parsing ([48faab5](48faab5)), closes [#278](#278) * correct user-id tag_user / untag_user ([#299](#299)) ([1de69f8](1de69f8)), closes [#287](#287) * Correcting profile xpaths ([#333](#333)) ([c1ac9c4](c1ac9c4)), closes [#266](#266) * Fix placement of default PAN-OS version const ([6fd6ae3](6fd6ae3)) * Fix show_system_resource parsing ([83ab35d](83ab35d)), closes [#280](#280)

github-actions · 2021-05-06T16:34:14Z

🎉 This issue has been resolved in version 1.1.0 🎉

The release is available on PyPI and GitHub release

Posted by semantic-release bot

## [1.1.0](v1.0.2...v1.1.0) (2021-05-06) ### Features * Add `PanDevice.plugins()` ([fa1e4a6](fa1e4a6)), closes [#263](#263) * Add audit comment support for rules ([#323](#323)) ([350840f](350840f)), closes [#272](#272) [#209](#209) * Add Authentication profile/sequance ([#286](#286)) ([a66a01d](a66a01d)) * Add device group hierarchy support ([#321](#321)) ([ef90979](ef90979)) * Add DHCP relay support ([#319](#319)) ([fde1fe4](fde1fe4)), closes [#251](#251) [#259](#259) * Add hit count support (opstate) ([#310](#310)) ([ba1f4d5](ba1f4d5)), closes [#239](#239) * Add PanDevice.whoami() ([#318](#318)) ([f00d587](f00d587)), closes [#261](#261) * Add static route path monitoring ([7662496](7662496)), closes [#296](#296) * Add Zone 8.0+ support ([21f7026](21f7026)), closes [#158](#158) * Content version by refresh_system_info() ([00f982f](00f982f)) * Save versions during device refresh ([7d7a7f9](7d7a7f9)) ### Bug Fixes * Add missing tag colors ([d021922](d021922)), closes [#267](#267) * Anti-replay specified twice ([#274](#274)) ([aa30205](aa30205)) * AuthenticationSequence class name ([9632c93](9632c93)) * Correct `clock()` parsing ([48faab5](48faab5)), closes [#278](#278) * correct user-id tag_user / untag_user ([#299](#299)) ([1de69f8](1de69f8)), closes [#287](#287) * Correcting profile xpaths ([#333](#333)) ([c1ac9c4](c1ac9c4)), closes [#266](#266) * Fix placement of default PAN-OS version const ([6fd6ae3](6fd6ae3)) * Fix show_system_resource parsing ([83ab35d](83ab35d)), closes [#280](#280)

dataway added the enhancement label Feb 24, 2020

shinmog added a commit that referenced this issue Apr 7, 2021

feat: Add audit comment support for rules

f380602

This adds an `audit_comment` namespace onto the rules in the `policies` library. Also adds a few new unittests for the XML returned from the XML API. Fixes #272 Fixes #209

shinmog mentioned this issue Apr 7, 2021

feat: Add audit comment support for rules #323

Merged

shinmog closed this as completed in #323 Apr 12, 2021

github-actions bot added the released label May 6, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Needs a nice way to add Panorama audit comments to policy changes #209

Needs a nice way to add Panorama audit comments to policy changes #209

dataway commented Feb 24, 2020

shinmog commented Mar 18, 2021

github-actions bot commented May 6, 2021

Needs a nice way to add Panorama audit comments to policy changes #209

Needs a nice way to add Panorama audit comments to policy changes #209

Comments

dataway commented Feb 24, 2020

Is your feature request related to a problem?

Describe the solution you'd like

Describe alternatives you've considered

shinmog commented Mar 18, 2021

github-actions bot commented May 6, 2021