{"id":2231,"date":"2017-08-21T19:27:57","date_gmt":"2017-08-21T19:27:57","guid":{"rendered":"https:\/\/live-infoblox-blog.pantheonsite.io\/?p=2231"},"modified":"2020-05-06T10:27:57","modified_gmt":"2020-05-06T17:27:57","slug":"creating-palo-alto-objects-from-infoblox","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/","title":{"rendered":"Creating Palo Alto objects from Infoblox"},"content":{"rendered":"<p><em><span style=\"font-size: medium;\">This is a guest blog written by Niels van Kampen, freelance consultant and trainer,\u00a0<a href=\"http:\/\/www.vknit.nl\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">www.vknit.nl<\/a>. The opinions expressed here belong to the author. If you have any questions on how Infoblox products work, please contact Infoblox support.<\/span><\/em><\/p>\n<p><span style=\"font-size: xx-large;\">Goal<\/span><\/p>\n<p>As probably any administrator has experienced, administration over multiple systems can be problematic. You have to keep your naming convention consistent over all systems and it is not uncommon to get the feeling you have to execute the same change multiple times over different systems, already sounds boring right?<\/p>\n<p>The answer every vendor throws at you: &#8220;But we have an API!&#8221; Sure, we need the API&#8217;s, but who is going to call the API&#8217;s? Are you going to run a script from your local machine? Deploy a server for the sole purpose of running python and curl? And who is going to maintain those scripts? Of course, you could buy an orchestrator-like tool, but the step between manual labor and full-blown automation is huge, it&#8217;s more of a leap&#8230;.over the grand canyon. It would be great to have the possibility to be able to tie together different tools in your infrastructure like your IPAM and firewall and have them exchange information together. Most of the time those two will be different vendors and it will be like me trying to speak french: frustrating and useless.<\/p>\n<p>Wouldn&#8217;t it be great if you could somehow tell vendor x what language to speak to vendor y? Infoblox did that in a wonderful job on it and that&#8217;s what this post is all about.<\/p>\n<p><span style=\"font-size: xx-large;\">Theoretics<\/span><\/p>\n<p>The concept is actually so simple I&#8217;m not even going to make a nice Visio drawing for it, and I really like making those.<\/p>\n<p>In Infoblox you create an API endpoint for the Palo Alto, this uses a session template to connect and authenticate yourself.<\/p>\n<figure id=\"attachment_2240\" aria-describedby=\"caption-attachment-2240\" style=\"width: 400px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2240\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/palo-alto-objects-visual-1-api-endpoint-information.png\" alt=\"API endpoint information.\" width=\"400\" height=\"309\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-1-api-endpoint-information.png 400w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-1-api-endpoint-information-300x232.png 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-2240\" class=\"wp-caption-text\">Fig 1. API endpoint information.<\/figcaption><\/figure>\n<p>Fig 1. API endpoint information.<\/p>\n<figure id=\"attachment_2241\" aria-describedby=\"caption-attachment-2241\" style=\"width: 400px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2241\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/palo-alto-objects-visual-2-session-template-selection.png\" alt=\"Session template selection\" width=\"400\" height=\"277\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-2-session-template-selection.png 400w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-2-session-template-selection-300x208.png 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-2241\" class=\"wp-caption-text\">Fig 2. Session template selection<\/figcaption><\/figure>\n<p>Fig 2. Session template selection<\/p>\n<p>The templates are JSON files (available at the bottom) which you upload to Infoblox on the templates tab.<\/p>\n<figure id=\"attachment_2242\" aria-describedby=\"caption-attachment-2242\" style=\"width: 400px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2242\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/palo-alto-objects-visual-3-template-overview.png\" alt=\"Templates overview\" width=\"400\" height=\"152\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-3-template-overview.png 400w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-3-template-overview-300x114.png 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-2242\" class=\"wp-caption-text\">Fig 3. Templates overview<\/figcaption><\/figure>\n<p>Fig 3. Templates overview<\/p>\n<p>The next step is to use notifications, this defines the trigger conditions and when Infoblox should contact the firewall to send him some object information.<\/p>\n<figure id=\"attachment_2243\" aria-describedby=\"caption-attachment-2243\" style=\"width: 400px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2243\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/palo-alto-objects-visual-4-notification-conditions.png\" alt=\"Fig 4. Notification conditions\" width=\"400\" height=\"324\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-4-notification-conditions.png 400w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-4-notification-conditions-300x243.png 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-2243\" class=\"wp-caption-text\">Fig 4. Notification conditions<\/figcaption><\/figure>\n<p>Fig 4. Notification conditions<\/p>\n<figure id=\"attachment_2244\" aria-describedby=\"caption-attachment-2244\" style=\"width: 400px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2244\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/palo-alto-objects-visual-5-notification-template-usage.png\" alt=\"Fig 5. Notification template usage \" width=\"400\" height=\"179\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-5-notification-template-usage.png 400w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-5-notification-template-usage-300x134.png 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-2244\" class=\"wp-caption-text\">Fig 5. Notification template usage<\/figcaption><\/figure>\n<p>Fig 5. Notification template usage<\/p>\n<p>What is configured above is &#8220;Hey Infoblox, if a Host object changes in the default network view, send information to the Palo Alto using the Palo Alto actions template.&#8221;<\/p>\n<p>In theory, this is easy! But there is a catch, the templates are not yet available and who is going to provide them? Should it be Palo Alto or Infoblox? As I imagined to myself how the conversations with both vendors would look like I figured it would be easier to create the templates myself.<\/p>\n<p><span style=\"font-size: xx-large;\">Setup<\/span><\/p>\n<p>How hard could it be I thought, you just tell the Infoblox how to talk to the Palo Alto. Put in a variable here and there and done, right? How wrong could I have been?<\/p>\n<p>There is\u00a0<a href=\"https:\/\/docs.infoblox.com\/display\/NAG8\/About+Outbound+Templates\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">documentation<\/a>\u00a0and there are some examples on the\u00a0<a href=\"https:\/\/community.infoblox.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Infoblox user forum<\/a>, but it&#8217;s more like a push in the right direction.<\/p>\n<p>After some tries I figured I needed some more insight into what was going on between Infoblox and the Palo Alto so I used the setup below:<\/p>\n<ul>\n<li>Infoblox trial VM, NIOS 8.2.1 with the DNS, DHCP and Security Ecosystem license activated.<\/li>\n<li>Palo Alto trial VM, PANOS 5.0.6 (sorry, I don&#8217;t have a newer version available currently)<\/li>\n<li>An Ubuntu box with Squid and TCP dump.<\/li>\n<\/ul>\n<p>I&#8217;m using Squid as a reverse proxy for the Palo Alto so I could listen in on the traffic between the Infoblox and Palo Alto. And that&#8217;s also the reason I&#8217;m using HTTP, in a production environment you would use HTTPS.<\/p>\n<p><span style=\"font-size: xx-large;\">Templates<\/span><\/p>\n<p>As mentioned, the templates are divided into two categories: Session and Event templates. The session templates are used for login and logout functionality, the event templates contain the actions to be taken when a notification rule is hit. All templates are in JSON format.<\/p>\n<p>A template can be divided into two pieces, an overall settings part and\u00a0<em>steps<\/em>.<\/p>\n<p>In the overall settings, you can configure high-level settings like the\u00a0maximum number of requests in a session or session duration. The steps are pieces of JSON which describe an action to take, they are like little functions. Unless you tell otherwise Infoblox will run your steps from top to bottom. Luckily you can also point to another function after one function has executed, or stop the execution of the template completely.<\/p>\n<p><span style=\"font-size: x-large;\">Session Template<\/span><\/p>\n<p>The session template is pretty straightforward and doesn&#8217;t have to be complicated. For the Palo Alto, it was (lucky for me) pretty easy to create the template. Since Palo Alto doesn&#8217;t provide a logout function for the API, please correct me if I&#8217;m wrong, I only had to create a login template and store the API key the Palo Alto provides.<\/p>\n<p>I&#8217;ve cut the session templates in multiple pieces, there is a general session template in which you can refer to a login and a logout template. For the Palo Alto, I&#8217;ve only created a login template.<\/p>\n<p>Below are the templates. Because JSON doesn&#8217;t allow comment lines I&#8217;ll point out the interesting lines under the code boxes.<\/p>\n<p><strong>PA_session.json<\/strong><\/p>\n<pre>{\r\n\t\"name\": \"Palo Alto Session\",\r\n\t\"comment\": \"v 0.2 www.vknit.nl\",\r\n\t\"version\": \"3.0\",\r\n\t\"type\": \"REST_ENDPOINT\",\r\n\r\n\t\"vendor_identifier\": \"Palo Alto\",\r\n\t\"path\": \"\/api\",\r\n\t\"login_template\": \"PA_login\",\r\n\t\"override_path\": true\r\n}<\/pre>\n<p>This is pretty straightforward, put in a\u00a0<em>name<\/em>\u00a0and some\u00a0<em>comment<\/em>\u00a0and which vendor the template is for. The\u00a0<em>type<\/em>\u00a0key defines it is a REST API endpoint. Since the API path of Palo alto is always\u00a0<em>&#8220;\/api&#8221;\u00a0<\/em>I&#8217;ve enabled the\u00a0<em>override_path<\/em>\u00a0key and set the\u00a0<em>path<\/em>\u00a0key so this cannot be broken by user input.<\/p>\n<p>The\u00a0<em>login_template<\/em>\u00a0key points to the PA_login template below, the value isn&#8217;t linked to the filename but the template name defined in the\u00a0<em>name<\/em>\u00a0key. To keep things easy you would want to try and keep the filename and template name identical.<\/p>\n<p><strong>PA_login.json<\/strong><\/p>\n<pre>{\r\n\t\"name\": \"PA_login\",\r\n\t\"comment\": \"v 0.2 www.vknit.nl\",\r\n\t\"vendor_identifier\": \"Palo Alto\",\r\n\t\"version\": \"3.0\",\r\n\t\"content_type\": \"text\/xml\",\r\n\t\"quoting\": \"XMLA\",\r\n\t\"type\": \"REST_EVENT\",\r\n\t\"event_type\": [\"SESSION\"],\r\n\t\"steps\": \r\n\t[\r\n\t\t{\r\n\t\t\t\"name\": \"login: remove basic auth headers\",\r\n\t\t\t\"body\": \"${XC:ASSIGN:{H:Authorization}:{S:}}\",\r\n\t\t\t\"operation\": \"NOP\"\r\n\t\t},      \r\n\t\t{\r\n\t\t\t\"name\": \"login: request\",\r\n\t\t\t\"parse\": \"XMLA\",\r\n\t\t\t\"operation\": \"GET\",\r\n\t\t\t\"no_connection_debug\": false,\r\n\t\t\t\"transport\": {\"path\": \"?type=keygen&amp;user=${UT::USERNAME}&amp;password=${UT::PASSWORD}\"}\r\n\t\t},\r\n\t\t{\r\n\t\t\t\"name\": \"login: errorcheck\",\r\n\t\t\t\"operation\": \"CONDITION\",\r\n\t\t\t\"condition\": \r\n\t\t\t{\r\n\t\t\t\t\"statements\": [\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\"op\": \"!=\",\r\n\t\t\t\t\t\"right\": \"${P:A:PARSE{response}{{status}}}\",\r\n\t\t\t\t\t\"left\": \"success\"\r\n\t\t\t\t\t}\r\n\t\t\t\t],\r\n\t\t\t\t\"condition_type\": \"AND\",\r\n\t\t\t\t\"else_eval\": \"${XC:COPY:{S:SESKEY}:{P:PARSE{response}{result}{key}}}\",\r\n\t\t\t\t\"error\": true\r\n\t\t\t}\r\n\t\t}\r\n\t]\r\n}<\/pre>\n<p>Most of the keys on the top are the same as in the PA_session template. I&#8217;ll talk you the keys that matter. The\u00a0<em>quoting<\/em>\u00a0key defines how to handle quoting, Infoblox recommends XMLA which is like a tweaked XML.<\/p>\n<p>More info on XMLA can be found\u00a0<a href=\"https:\/\/docs.infoblox.com\/display\/NAG8\/About+Outbound+Templates#AboutOutboundTemplates-bookmark3404\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">here<\/a>. The way a list is parsed does seem to make more sense using XMLA. A list with only 1 value is converted to a normal value when using XML, XMLA will still have a list with one value which is nice if you are expecting a list in your code.<\/p>\n<p>The\u00a0<em>event_type\u00a0<\/em>key identifies this template as part of the session templates.<\/p>\n<p>Finally, we&#8217;ve come to our first steps! Every step is defined by the keys between the curly brackets and every step must have a\u00a0<em>name<\/em>\u00a0and\u00a0<em>operation<\/em>\u00a0key, these define the identity and describe what kind of action Infoblox has to take in the step.<\/p>\n<p>This also brings us to the difficult part of the outbound API, namespaces.<\/p>\n<p>The following namespaces are available:<\/p>\n<ul>\n<li>C: HTTP cookies. It supports only the DEL operation (primarily for logout purposes), but it can be used as a substitution origin.<\/li>\n<li>Read-Only E: Event data.<\/li>\n<li>H: HTTP headers. Note that the assigned variables are sent in the next HTTP request and it survives the template execution.<\/li>\n<li>Read-Only I: Template instance variables. It is set in the GUI during the creation of the filter and it also includes the endpoint variables that are set in the GUI when creating an endpoint. Note that the instance variables can override endpoint variables if needed.<\/li>\n<li>L: Local template variables. This name space is empty at name space startup and will not survive the template invocation.<\/li>\n<li>Read-Only P: Previous endpoint response values (if parsing is enabled for the response.)<\/li>\n<li>Read-Only R: Previous endpoint request HTTP-specific return values. This includes RC, the HTTP status code of the previous request (Example: 200), BODY, and the body of the response.<\/li>\n<li>Read-Only RH: Previous endpoint request that returned HTTP headers.<\/li>\n<li>S: Endpoint session state variables. These variables survive the template invocation (it is used similarly to L: name space which is not cleared at the end of the template execution.)<\/li>\n<li>Read-Only UT: Read-only utility variables. The UT: name space contains the following read-only variables:<\/li>\n<li>Read-Only XC: Execute a command on the variable. This results in no output.<\/li>\n<\/ul>\n<p>On the namespaces you can use different variable formats, these are the ones listed on the Infoblox outbound API page:<\/p>\n<ul>\n<li>J: The output is in the form of JSON formatted variable. It supports deserializing lists as well as dictionaries. Note that strings will have double quotes prepended\/appended when serialized with J.<\/li>\n<li>j: The output is in the form of JSON formatted variable. It supports deserializing lists as well as dictionaries without the leading or trailing double quotes if the variable is a string.<\/li>\n<li>X: The output is in the form of XML formatted variable. It supports only deserializing lists, such as &lt; item &gt;.. sequence.<\/li>\n<li>U: The output is in the form of URL encoded variable. It supports deserializing lists and the output will be a string (comma separated value.)<\/li>\n<li>A: The output will be a variable, which is as-is.<\/li>\n<li>S: The output is in the form of a string. This is the default for JSON if you do not specify any output format. By default, even numbers will be serialized as JSON strings, meaning the output in a JSON quoted template for a numerical value of 1234 will be &#8220;1234&#8221;.<\/li>\n<li>N: The output is in the form of numbers. For example, if the variable is a boolean, the output will be 0, 1, etc.<\/li>\n<li>B: The output will be a boolean, that is true\/false.<\/li>\n<li>L: The length of the variable. This is supported only for lists (the length of the list) and dictionaries (the number of keys).<\/li>\n<li>T: The type of the variable. This can be one of the following characters: &#8216;S&#8217; for strings, &#8216;L&#8217; for lists, &#8216;D&#8217; for dictionaries, &#8216;B&#8217; for booleans, &#8216;N&#8217; for numbers, and &#8216;O&#8217; for otherwise.<\/li>\n<\/ul>\n<p>In the XC namespace you can use the following functions:<\/p>\n<ul>\n<li>ASSIGN: Assigns the value to the specified variable. Note that the value assigned is in the format I\/S\/B:value for integer, string, and boolean values. Example: ASSIGN:variable:value.<\/li>\n<li>DEBUG: Outputs the specified variable to the debug file (if the log level is not set to DEBUG, this will be ignored), if only the name space is used, the whole name space will be printed.<\/li>\n<li>INC: Increments the variable value. If the value is not a number, NIOS displays an error.<\/li>\n<li>DEC: Increments the variable value. If the value is not a number, NIOS displays an error.<\/li>\n<li>COPY: Copies one variable into another. Example: COPY:destination:source.<\/li>\n<li>DEL: Removes the variable. This supports only the C:, H:, L:, and S: name spaces.<\/li>\n<li>FORMAT: Formats the value according to what is specified after the second &#8216;:&#8217;. Currently, NIOS supports the following formats: U: Converts to uppercase value. L: Converts to lowercase value.<\/li>\n<li>DATE_EPOCH: Assuming that the value is a date expressed in UTC ISO 8601 date format. For example, 2016-03-13T04:50:31Z will be converted to EPOCH seconds.<\/li>\n<li>DATE_ISO8601: Assuming that the value contains EPOCH seconds. The value is converted to a date string expressed in UTC ISO 8601 date format. For example, 1467152565 will be converted to 2016-06-28T22:22:45Z. If the variable contains milliseconds, they will be preserved. For example, 1467152565.57 will be converted to 2016-06-28T22:22:45.570Z.<\/li>\n<li>DATE_STRFTIME: Assuming that the variable contains EPOCH seconds. The value is converted to a date string with the specified format which is passed as the second parameter to the function.<\/li>\n<li>PUNYCODE_TO_UTF-8: Assuming that the variable contains a punycode encoded domain name. The domain name representation will be converted to UTF-8 characters. Note that there might be a failure if the domain name has non-UTF-8 characters in its wire format.<\/li>\n<li>TRUNCATE: Assuming that the variable is a string and it will be truncated as specified. The format is a number (positive or negative) followed by the letter &#8216;l&#8217; or &#8216;r&#8217;. The number is the starting character of the string (positive will be counted from the beginning, negative will be counted from the end) and f\/t defines if the characters are from, after, or to that point. For example, if a string is 12345, then 1f will produce 2345, 1t will produce 1, -1f will produce 5 and -1t will produce 1234.<\/li>\n<\/ul>\n<p>In the P namespace, there is the\u00a0<em>PARSE<\/em>\u00a0function which parses the result from an outbound API call as specified in the\u00a0<i>parse\u00a0<\/i>key.<\/p>\n<p>Information overload? Just keep the lists above as reference when building your own steps.<\/p>\n<p>Back to our own steps.<\/p>\n<pre>{\r\n  \"name\": \"login: remove basic auth headers\",\r\n  \"body\": \"${XC:ASSIGN:{H:Authorization}:{S:}}\",\r\n  \"operation\": \"NOP\"\r\n}<\/pre>\n<p>The\u00a0<em>name<\/em>\u00a0is an identifier but in this case also used as a description field.<\/p>\n<p>The\u00a0<em>operation<\/em>\u00a0key sets the action, in this case, it&#8217;s NOP. which means no further action is required except executing the code in the\u00a0<em>body<\/em>\u00a0key.<\/p>\n<p>Here the XC (eXeCution) namespace is used to assign an empty value to the H (Header) namespace. This results in the authorization headers being removed.<\/p>\n<pre>{\r\n  \"name\": \"login: request\",\r\n  \"parse\": \"XMLA\",\r\n  \"operation\": \"GET\",\r\n  \"no_connection_debug\": false,\r\n  \"transport\": {\"path\": \"?type=keygen&amp;user=${UT::USERNAME}&amp;password=${UT::PASSWORD}\"}\r\n}<\/pre>\n<p>As you could guess by the name, this step sends a login request. The\u00a0<em>parse<\/em>\u00a0key defines the result should be parsed as XMLA. In this step, the\u00a0<em>operation<\/em>\u00a0key is set to GET, this tells Infoblox a GET request should be made. The\u00a0<em>transport<\/em>\u00a0key holds a list with different settings for the request, I append the GET variables to the URI and path fields which are configured in the Infoblox GUI. Because I overrule the user path value in the PA_session template this will be the URI field +\u00a0<em>path<\/em>\u00a0key from the PA_session template +\u00a0<em>path<\/em>\u00a0key in the transport key. The Palo Alto username and password are also entered by the user when adding an API endpoint in the Infoblox interface. These can be gotten from the UT namespace.<\/p>\n<pre>{\r\n  \"name\": \"login: errorcheck\",\r\n  \"operation\": \"CONDITION\",\r\n  \"condition\": \r\n  {\r\n    \"statements\": [\r\n      {\r\n      \"op\": \"!=\",\r\n      \"right\": \"${P:A:PARSE{response}{{status}}}\",\r\n      \"left\": \"success\"\r\n      }\r\n    ],\r\n    \"condition_type\": \"AND\",\r\n    \"else_eval\": \"${XC:COPY:{S:SESKEY}:{P:PARSE{response}{result}{key}}}\",\r\n    \"error\": true\r\n  }\r\n}<\/pre>\n<p>Now it get&#8217;s a bit more exciting, we get to parse the result from the request step. You&#8217;ll notice the\u00a0<em>operation<\/em>\u00a0key being set to condition, simply put this means there will a sort of if-statement to determine what to do. No surprize after this the condition key follows which will define what we are going to compare. \u00a0Every comparison is made in a statement key, you can have multiple statements per condition and use them in a AND\/OR way.<\/p>\n<p>So to determine if our login was a success let&#8217;s parse the XML returned from the Palo Alto in the P namespace.<\/p>\n<p>Palo Alto returns the following XML:<\/p>\n<pre>&lt;response status=\"success\"&gt;\r\n  &lt;result&gt;\r\n    &lt;key&gt;abcdefg&lt;\/key&gt;\r\n  &lt;\/result&gt;\r\n&lt;\/response&gt;<\/pre>\n<p>To retrieve the value of the status variable we use the following code in the template: \u00a0<em>${P:A<img decoding=\"async\" id=\"smileytongue\" class=\"emoticon emoticon-smileytongue\" title=\"Smiley Tongue\" src=\"https:\/\/cixhp49439.i.lithium.com\/i\/smilies\/16x16_smiley-tongue.png\" alt=\"Smiley Tongue\" \/>ARSE{response}{{status}}}<\/em><\/p>\n<p>The $ sign tells Infoblox a variable will follow. \u00a0Then identify the namespace P, followed by an A which means the retrieved value could be anything. Using PARSE we enter the XML, using single curly brackets we can navigate through the XML schema and using double curly brackets we can retrieve the value of\u00a0<em>status<\/em>.<\/p>\n<p>Back to the condition, we check if the value of\u00a0<em>status<\/em>\u00a0is not equal to &#8220;success&#8221;. The reason != is used is because of the following steps Infoblox expects you to take.<\/p>\n<p>If we were to check if\u00a0<em>status<\/em>\u00a0equals &#8220;success&#8221; Infoblox doesn&#8217;t allow us to execute some statement if true and throw an error if false.<\/p>\n<p>So we turn it the other way around if\u00a0<em>status<\/em>\u00a0doesn&#8217;t equal &#8220;success&#8221; thrown the statement is true if the login fails so we throw an error. If the condition is false the login was successful and we put the API key in the S (Session) namespace in a variable called SESKEY.<\/p>\n<p>So now we are logged in, let&#8217;s synchronize some objects.<\/p>\n<p><span style=\"font-size: x-large;\">Action template<\/span><\/p>\n<p>The action template is one JSON file, it uses the same format as the login templates with general settings in the top followed by the different steps where all the action happens.<\/p>\n<p>Let&#8217;s start with the top part:<\/p>\n<p><strong>PA_actions.json (top)<\/strong><\/p>\n<pre>{\r\n\t\"name\": \"Palo Alto actions\",\r\n\t\"comment\": \"v 0.2 www.vknit.nl\",\r\n\t\"version\": \"3.0\",\r\n\t\"type\": \"REST_EVENT\",\r\n\t\"event_type\": [\r\n\t\t\"HOST_ADDRESS_IPV4\"\r\n\t],\r\n\t\"action_type\": \"Palo Alto actions\",\r\n\t\"content_type\": \"text\/xml\",\r\n\t\"vendor_identifier\": \"Palo Alto\",\r\n\t\"quoting\": \"XMLA\",<\/pre>\n<p>Most of the fields are already explained in the login template, so I&#8217;ll just explain the new one. The\u00a0<em>event_type<\/em>\u00a0key holds a list of all the actions the template can perform, currently, the template only provides in actions for ipv4 host address actions.<\/p>\n<p>Here is the complete list of possible values:<\/p>\n<ul>\n<li>RPZ<\/li>\n<li>LEASE<\/li>\n<li>TUNNEL<\/li>\n<li>NETWORK_IPV4<\/li>\n<li>NETWORK_IPV6<\/li>\n<li>RANGE_IPV4<\/li>\n<li>RANGE_IPV6<\/li>\n<li>FIXED_ADDRESS_IPV4<\/li>\n<li>FIXED_ADDRESS_IPV6<\/li>\n<li>HOST_ADDRESS_IPV4<\/li>\n<li>HOST_ADDRESS_IPV6<\/li>\n<li>SESSION<\/li>\n<\/ul>\n<p>With the exception of SESSION, which is used for login templates, these can all be put together in the event_type key to inform Infoblox about the available actions of the template. If you are familiar with Infoblox terms the list above should be pretty self-explanatory.<\/p>\n<p>Onward to the steps!<\/p>\n<p>Remember the way the steps are executed? Top down step-by-step and, unless you tell it otherwise, all steps will be executed. Some steps in the action template create objects and another step will delete an object so it&#8217;s important to have a logical order in your steps.<\/p>\n<p>I&#8217;ve divided the steps into the following groups:<\/p>\n<ol>\n<li>Selection, determine which action to perform.<\/li>\n<li>Action, perform the action.<\/li>\n<li>Commit, perform a commit on the Palo Alto to make the change effective.<\/li>\n<li>Quit, I don&#8217;t think this needs any explaining.<\/li>\n<\/ol>\n<p>When an event triggers the template the following will happen:<\/p>\n<ol>\n<li>From the E (Event) namespace I check what has happened and call the corresponding step. If nothing matches execution is stopped so no action steps are run unintentionally.<\/li>\n<li>The action step runs and if the result is good the commit step will be called. \u00a0If the result is not so good we start checking what went wrong.<\/li>\n<li>The commit runs and if successful the template quits.<\/li>\n<\/ol>\n<p>During the creation of the template, I found debugging and tracing errors to be quite problematic as almost no information ends up in the Infoblox logs. To make it easier for yourself start out with creating a template which communicates using HTTP and throws in some steps with a POST or GET action which contains useful information for your troubleshooting. You can intercept the call with tcpdump or wireshark.<\/p>\n<p>Let&#8217;s look at the different group of steps.<\/p>\n<p><strong>PA_actions.json selection steps<\/strong><\/p>\n<pre>\t\"steps\":\r\n\t[\r\n\t\t{\r\n\t\t\t\"name\": \"Start\",\r\n\t\t\t\"comment\": \"Starting step to use when jumping back to the start.\",\r\n\t\t\t\"operation\": \"SLEEP\",\r\n\t\t\t\"timeout\": \"0\"\r\n\t\t},\r\n\t\t\r\n\t\t{\r\n\t\t\t\"name\": \"Host_add_check\",\r\n\t\t\t\"comment\": \"Check for action.\",\r\n\t\t\t\"operation\": \"CONDITION\",\r\n\t\t\t\"condition\": {\r\n\t\t\t\t\"condition_type\": \"AND\",\r\n\t\t\t\t\"statements\": [\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\"left\": \"${E::event_type}\", \r\n\t\t\t\t\t\t\"op\": \"==\", \r\n\t\t\t\t\t\t\"right\": \"HOST_ADDRESS_IPV4\"\r\n\t\t\t\t\t},\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\"left\": \"${E::operation_type}\", \r\n\t\t\t\t\t\t\"op\": \"==\", \r\n\t\t\t\t\t\t\"right\": \"INSERT\"\r\n\t\t\t\t\t}\r\n\t\t\t\t],\r\n\t\t\t\t\"next\": \"Host_add\"\r\n\t\t\t}\r\n\t\t},\r\n\t\t{\r\n\t\t\t\"name\": \"Host_del_check\",\r\n\t\t\t\"comment\": \"Check for action.\",\r\n\t\t\t\"operation\": \"CONDITION\",\r\n\t\t\t\"condition\": {\r\n\t\t\t\t\"condition_type\": \"AND\",\r\n\t\t\t\t\"statements\": [\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\"left\": \"${E::event_type}\", \r\n\t\t\t\t\t\t\"op\": \"==\", \r\n\t\t\t\t\t\t\"right\": \"HOST_ADDRESS_IPV4\"\r\n\t\t\t\t\t},\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\"left\": \"${E::operation_type}\", \r\n\t\t\t\t\t\t\"op\": \"==\", \r\n\t\t\t\t\t\t\"right\": \"DELETE\"\r\n\t\t\t\t\t}\r\n\t\t\t\t],\r\n\t\t\t\t\"next\": \"Host_del\"\r\n\t\t\t}\r\n\t\t},\r\n\t\t{\r\n\t\t\t\"name\": \"Host_mod_check\",\r\n\t\t\t\"comment\": \"Check for action.\",\r\n\t\t\t\"operation\": \"CONDITION\",\r\n\t\t\t\"condition\": {\r\n\t\t\t\t\"condition_type\": \"AND\",\r\n\t\t\t\t\"statements\": [\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\"left\": \"${E::event_type}\", \r\n\t\t\t\t\t\t\"op\": \"==\", \r\n\t\t\t\t\t\t\"right\": \"HOST_ADDRESS_IPV4\"\r\n\t\t\t\t\t},\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\"left\": \"${E::operation_type}\", \r\n\t\t\t\t\t\t\"op\": \"==\", \r\n\t\t\t\t\t\t\"right\": \"MODIFY\"\r\n\t\t\t\t\t}\r\n\t\t\t\t],\r\n\t\t\t\t\"stop\": true\r\n\t\t\t}\r\n\t\t},\t\r\n\t\t\r\n\t\t{\r\n\t\t\t\"name\": \"Unknown\",\r\n\t\t\t\"comment\": \"DEBUG, not sure what is happening, send out info.\",\r\n\t\t\t\"operation\": \"CONDITION\",\r\n\t\t\t\"condition\": {\r\n\t\t\t\t\"condition_type\": \"AND\",\r\n\t\t\t\t\"statements\": [\r\n\t\t\t\t\t{\"left\": \"1\", \"op\": \"==\", \"right\": \"1\"}\r\n\t\t\t\t],\r\n\t\t\t\t\"next\": \"unknown\"\r\n\t\t\t}\r\n\t\t},\r\n\t\t\r\n\t\t{\r\n\t\t\t\"name\": \"Exit\",\r\n\t\t\t\"comment\": \"Nothing mathched, stop execution.\",\r\n\t\t\t\"operation\": \"CONDITION\",\r\n\t\t\t\"condition\": {\r\n\t\t\t\t\"condition_type\": \"AND\",\r\n\t\t\t\t\"statements\": [\r\n\t\t\t\t\t{\"left\": \"1\", \"op\": \"==\", \"right\": \"1\"}\r\n\t\t\t\t],\r\n\t\t\t\t\"stop\": true\r\n\t\t\t}\r\n\t\t},<\/pre>\n<p>The first step is somewhat like a placeholder when I need to jump back to the start of the template to restart the execution I can point to this step.<\/p>\n<p>The most important variables used are\u00a0<em>E::event_type<\/em>\u00a0and\u00a0<em>E:<img decoding=\"async\" id=\"smileysurprised\" class=\"emoticon emoticon-smileysurprised\" title=\"Smiley Surprised\" src=\"https:\/\/cixhp49439.i.lithium.com\/i\/smilies\/16x16_smiley-surprised.png\" alt=\"Smiley Surprised\" \/>peration_type<\/em>. These hold the type of event, meaning in which part of Infoblox did something happen, and the operation type which holds what has happened. If both variables are matched I jump to the corresponding step.<\/p>\n<p>Using the condition steps I can identify the following events:<\/p>\n<ul>\n<li>Creating an ipv4 host<\/li>\n<li>Deleting an ipv4 host<\/li>\n<li>Modifying an ipv4 host<\/li>\n<\/ul>\n<p>The\u00a0<em>Host_mod_check<\/em>\u00a0step is a bit of a dummy, as you can see the step doesn&#8217;t have a\u00a0<em>next<\/em>\u00a0key pointing it to a next step but has a\u00a0<em>&#8220;stop&#8221;: true<\/em>\u00a0which stops the execution of the template. This is because editing a host in Infoblox triggers an add\/delete action (depending on what you modified) and after that, a modification message indicating the previous actions were a linked together.<\/p>\n<p>The\u00a0<em>Unknown<\/em>\u00a0step is used for debugging, if you plan to use this in production you should remove it. If none of the above steps successfully identify an action I used the\u00a0<em>Unknown<\/em>\u00a0step to jump to an another step and send me some more information. Under normal operation, when the\u00a0<em>Unknown<\/em>\u00a0step is removed the\u00a0<em>Exit<\/em>\u00a0step will execute and the template will stop executing.<\/p>\n<p><strong>PA_actions.json action steps<\/strong><\/p>\n<pre>\t\t{\r\n\t\t\t\"name\": \"Host_add\",\r\n\t\t\t\"comment\": \"Add an object.\",\r\n\t\t\t\"parse\": \"XMLA\",\r\n\t\t\t\"operation\": \"GET\",\r\n\t\t\t\"no_connection_debug\": false,\r\n\t\t\t\"transport\": {\"path\": \"?type=config&amp;action=set&amp;xpath=\/config\/shared\/address\/entry[@name='${E:A:values{host}}_${E:A:values{ipv4addr}}']&amp;element=&lt;ip-netmask&gt;${E:A:values{ipv4addr}}\/32&lt;\/ip-netmask&gt;&amp;key=${S::SESKEY}\"}\r\n\t\t},\r\n\t\t{\r\n\t\t\t\"name\": \"Host_add errorcheck\",\r\n\t\t\t\"comment\": \"Check for errors.\",\r\n\t\t\t\"operation\": \"CONDITION\",\r\n\t\t\t\"condition\": {\r\n\t\t\t\t\"statements\": [\r\n\t\t\t\t\t{\"left\": \"success\", \"op\": \"==\", \"right\": \"${P:A:PARSE{response}{{status}}}\"}\r\n\t\t\t\t],\r\n\t\t\t\t\"condition_type\": \"AND\",\r\n\t\t\t\t\"else_next\": \"commit_pending_check\",\r\n\t\t\t\t\"next\": \"commit\"\r\n\t\t\t}\r\n\t\t},\r\n\t\t\r\n\t\t{\r\n\t\t\t\"name\": \"Host_del\",\r\n\t\t\t\"comment\": \"Delete an object.\",\r\n\t\t\t\"parse\": \"XMLA\",\r\n\t\t\t\"operation\": \"GET\",\r\n\t\t\t\"no_connection_debug\": false,\r\n\t\t\t\"transport\": {\"path\": \"?type=config&amp;action=delete&amp;xpath=\/config\/shared\/address\/entry[@name='${E:A:values{host}}_${E:A:values{ipv4addr}}']&amp;element=&lt;ip-netmask&gt;${E:A:values{ipv4addr}}\/32&lt;\/ip-netmask&gt;&amp;key=${S::SESKEY}\"}\r\n\t\t},\r\n\t\t{\r\n\t\t\t\"name\": \"Host_del errorcheck\",\r\n\t\t\t\"comment\": \"Check for errors.\",\r\n\t\t\t\"operation\": \"CONDITION\",\r\n\t\t\t\"condition\": {\r\n\t\t\t\t\"statements\": [\r\n\t\t\t\t\t{\"left\": \"success\", \"op\": \"==\", \"right\": \"${P:A:PARSE{response}{{status}}}\"}\r\n\t\t\t\t],\r\n\t\t\t\t\"condition_type\": \"AND\",\r\n\t\t\t\t\"else_next\": \"commit_pending_check\",\r\n\t\t\t\t\"next\": \"commit\"\r\n\t\t\t}\r\n\t\t},\r\n\r\n\t\t\r\n\t\t{\r\n\t\t\t\"name\": \"commit\",\r\n\t\t\t\"comment\": \"Start a commit.\",\r\n\t\t\t\"parse\": \"XMLA\",\r\n\t\t\t\"operation\": \"GET\",\r\n\t\t\t\"no_connection_debug\": false,\r\n\t\t\t\"transport\": {\"path\": \"?type=commit&amp;cmd=&lt;commit&gt;&lt;partial&gt;&lt;shared-object&gt;&lt;\/shared-object&gt;&lt;\/partial&gt;&lt;\/commit&gt;&amp;key=${S::SESKEY}\"}\r\n\t\t},\r\n\t\t{\r\n\t\t\t\"name\": \"commit errorcheck\",\r\n\t\t\t\"comment\": \"Check for errors.\",\r\n\t\t\t\"operation\": \"CONDITION\",\r\n\t\t\t\"condition\": {\r\n\t\t\t\t\"statements\": [\r\n\t\t\t\t\t{\"left\": \"${P:A:PARSE{response}{{status}}}\", \"op\": \"==\", \"right\": \"success\"}\r\n\t\t\t\t],\r\n\t\t\t\t\"condition_type\": \"AND\",\r\n\t\t\t\t\"else_next\": \"commit_pending_check\",\r\n\t\t\t\t\"next\": \"Exit\"\r\n\t\t\t}\r\n\t\t},<\/pre>\n<p>Above are the steps to create or delete an object on the Palo Alto. Every step is followed by an error check to make sure the API call was properly handled on the Palo Alto.<\/p>\n<p>The\u00a0<em>Host_add<\/em>\u00a0and\u00a0<em>Host_del<\/em>\u00a0steps are not very complicated. Using the\u00a0<em>transport<\/em>\u00a0key a string is appended to the\u00a0<em>path<\/em>\u00a0variable which contains the GET variables.<\/p>\n<p>In the\u00a0<em>Host_add<\/em>\u00a0step I enter the name of the object using the following code:<\/p>\n<pre><span class=\"\">@name=<\/span><span class=\"st0\">'${E:A:values{host}}_${E:A:values{ipv4addr}}'<\/span><\/pre>\n<p>This results in an object name consisting of the host name and ipv4 address from Infoblox. Because a host object can have multiple ipv4 addresses you get a separate object for every ipv4 address.<\/p>\n<p>Alternatively, it would be possible to use a DNS object in the Palo Alto but that would require the host object to be resolvable. Also determining when the object could be deleted from the Palo Alto would take more effort.<\/p>\n<p>After an API call to the Palo Alto has been made the following step checks for errors. A good result would look like something like the message below:<\/p>\n<pre>&lt;response status=\"success\" code=\"19\"&gt;\r\n\t&lt;result&gt;\r\n\t\t&lt;msg&gt;\r\n\t\t\t&lt;line&gt;Commit job enqueued with jobid 14&lt;\/line&gt;\r\n\t\t&lt;\/msg&gt;\r\n\t\t&lt;job&gt;14&lt;\/job&gt;\r\n\t&lt;\/result&gt;\r\n&lt;\/response&gt;<\/pre>\n<p>The status value in the response object will be matched in the error checking step. In this case, the value is &#8220;success&#8221; and execution will continue normally to the\u00a0<em>commit<\/em>\u00a0step.<\/p>\n<p>The\u00a0<em>commit<\/em>\u00a0step will do an API call starting a partial commit on the Palo Alto. A full commit isn&#8217;t necessary as there are only object changes. If the commit returns a success the next step will be\u00a0<em>Exit<\/em>, I don&#8217;t think the function of that step has to be explained.<\/p>\n<p>But if things don&#8217;t run so smoothly&#8230;:<\/p>\n<pre>&lt;response status=\"error\" code=\"13\"&gt;\r\n\t&lt;msg&gt;\r\n\t\t&lt;line&gt;A commit is pending. Please try again later.&lt;\/line&gt;\r\n\t&lt;\/msg&gt;\r\n&lt;\/response&gt;<\/pre>\n<p>Since the condition in the error checking step will now return false because the status value doesn&#8217;t match to &#8220;success&#8221; the\u00a0<em>else_next<\/em>\u00a0key will be executed instead of the\u00a0<em>next<\/em>\u00a0key.<\/p>\n<p>This brings us to bottom part of the steps, these contain error checking and an exit step.<\/p>\n<pre>\t\t{\r\n\t\t\t\"name\": \"commit_pending_check\",\r\n\t\t\t\"comment\": \"Check if a commit is pending, if so, wait 15 seconds. If not, it is an unknown error.\",\r\n\t\t\t\"operation\": \"CONDITION\",\r\n\t\t\t\"condition\": {\r\n\t\t\t\t\"statements\": [\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\"left\": \"error\", \r\n\t\t\t\t\t\t\"op\": \"==\", \r\n\t\t\t\t\t\t\"right\": \"${P:A:PARSE{response}{{status}}}\"\r\n\t\t\t\t\t},\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\"left\": \"13\", \r\n\t\t\t\t\t\t\"op\": \"==\", \r\n\t\t\t\t\t\t\"right\": \"${P:A:PARSE{response}{{code}}}\"\r\n\t\t\t\t\t}\r\n\t\t\t\t],\r\n\t\t\t\t\"condition_type\": \"AND\",\r\n\t\t\t\t\"next\": \"sleep15\",\r\n\t\t\t\t\"else_error\": true\r\n\t\t\t}\r\n\t\t},\r\n\r\n\t\t{\r\n\t\t\t\"name\": \"unknown\",\r\n\t\t\t\"comment\": \"DEBUG, Don't know what is happening, send information.\",\r\n\t\t\t\"parse\": \"XMLA\",\r\n\t\t\t\"operation\": \"GET\",\r\n\t\t\t\"no_connection_debug\": false,\r\n\t\t\t\"transport\": {\"path\": \"?${E::event_type}&amp;${E::operation_type}\"}\r\n\t\t},\r\n\t\t\r\n\t\t{\r\n\t\t\t\"name\": \"FinExit\",\r\n\t\t\t\"comment\": \"Stop execution of the template.\",\r\n\t\t\t\"operation\": \"CONDITION\",\r\n\t\t\t\"condition\": {\r\n\t\t\t\t\"condition_type\": \"AND\",\r\n\t\t\t\t\"statements\": [\r\n\t\t\t\t\t{\"left\": \"1\", \"op\": \"==\", \"right\": \"1\"}\r\n\t\t\t\t],\r\n\t\t\t\t\"stop\": true\r\n\t\t\t}\r\n\t\t},\r\n\t\t\r\n\t\t{\r\n\t\t\t\"name\": \"sleep15\",\r\n\t\t\t\"comment\": \"Wait 15 seconds and restart execution of the template.\",\r\n\t\t\t\"operation\": \"SLEEP\",\r\n\t\t\t\"timeout\": \"15\"\r\n\t\t},\r\n\t\t{\r\n\t\t\t\"name\": \"restart\",\r\n\t\t\t\"comment\": \"Waited 15 seconds, restart the template.\",\r\n\t\t\t\"operation\": \"CONDITION\",\r\n\t\t\t\"condition\": {\r\n\t\t\t\t\"condition_type\": \"AND\",\r\n\t\t\t\t\"statements\": [\r\n\t\t\t\t\t{\"left\": \"1\", \"op\": \"==\", \"right\": \"1\"}\r\n\t\t\t\t],\r\n\t\t\t\t\"next\": \"Start\"\r\n\t\t\t}\r\n\t\t}\t\t\r\n\t]\r\n}<\/pre>\n<p>The first (and currently only) error checking step is\u00a0<em>commit_pending_check<\/em>.<\/p>\n<p>If a commit is pending on the Palo Alto you cannot make any changes such as creating objects. In PANOS 5.0.6 this isn&#8217;t possible, I believe they changed this behavior in later versions which I will check as soon as I get my hands on a newer version.<\/p>\n<p>The error code related to this specific error is &#8220;13&#8221;, the solution to this error is simple as it will fix itself when the commit is finished. All we have to do is wait so if the condition is true it will jump to the\u00a0<em>sleep15<\/em>\u00a0step which pauses the execution for 15 seconds. After 15 seconds the next step will force a restart of the script execution and jump back to the very first step.<\/p>\n<p>Under normal\/good circumstances no errors are raised and after\u00a0<em>commit<\/em>\u00a0step has finished it will execute the\u00a0<em>Exit<\/em>\u00a0step and execution will we stopped.<\/p>\n<p><span style=\"font-size: xx-large;\">Summary<\/span><\/p>\n<p><span style=\"font-size: x-large;\">Implementation<\/span><\/p>\n<p>Before you run to your production environment and start uploading the templates make sure you have the correct licenses installed. To acquire the Security Ecosystem license you need one of the following products:<a href=\"https:\/\/www.infoblox.com\/products\/dns-firewall\/?utm_source=blox-community&amp;utm_campaign=community-q2&amp;utm_medium=blox-community\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">\u00a0DNS Firewall<\/a>\u00a0or\u00a0<a href=\"https:\/\/www.infoblox.com\/products\/activetrust\/?utm_source=blox-community&amp;utm_campaign=community-q2&amp;utm_medium=blox-community\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Activetrust<\/a>.<\/p>\n<p>The latest version of the templates can be downloaded from\u00a0<a href=\"http:\/\/vknit.nl\/asset\/7e003085\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">http:\/\/vknit.nl\/asset\/7e003085\/<\/a><\/p>\n<p>Use the following steps to upload the templates.<\/p>\n<ol>\n<li>In Infoblox go to the\u00a0<em>System<\/em>\u00a0tab,\u00a0<em>Ecosystem\u00a0<\/em>sub-tab,\u00a0<em>Templates<\/em>\u00a0sub-sub-tab.\n<p><figure id=\"attachment_2245\" aria-describedby=\"caption-attachment-2245\" style=\"width: 399px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2245\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/palo-alto-objects-visual-6-tabs.png\" alt=\"Fig 6. Tabs\" width=\"399\" height=\"110\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-6-tabs.png 399w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-6-tabs-300x83.png 300w\" sizes=\"auto, (max-width: 399px) 100vw, 399px\" \/><figcaption id=\"caption-attachment-2245\" class=\"wp-caption-text\">Fig 6. Tabs<\/figcaption><\/figure><\/li>\n<li>Click on the + button to open the\u00a0<em>Add Template<\/em>\u00a0screen.<\/li>\n<li>Select the template file and click\u00a0<em>Upload<\/em>.<\/li>\n<li>Click the\u00a0<em>Add<\/em>\u00a0button to add the template to the template list.<\/li>\n<li>Repeat steps 2-4 for all template files in this order: PA_login.json, PA_session.json, PA_actions.json.\n<figure id=\"attachment_2246\" aria-describedby=\"caption-attachment-2246\" style=\"width: 399px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2246\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/palo-alto-objects-visual-7-templates-overview.png\" alt=\"Fig 7. Templates overview\" width=\"399\" height=\"69\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-7-templates-overview.png 399w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-7-templates-overview-300x52.png 300w\" sizes=\"auto, (max-width: 399px) 100vw, 399px\" \/><figcaption id=\"caption-attachment-2246\" class=\"wp-caption-text\">Fig 7. Templates overview<\/figcaption><\/figure>\n<p>Fig 7. Templates overview<\/li>\n<\/ol>\n<p>You can now add the Palo Alto in the\u00a0<em>Outbound Endpoint<\/em>\u00a0tab. Click on the + button and select &#8220;<em>Add REST API Endpoint<\/em>&#8220;.<\/p>\n<figure id=\"attachment_2247\" aria-describedby=\"caption-attachment-2247\" style=\"width: 400px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2247\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/palo-alto-objects-visual-8-add-api-endpoint-step-1.png\" alt=\"Fig 8. Add API endpoint step 1\" width=\"400\" height=\"315\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-8-add-api-endpoint-step-1.png 400w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-8-add-api-endpoint-step-1-300x236.png 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-2247\" class=\"wp-caption-text\">Fig 8. Add API endpoint step 1<\/figcaption><\/figure>\n<p>Fig 8. Add API endpoint step 1<\/p>\n<p>Fill in the following fields:<\/p>\n<ul>\n<li>URI: The URI of the endpoint, most of the times this will me http(s):\\\\&lt;mgmt-ip&gt;.<\/li>\n<li>Name: The name of your Palo Alto<\/li>\n<li>Vendor Type: Palo Alto<\/li>\n<li>Auth Username\/Password: This will be used to authenticate on the Palo Alto.<\/li>\n<li>WAPI Integration Username\/Password: This will be used to authenticate on Infoblox if necessary.<\/li>\n<\/ul>\n<figure id=\"attachment_2248\" aria-describedby=\"caption-attachment-2248\" style=\"width: 400px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2248\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/palo-alto-objects-visual-9-add-api-endpoint-step-2.png\" alt=\"Fig 9. Add API endpoint step 2\" width=\"400\" height=\"317\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-9-add-api-endpoint-step-2.png 400w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-9-add-api-endpoint-step-2-300x238.png 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-2248\" class=\"wp-caption-text\">Fig 9. Add API endpoint step 2<\/figcaption><\/figure>\n<p>Fig 9. Add API endpoint step 2<\/p>\n<p>In step 2 change the Timeout to 2 minutes, when clicking the\u00a0<em>Select Template<\/em>\u00a0button it should select the\u00a0<em>Palo Alto Session<\/em>\u00a0template automatically.<\/p>\n<p>Hit\u00a0<em>Save &amp; Close<\/em>\u00a0and your endpoint is configured!<\/p>\n<p>The next step is to add a notification which will determine when an event is triggered. To do this, go to the\u00a0<em>Notifications<\/em>\u00a0tab and click the + button.<\/p>\n<figure id=\"attachment_2249\" aria-describedby=\"caption-attachment-2249\" style=\"width: 400px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2249\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/palo-alto-objects-visual-10-add-notification-step-1.png\" alt=\"Fig 10. Add notification step 1\" width=\"400\" height=\"344\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-10-add-notification-step-1.png 400w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-10-add-notification-step-1-300x258.png 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-2249\" class=\"wp-caption-text\">Fig 10. Add notification step 1<\/figcaption><\/figure>\n<p>Fig 10. Add notification step 1<\/p>\n<p>Enter a name for the notification and select the endpoint you just configured.<\/p>\n<figure id=\"attachment_2250\" aria-describedby=\"caption-attachment-2250\" style=\"width: 400px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2250\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/palo-alto-objects-visual-11-add-notification-step-2.png\" alt=\"Fig 11. Add notification step 2\" width=\"400\" height=\"342\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-11-add-notification-step-2.png 400w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-11-add-notification-step-2-300x257.png 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-2250\" class=\"wp-caption-text\">Fig 11. Add notification step 2<\/figcaption><\/figure>\n<p>Fig 11. Add notification step 2<\/p>\n<p>The current template only supports ipv4 host events so select &#8220;<em>Object Change Host Address IPv4<\/em>&#8221; from the event list.<\/p>\n<p>You can enter different rules which must be matched before an event is triggered. In my setup I only have the default network view, so the configured rule effectively generates an event for every ipv4 host change.<\/p>\n<figure id=\"attachment_2251\" aria-describedby=\"caption-attachment-2251\" style=\"width: 400px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2251\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/palo-alto-objects-visual-12-add-notification-step-3.png\" alt=\"Fig 12. Add notification step 3\" width=\"400\" height=\"345\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-12-add-notification-step-3.png 400w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/palo-alto-objects-visual-12-add-notification-step-3-300x259.png 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-2251\" class=\"wp-caption-text\">Fig 12. Add notification step 3<\/figcaption><\/figure>\n<p>Fig 12. Add notification step 3<\/p>\n<p>In the last step, select the\u00a0<em>Palo Alto actions<\/em>\u00a0template and hit\u00a0<em>Save &amp; Close<\/em>.<\/p>\n<p>If everything is setup right object on your Palo Alto should be created when creating a new ipv4 host in Infoblox. If this is not happening, check your Palo Alto system log and the Infoblox syslog messages.<\/p>\n<p><span style=\"font-size: x-large;\">Limitations<\/span><\/p>\n<p>There are some limitations I&#8217;m aware of (and probably also some I don&#8217;t know about) in version 0.2. When deleting an object from Infoblox be sure to already have removed the object from any policies or groups on the Palo Alto or the delete will fail. Only ipv4 host objects are supported, I plan to add more object types.<\/p>\n<p><span style=\"font-size: xx-large;\">Reference\u00a0<\/span><\/p>\n<ul>\n<li><a href=\"http:\/\/vknit.nl\/asset\/7e003085\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Palo Alto templates for Infoblox Outbound API<\/a><\/li>\n<li><a href=\"https:\/\/docs.infoblox.com\/display\/NAG8\/About+Outbound+Templates\" target=\"_blank\" rel=\"noopener nofollow noreferrer\">Infoblox Outbound API<\/a><\/li>\n<\/ul>\n<p>Thanks for reading, I hope this will be useful. Be sure to let me know if you run into any problems and check\u00a0<a href=\"http:\/\/www.vknit.nl\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">www.vknit.nl<\/a>\u00a0for updates on the templates or more useful posts.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This is a guest blog written by Niels van Kampen, freelance consultant and trainer,\u00a0www.vknit.nl. The opinions expressed here belong to the author. If you have any questions on how Infoblox products work, please contact Infoblox support. Goal As probably any administrator has experienced, administration over multiple systems can be problematic. You have to keep your [&hellip;]<\/p>\n","protected":false},"author":241,"featured_media":2100,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[3],"tags":[131,29,44,14,16,51,31,66,67,60],"class_list":{"0":"post-2231","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-community","8":"tag-api","9":"tag-community","10":"tag-dns-firewall","11":"tag-events","12":"tag-infoblox","13":"tag-ipam","14":"tag-networking","15":"tag-rest-api","16":"tag-tips-tricks","17":"tag-wapi","18":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Creating Palo Alto objects from Infoblox<\/title>\n<meta name=\"description\" content=\"This is a guest blog written by Niels van Kampen, freelance consultant and trainer, www.vknit.nl.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Creating Palo Alto objects from Infoblox\" \/>\n<meta property=\"og:description\" content=\"This is a guest blog written by Niels van Kampen, freelance consultant and trainer, www.vknit.nl.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2017-08-21T19:27:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-06T17:27:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/puzzle.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"660\" \/>\n\t<meta property=\"og:image:height\" content=\"454\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Niels van Kampen\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Niels van Kampen\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"26 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/creating-palo-alto-objects-from-infoblox\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/creating-palo-alto-objects-from-infoblox\\\/\"},\"author\":{\"name\":\"Niels van Kampen\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b22398f54bed4e8d1e168948c8d7ff5b\"},\"headline\":\"Creating Palo Alto objects from Infoblox\",\"datePublished\":\"2017-08-21T19:27:57+00:00\",\"dateModified\":\"2020-05-06T17:27:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/creating-palo-alto-objects-from-infoblox\\\/\"},\"wordCount\":4412,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/creating-palo-alto-objects-from-infoblox\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/puzzle.jpg\",\"keywords\":[\"API\",\"Community\",\"DNS Firewall\",\"Events\",\"Infoblox\",\"IPAM\",\"Networking\",\"REST API\",\"Tips &amp; Tricks\",\"WAPI\"],\"articleSection\":[\"Community\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/creating-palo-alto-objects-from-infoblox\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/creating-palo-alto-objects-from-infoblox\\\/\",\"name\":\"Creating Palo Alto objects from Infoblox\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/creating-palo-alto-objects-from-infoblox\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/creating-palo-alto-objects-from-infoblox\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/puzzle.jpg\",\"datePublished\":\"2017-08-21T19:27:57+00:00\",\"dateModified\":\"2020-05-06T17:27:57+00:00\",\"description\":\"This is a guest blog written by Niels van Kampen, freelance consultant and trainer, www.vknit.nl.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/creating-palo-alto-objects-from-infoblox\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/creating-palo-alto-objects-from-infoblox\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/creating-palo-alto-objects-from-infoblox\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/puzzle.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/puzzle.jpg\",\"width\":660,\"height\":454},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/creating-palo-alto-objects-from-infoblox\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Community\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/community\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Creating Palo Alto objects from Infoblox\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b22398f54bed4e8d1e168948c8d7ff5b\",\"name\":\"Niels van Kampen\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/8cfdcef931dd0563108298a45577575793bc04a82f7babe430f1bfeced050625?s=96&d=blank&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/8cfdcef931dd0563108298a45577575793bc04a82f7babe430f1bfeced050625?s=96&d=blank&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/8cfdcef931dd0563108298a45577575793bc04a82f7babe430f1bfeced050625?s=96&d=blank&r=g\",\"caption\":\"Niels van Kampen\"},\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/niels-van-kampen\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Creating Palo Alto objects from Infoblox","description":"This is a guest blog written by Niels van Kampen, freelance consultant and trainer, www.vknit.nl.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/","og_locale":"en_US","og_type":"article","og_title":"Creating Palo Alto objects from Infoblox","og_description":"This is a guest blog written by Niels van Kampen, freelance consultant and trainer, www.vknit.nl.","og_url":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/","og_site_name":"Infoblox Blog","article_published_time":"2017-08-21T19:27:57+00:00","article_modified_time":"2020-05-06T17:27:57+00:00","og_image":[{"width":660,"height":454,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/puzzle.jpg","type":"image\/jpeg"}],"author":"Niels van Kampen","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Niels van Kampen","Est. reading time":"26 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/"},"author":{"name":"Niels van Kampen","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b22398f54bed4e8d1e168948c8d7ff5b"},"headline":"Creating Palo Alto objects from Infoblox","datePublished":"2017-08-21T19:27:57+00:00","dateModified":"2020-05-06T17:27:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/"},"wordCount":4412,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/puzzle.jpg","keywords":["API","Community","DNS Firewall","Events","Infoblox","IPAM","Networking","REST API","Tips &amp; Tricks","WAPI"],"articleSection":["Community"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/","url":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/","name":"Creating Palo Alto objects from Infoblox","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/puzzle.jpg","datePublished":"2017-08-21T19:27:57+00:00","dateModified":"2020-05-06T17:27:57+00:00","description":"This is a guest blog written by Niels van Kampen, freelance consultant and trainer, www.vknit.nl.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/puzzle.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/puzzle.jpg","width":660,"height":454},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/community\/creating-palo-alto-objects-from-infoblox\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Community","item":"https:\/\/www.infoblox.com\/blog\/category\/community\/"},{"@type":"ListItem","position":3,"name":"Creating Palo Alto objects from Infoblox"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b22398f54bed4e8d1e168948c8d7ff5b","name":"Niels van Kampen","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/8cfdcef931dd0563108298a45577575793bc04a82f7babe430f1bfeced050625?s=96&d=blank&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/8cfdcef931dd0563108298a45577575793bc04a82f7babe430f1bfeced050625?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8cfdcef931dd0563108298a45577575793bc04a82f7babe430f1bfeced050625?s=96&d=blank&r=g","caption":"Niels van Kampen"},"url":"https:\/\/www.infoblox.com\/blog\/author\/niels-van-kampen\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/2231","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/241"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=2231"}],"version-history":[{"count":3,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/2231\/revisions"}],"predecessor-version":[{"id":3712,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/2231\/revisions\/3712"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/2100"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=2231"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=2231"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=2231"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}