PAN-OS OpenConfig PCAP
Table of Contents
2.0
Expand all | Collapse all
PAN-OS OpenConfig PCAP
PAN-OS OpenConfig PCAP model support.
About the PAN-OS PCAP Model
Review the YANG model before using the pan-os pcap
model, familiarize yourself with supported paths.
For more information about taking a custom packet capture on PAN-OS, view the Administrator's Guide. After capturing
youre desired packets, you can then use a network packet analyzer to review
information provided by your capture.
When using the PCAP model, you can use several custom filters defined in
the YANG model such as:
- Source IP Address
- Source Port
- Destination IP Address
- Destination Port
- Network Protocol
You can further filter your results by capping the limit on the PCAP results with
filters such as:
- File Size
- Packet Captured Count
- Duration
For the PCAP model, data_push_url custom endpoint is required. You
can then use the your endpoint to further process conditions and use the other
available config models to manipulate your PAN-OS firewall configuration.
Only one PCAP job can be running at a time. You can define
the time for the capture to run using the leaf nodes provided in the data
model.
Using the PAN-OS PCAP Model
The following query retrieves a packet capture:
gnmic -a IP:9339 -u USER -p PASSWORD --mode ONCE subscribe -e json_ietf --skip-verify --path /pan/pcap/config[filter1_destination_port=5353][filter1_destination_port=67][file_size=100][duration=120]
The following is an example response following a successful packet
capture:
{ "source": "10.0.0.1:9339", "subscription-name": "default-1683208591", "timestamp": 1683208595000000000, "time": "2023-05-04T06:56:35-07:00", "updates": [ { "Path": "/pan/pcap/config", "values": { "/pan/pcap/config": { "code": 200, "message": "dial-in: pcap job is done. file name: <snip>.pcap" } } } ] }