openapi: 3.1.0 info: title: Palo Alto Networks PAN-OS REST API description: >- RESTful API for managing Palo Alto Networks PAN-OS next-generation firewalls. Provides programmatic access to configure firewall policies, objects, network interfaces, and device settings. The API follows a resource-oriented design with standard HTTP methods for CRUD operations. Authentication uses an API key passed in the X-PAN-KEY header, generated from the PAN-OS web interface under Device > Administrators or via the /api/?type=keygen XML API endpoint. All configuration changes are staged in candidate configuration and require a commit to take effect. version: '10.2' contact: name: Palo Alto Networks Developer Support url: https://pan.dev/pan-os/docs/restapi/ license: name: Proprietary url: https://www.paloaltonetworks.com/legal servers: - url: https://{firewall}/restapi/v10.2 description: PAN-OS firewall or Panorama REST API endpoint. variables: firewall: description: Hostname or IP address of the PAN-OS firewall or Panorama appliance. default: firewall.example.com security: - apiKey: [] tags: - name: Commit description: Configuration commit operations. - name: Device description: Device system information and virtual system management. - name: Objects description: >- Address objects, address groups, service objects, service groups, and tag management. - name: Policies description: Security policy rules, NAT rules, and QoS rule management. paths: /Objects/Addresses: get: operationId: listAddresses summary: Palo Alto Networks List Address Objects description: >- Returns all address objects configured on the firewall. Supports filtering by name and location (vsys, device group, or shared). Address objects define IP addresses, IP ranges, IP subnets, or FQDNs used in security policy rules. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query description: Filter by address object name. schema: type: string example: Production Firewall 09 responses: '200': description: Address objects returned successfully. content: application/json: schema: type: object properties: '@status': type: string example: success '@code': type: string example: '19' result: type: object properties: '@total-count': type: string '@count': type: string entry: type: array items: $ref: '#/components/schemas/Address' examples: ListAddresses200Example: summary: Default listAddresses 200 response x-microcks-default: true value: '@status': success '@code': '19' result: '@total-count': example-@total-count '@count': example-@count entry: - '@name': Production Firewall 76 ip-netmask: example-ip-netmask ip-range: example-ip-range ip-wildcard: example-ip-wildcard fqdn: api.acme-systems.org description: Blocked malware incident monitoring configured threat activity violation monitoring threat detected. tag: &id001 member: - example-member_item - example-member_item - '@name': Production Firewall 76 ip-netmask: example-ip-netmask ip-range: example-ip-range ip-wildcard: example-ip-wildcard fqdn: api.acme-systems.org description: Blocked malware incident monitoring configured threat activity violation monitoring threat detected. tag: *id001 '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '500': $ref: '#/components/responses/InternalServerError' x-microcks-operation: delay: 0 dispatcher: FALLBACK post: operationId: createAddress summary: Palo Alto Networks Create Address Object description: >- Creates a new address object on the firewall. The address object can be of type ip-netmask, ip-range, ip-wildcard, or fqdn. The object must have a unique name within the specified location scope. Changes are staged in candidate configuration until committed. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the address object to create. schema: type: string example: Staging Policy 66 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/Address' examples: CreateAddressRequestExample: summary: Default createAddress request x-microcks-default: true value: entry: '@name': Production Firewall 76 ip-netmask: example-ip-netmask ip-range: example-ip-range ip-wildcard: example-ip-wildcard fqdn: api.acme-systems.org description: Blocked malware incident monitoring configured threat activity violation monitoring threat detected. tag: *id001 responses: '200': description: Address object created successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: CreateAddress200Example: summary: Default createAddress 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '409': description: Address object with the specified name already exists. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' examples: CreateAddress409Example: summary: Default createAddress 409 response x-microcks-default: true value: '@status': running '@code': example-@code msg: &id002 line: example-line x-microcks-operation: delay: 0 dispatcher: FALLBACK put: operationId: updateAddress summary: Palo Alto Networks Update Address Object description: >- Updates an existing address object identified by name. The entire object definition must be provided in the request body as this performs a full replacement of the address object configuration. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the address object to update. schema: type: string example: Branch Agent 74 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/Address' examples: UpdateAddressRequestExample: summary: Default updateAddress request x-microcks-default: true value: entry: '@name': Production Firewall 76 ip-netmask: example-ip-netmask ip-range: example-ip-range ip-wildcard: example-ip-wildcard fqdn: api.acme-systems.org description: Blocked malware incident monitoring configured threat activity violation monitoring threat detected. tag: *id001 responses: '200': description: Address object updated successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: UpdateAddress200Example: summary: Default updateAddress 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK delete: operationId: deleteAddress summary: Palo Alto Networks Delete Address Object description: >- Deletes an address object identified by name. The object cannot be deleted if it is referenced by an active security policy rule or address group. Remove all references before deleting. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the address object to delete. schema: type: string example: Production Agent 38 responses: '200': description: Address object deleted successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: DeleteAddress200Example: summary: Default deleteAddress 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '404': $ref: '#/components/responses/NotFound' '409': description: Object is referenced by other configuration elements. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' examples: DeleteAddress409Example: summary: Default deleteAddress 409 response x-microcks-default: true value: '@status': running '@code': example-@code msg: *id002 x-microcks-operation: delay: 0 dispatcher: FALLBACK /Objects/AddressGroups: get: operationId: listAddressGroups summary: Palo Alto Networks List Address Groups description: >- Returns all address groups configured on the firewall. Address groups contain address objects or other address groups and can be static (explicit member list) or dynamic (tag-based membership criteria). tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query description: Filter by address group name. schema: type: string example: Corporate Sensor 37 responses: '200': description: Address groups returned successfully. content: application/json: schema: type: object properties: '@status': type: string '@code': type: string result: type: object properties: '@total-count': type: string '@count': type: string entry: type: array items: $ref: '#/components/schemas/AddressGroup' examples: ListAddressGroups200Example: summary: Default listAddressGroups 200 response x-microcks-default: true value: '@status': enabled '@code': example-@code result: '@total-count': example-@total-count '@count': example-@count entry: - '@name': Branch Agent 57 static: &id003 member: - example-member_item dynamic: &id004 filter: example-filter description: Policy alert detected violation network network violation suspicious on malware network. tag: &id005 member: - example-member_item - example-member_item - '@name': Branch Agent 57 static: *id003 dynamic: *id004 description: Policy alert detected violation network network violation suspicious on malware network. tag: *id005 '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK post: operationId: createAddressGroup summary: Palo Alto Networks Create Address Group description: >- Creates a new address group. The group can be static with an explicit list of member address objects, or dynamic with a tag-based filter expression that automatically includes matching address objects. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the address group to create. schema: type: string example: Primary Policy 55 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/AddressGroup' examples: CreateAddressGroupRequestExample: summary: Default createAddressGroup request x-microcks-default: true value: entry: '@name': Branch Agent 57 static: *id003 dynamic: *id004 description: Policy alert detected violation network network violation suspicious on malware network. tag: *id005 responses: '200': description: Address group created successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: CreateAddressGroup200Example: summary: Default createAddressGroup 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '409': description: Address group with the specified name already exists. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' examples: CreateAddressGroup409Example: summary: Default createAddressGroup 409 response x-microcks-default: true value: '@status': running '@code': example-@code msg: *id002 x-microcks-operation: delay: 0 dispatcher: FALLBACK put: operationId: updateAddressGroup summary: Palo Alto Networks Update Address Group description: >- Updates an existing address group identified by name. The entire group definition must be provided as this performs a full replacement. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the address group to update. schema: type: string example: Branch Agent 78 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/AddressGroup' examples: UpdateAddressGroupRequestExample: summary: Default updateAddressGroup request x-microcks-default: true value: entry: '@name': Branch Agent 57 static: *id003 dynamic: *id004 description: Policy alert detected violation network network violation suspicious on malware network. tag: *id005 responses: '200': description: Address group updated successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: UpdateAddressGroup200Example: summary: Default updateAddressGroup 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK delete: operationId: deleteAddressGroup summary: Palo Alto Networks Delete Address Group description: Deletes an address group identified by name. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the address group to delete. schema: type: string example: Primary Gateway 21 responses: '200': description: Address group deleted successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: DeleteAddressGroup200Example: summary: Default deleteAddressGroup 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK /Objects/Services: get: operationId: listServices summary: Palo Alto Networks List Service Objects description: >- Returns all service objects configured on the firewall. Service objects define TCP or UDP protocol and port combinations used in security policy rules to identify specific network services. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query description: Filter by service object name. schema: type: string example: Primary Gateway 90 responses: '200': description: Service objects returned successfully. content: application/json: schema: type: object properties: '@status': type: string '@code': type: string result: type: object properties: '@total-count': type: string '@count': type: string entry: type: array items: $ref: '#/components/schemas/Service' examples: ListServices200Example: summary: Default listServices 200 response x-microcks-default: true value: '@status': active '@code': example-@code result: '@total-count': example-@total-count '@count': example-@count entry: - '@name': Staging Firewall 44 protocol: &id006 tcp: port: example-port source-port: example-source-port udp: port: example-port source-port: example-source-port description: On endpoint traffic rule alert blocked. tag: &id007 member: - example-member_item - example-member_item - '@name': Staging Firewall 44 protocol: *id006 description: On endpoint traffic rule alert blocked. tag: *id007 '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK post: operationId: createService summary: Palo Alto Networks Create Service Object description: >- Creates a new service object defining a TCP or UDP protocol with destination port or port range. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the service object to create. schema: type: string example: Corporate Sensor 55 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/Service' examples: CreateServiceRequestExample: summary: Default createService request x-microcks-default: true value: entry: '@name': Staging Firewall 44 protocol: *id006 description: On endpoint traffic rule alert blocked. tag: *id007 responses: '200': description: Service object created successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: CreateService200Example: summary: Default createService 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK put: operationId: updateService summary: Palo Alto Networks Update Service Object description: Updates an existing service object identified by name. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the service object to update. schema: type: string example: Branch Gateway 83 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/Service' examples: UpdateServiceRequestExample: summary: Default updateService request x-microcks-default: true value: entry: '@name': Staging Firewall 44 protocol: *id006 description: On endpoint traffic rule alert blocked. tag: *id007 responses: '200': description: Service object updated successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: UpdateService200Example: summary: Default updateService 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK delete: operationId: deleteService summary: Palo Alto Networks Delete Service Object description: Deletes a service object identified by name. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the service object to delete. schema: type: string example: Staging Agent 83 responses: '200': description: Service object deleted successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: DeleteService200Example: summary: Default deleteService 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK /Objects/ServiceGroups: get: operationId: listServiceGroups summary: Palo Alto Networks List Service Groups description: >- Returns all service groups configured on the firewall. Service groups aggregate multiple service objects for use in security policy rules. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query description: Filter by service group name. schema: type: string example: Corporate Sensor 06 responses: '200': description: Service groups returned successfully. content: application/json: schema: type: object properties: '@status': type: string '@code': type: string result: type: object properties: '@total-count': type: string '@count': type: string entry: type: array items: $ref: '#/components/schemas/ServiceGroup' examples: ListServiceGroups200Example: summary: Default listServiceGroups 200 response x-microcks-default: true value: '@status': active '@code': example-@code result: '@total-count': example-@total-count '@count': example-@count entry: - '@name': Primary Policy 84 members: &id008 member: - example-member_item - example-member_item tag: &id009 member: - example-member_item - '@name': Primary Policy 84 members: *id008 tag: *id009 '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK post: operationId: createServiceGroup summary: Palo Alto Networks Create Service Group description: Creates a new service group containing one or more service objects. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the service group to create. schema: type: string example: Staging Policy 14 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/ServiceGroup' examples: CreateServiceGroupRequestExample: summary: Default createServiceGroup request x-microcks-default: true value: entry: '@name': Primary Policy 84 members: *id008 tag: *id009 responses: '200': description: Service group created successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: CreateServiceGroup200Example: summary: Default createServiceGroup 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' x-microcks-operation: delay: 0 dispatcher: FALLBACK put: operationId: updateServiceGroup summary: Palo Alto Networks Update Service Group description: Updates an existing service group identified by name. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the service group to update. schema: type: string example: Staging Firewall 58 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/ServiceGroup' examples: UpdateServiceGroupRequestExample: summary: Default updateServiceGroup request x-microcks-default: true value: entry: '@name': Primary Policy 84 members: *id008 tag: *id009 responses: '200': description: Service group updated successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: UpdateServiceGroup200Example: summary: Default updateServiceGroup 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK delete: operationId: deleteServiceGroup summary: Palo Alto Networks Delete Service Group description: Deletes a service group identified by name. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the service group to delete. schema: type: string example: Staging Agent 80 responses: '200': description: Service group deleted successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: DeleteServiceGroup200Example: summary: Default deleteServiceGroup 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK /Objects/Tags: get: operationId: listTags summary: Palo Alto Networks List Tags description: >- Returns all tag objects configured on the firewall. Tags are used to categorize address objects and other configuration elements for use in dynamic address groups and policy filtering. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query description: Filter by tag name. schema: type: string example: Staging Agent 58 responses: '200': description: Tags returned successfully. content: application/json: schema: type: object properties: '@status': type: string '@code': type: string result: type: object properties: '@total-count': type: string '@count': type: string entry: type: array items: $ref: '#/components/schemas/Tag' examples: ListTags200Example: summary: Default listTags 200 response x-microcks-default: true value: '@status': running '@code': example-@code result: '@total-count': example-@total-count '@count': example-@count entry: - '@name': Production Policy 97 color: example-color comments: On alert endpoint firewall activity detected suspicious. - '@name': Production Policy 97 color: example-color comments: On alert endpoint firewall activity detected suspicious. '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK post: operationId: createTag summary: Palo Alto Networks Create Tag description: >- Creates a new tag object with optional color and comment. Tags are applied to address objects, security rules, and other elements to enable dynamic grouping and filtering. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the tag to create. schema: type: string example: Primary Agent 93 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/Tag' examples: CreateTagRequestExample: summary: Default createTag request x-microcks-default: true value: entry: '@name': Production Policy 97 color: example-color comments: On alert endpoint firewall activity detected suspicious. responses: '200': description: Tag created successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: CreateTag200Example: summary: Default createTag 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' x-microcks-operation: delay: 0 dispatcher: FALLBACK put: operationId: updateTag summary: Palo Alto Networks Update Tag description: Updates an existing tag identified by name. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the tag to update. schema: type: string example: Primary Sensor 38 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/Tag' examples: UpdateTagRequestExample: summary: Default updateTag request x-microcks-default: true value: entry: '@name': Production Policy 97 color: example-color comments: On alert endpoint firewall activity detected suspicious. responses: '200': description: Tag updated successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: UpdateTag200Example: summary: Default updateTag 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK delete: operationId: deleteTag summary: Palo Alto Networks Delete Tag description: Deletes a tag identified by name. tags: - Objects parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the tag to delete. schema: type: string example: Staging Policy 49 responses: '200': description: Tag deleted successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: DeleteTag200Example: summary: Default deleteTag 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK /Policies/SecurityRules: get: operationId: listSecurityRules summary: Palo Alto Networks List Security Rules description: >- Returns all security policy rules configured in the specified rulebase. Security rules control traffic flow between zones and define actions (allow, deny, drop, reset) based on source, destination, application, service, and user criteria. tags: - Policies parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query description: Filter by security rule name. schema: type: string example: Staging Firewall 77 responses: '200': description: Security rules returned successfully. content: application/json: schema: type: object properties: '@status': type: string '@code': type: string result: type: object properties: '@total-count': type: string '@count': type: string entry: type: array items: $ref: '#/components/schemas/SecurityRule' examples: ListSecurityRules200Example: summary: Default listSecurityRules 200 response x-microcks-default: true value: '@status': enabled '@code': example-@code result: '@total-count': example-@total-count '@count': example-@count entry: - '@name': Branch Policy 11 from: &id010 member: - example-member_item - example-member_item to: &id011 member: - example-member_item source: &id012 member: - example-member_item - example-member_item destination: &id013 member: - example-member_item - example-member_item source-user: &id014 member: - example-member_item application: &id015 member: - example-member_item service: &id016 member: - example-member_item - example-member_item category: &id017 member: - example-member_item - example-member_item action: drop log-start: 'no' log-end: 'yes' log-setting: example-log-setting profile-setting: &id018 group: member: - example-member_item - example-member_item disabled: 'no' description: Endpoint rule network investigation incident blocked detected applied investigation suspicious rule traffic. tag: &id019 member: - example-member_item '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK post: operationId: createSecurityRule summary: Palo Alto Networks Create Security Rule description: >- Creates a new security policy rule. The rule is added to the rulebase in the specified position. Define source and destination zones, addresses, applications, services, and the action to take on matching traffic. tags: - Policies parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the security rule to create. schema: type: string example: Production Gateway 63 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/SecurityRule' examples: CreateSecurityRuleRequestExample: summary: Default createSecurityRule request x-microcks-default: true value: entry: '@name': Branch Policy 11 from: *id010 to: *id011 source: *id012 destination: *id013 source-user: *id014 application: *id015 service: *id016 category: *id017 action: drop log-start: 'no' log-end: 'yes' log-setting: example-log-setting profile-setting: *id018 disabled: 'no' description: Endpoint rule network investigation incident blocked detected applied investigation suspicious rule traffic. tag: *id019 responses: '200': description: Security rule created successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: CreateSecurityRule200Example: summary: Default createSecurityRule 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK put: operationId: updateSecurityRule summary: Palo Alto Networks Update Security Rule description: >- Updates an existing security rule identified by name. The entire rule definition must be provided as this performs a full replacement. tags: - Policies parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the security rule to update. schema: type: string example: Corporate Firewall 56 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/SecurityRule' examples: UpdateSecurityRuleRequestExample: summary: Default updateSecurityRule request x-microcks-default: true value: entry: '@name': Branch Policy 11 from: *id010 to: *id011 source: *id012 destination: *id013 source-user: *id014 application: *id015 service: *id016 category: *id017 action: drop log-start: 'no' log-end: 'yes' log-setting: example-log-setting profile-setting: *id018 disabled: 'no' description: Endpoint rule network investigation incident blocked detected applied investigation suspicious rule traffic. tag: *id019 responses: '200': description: Security rule updated successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: UpdateSecurityRule200Example: summary: Default updateSecurityRule 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK delete: operationId: deleteSecurityRule summary: Palo Alto Networks Delete Security Rule description: Deletes a security policy rule identified by name. tags: - Policies parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the security rule to delete. schema: type: string example: Branch Policy 56 responses: '200': description: Security rule deleted successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: DeleteSecurityRule200Example: summary: Default deleteSecurityRule 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK /Policies/NATRules: get: operationId: listNatRules summary: Palo Alto Networks List NAT Rules description: >- Returns all NAT policy rules configured on the firewall. NAT rules define source NAT (SNAT), destination NAT (DNAT), and bidirectional translation policies applied to matching traffic flows. tags: - Policies parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query description: Filter by NAT rule name. schema: type: string example: Branch Policy 56 responses: '200': description: NAT rules returned successfully. content: application/json: schema: type: object properties: '@status': type: string '@code': type: string result: type: object properties: '@total-count': type: string '@count': type: string entry: type: array items: $ref: '#/components/schemas/NatRule' examples: ListNatRules200Example: summary: Default listNatRules 200 response x-microcks-default: true value: '@status': running '@code': example-@code result: '@total-count': example-@total-count '@count': example-@count entry: - '@name': Corporate Policy 48 from: &id020 member: - example-member_item - example-member_item to: &id021 member: - example-member_item - example-member_item source: &id022 member: - example-member_item destination: &id023 member: - example-member_item - example-member_item service: example-service source-translation: &id024 dynamic-ip-and-port: interface-address: interface: example-interface translated-address: member: - example-member_item - example-member_item static-ip: translated-address: example-translated-address bi-directional: 'yes' destination-translation: &id025 translated-address: example-translated-address translated-port: example-translated-port nat-type: nat64 disabled: 'yes' description: Suspicious endpoint network monitoring suspicious threat suspicious on Security. tag: &id026 member: - example-member_item '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK post: operationId: createNatRule summary: Palo Alto Networks Create NAT Rule description: >- Creates a new NAT policy rule. Define source and destination zones, addresses, services, and the translation type (static-ip, dynamic-ip, dynamic-ip-and-port) and parameters. tags: - Policies parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the NAT rule to create. schema: type: string example: Staging Firewall 40 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/NatRule' examples: CreateNatRuleRequestExample: summary: Default createNatRule request x-microcks-default: true value: entry: '@name': Corporate Policy 48 from: *id020 to: *id021 source: *id022 destination: *id023 service: example-service source-translation: *id024 destination-translation: *id025 nat-type: nat64 disabled: 'yes' description: Suspicious endpoint network monitoring suspicious threat suspicious on Security. tag: *id026 responses: '200': description: NAT rule created successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: CreateNatRule200Example: summary: Default createNatRule 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK put: operationId: updateNatRule summary: Palo Alto Networks Update NAT Rule description: Updates an existing NAT rule identified by name. tags: - Policies parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the NAT rule to update. schema: type: string example: Production Agent 11 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/NatRule' examples: UpdateNatRuleRequestExample: summary: Default updateNatRule request x-microcks-default: true value: entry: '@name': Corporate Policy 48 from: *id020 to: *id021 source: *id022 destination: *id023 service: example-service source-translation: *id024 destination-translation: *id025 nat-type: nat64 disabled: 'yes' description: Suspicious endpoint network monitoring suspicious threat suspicious on Security. tag: *id026 responses: '200': description: NAT rule updated successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: UpdateNatRule200Example: summary: Default updateNatRule 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK delete: operationId: deleteNatRule summary: Palo Alto Networks Delete NAT Rule description: Deletes a NAT policy rule identified by name. tags: - Policies parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the NAT rule to delete. schema: type: string example: Production Firewall 72 responses: '200': description: NAT rule deleted successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: DeleteNatRule200Example: summary: Default deleteNatRule 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK /Policies/QoSRules: get: operationId: listQosRules summary: Palo Alto Networks List QoS Rules description: >- Returns all QoS policy rules configured on the firewall. QoS rules classify and prioritize network traffic to ensure bandwidth allocation and low-latency delivery for critical applications. tags: - Policies parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query description: Filter by QoS rule name. schema: type: string example: Primary Firewall 08 responses: '200': description: QoS rules returned successfully. content: application/json: schema: type: object properties: '@status': type: string '@code': type: string result: type: object properties: '@total-count': type: string '@count': type: string entry: type: array items: $ref: '#/components/schemas/QosRule' examples: ListQosRules200Example: summary: Default listQosRules 200 response x-microcks-default: true value: '@status': running '@code': example-@code result: '@total-count': example-@total-count '@count': example-@count entry: - '@name': Staging Policy 36 from: &id027 member: - example-member_item to: &id028 member: - example-member_item source: &id029 member: - example-member_item destination: &id030 member: - example-member_item application: &id031 member: - example-member_item - example-member_item service: &id032 member: - example-member_item dscp-tos: &id033 any: {} action: &id034 class: example-class disabled: 'no' description: Rule blocked Security firewall policy applied suspicious detected firewall endpoint network investigation. '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK post: operationId: createQosRule summary: Palo Alto Networks Create QoS Rule description: >- Creates a new QoS policy rule that classifies matching traffic into a QoS class for bandwidth management and prioritization. tags: - Policies parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the QoS rule to create. schema: type: string example: Corporate Policy 81 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/QosRule' examples: CreateQosRuleRequestExample: summary: Default createQosRule request x-microcks-default: true value: entry: '@name': Staging Policy 36 from: *id027 to: *id028 source: *id029 destination: *id030 application: *id031 service: *id032 dscp-tos: *id033 action: *id034 disabled: 'no' description: Rule blocked Security firewall policy applied suspicious detected firewall endpoint network investigation. responses: '200': description: QoS rule created successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: CreateQosRule200Example: summary: Default createQosRule 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' x-microcks-operation: delay: 0 dispatcher: FALLBACK put: operationId: updateQosRule summary: Palo Alto Networks Update QoS Rule description: Updates an existing QoS rule identified by name. tags: - Policies parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the QoS rule to update. schema: type: string example: Corporate Gateway 58 requestBody: required: true content: application/json: schema: type: object properties: entry: $ref: '#/components/schemas/QosRule' examples: UpdateQosRuleRequestExample: summary: Default updateQosRule request x-microcks-default: true value: entry: '@name': Staging Policy 36 from: *id027 to: *id028 source: *id029 destination: *id030 application: *id031 service: *id032 dscp-tos: *id033 action: *id034 disabled: 'no' description: Rule blocked Security firewall policy applied suspicious detected firewall endpoint network investigation. responses: '200': description: QoS rule updated successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: UpdateQosRule200Example: summary: Default updateQosRule 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK delete: operationId: deleteQosRule summary: Palo Alto Networks Delete QoS Rule description: Deletes a QoS policy rule identified by name. tags: - Policies parameters: - $ref: '#/components/parameters/location' - $ref: '#/components/parameters/vsys' - name: name in: query required: true description: Name of the QoS rule to delete. schema: type: string example: Production Agent 13 responses: '200': description: QoS rule deleted successfully. content: application/json: schema: $ref: '#/components/schemas/PanOsResponse' examples: DeleteQosRule200Example: summary: Default deleteQosRule 200 response x-microcks-default: true value: '@status': error '@code': example-@code msg: example-msg '400': $ref: '#/components/responses/BadRequest' '404': $ref: '#/components/responses/NotFound' x-microcks-operation: delay: 0 dispatcher: FALLBACK /Commit: get: operationId: getCommitStatus summary: Palo Alto Networks Get Commit Job Status description: >- Returns the status of a commit operation by job ID. Poll this endpoint to monitor the progress of a commit job initiated via POST /Commit. tags: - Commit parameters: - name: jobid in: query required: true description: Job ID returned by the commit operation. schema: type: string example: '327342' responses: '200': description: Commit job status returned. content: application/json: schema: $ref: '#/components/schemas/CommitStatus' examples: GetCommitStatus200Example: summary: Default getCommitStatus 200 response x-microcks-default: true value: '@status': active '@code': example-@code result: &id036 job: id: example-id type: advanced status: WARN result: OK progress: example-progress details: line: example-line '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK post: operationId: commitConfiguration summary: Palo Alto Networks Commit Configuration description: >- Commits the current candidate configuration to the running configuration on the firewall. This operation applies all staged configuration changes. Returns a job ID that can be polled to track commit progress. Optionally specify a description and partial commit criteria (admin, device groups, vsys). tags: - Commit requestBody: required: false content: application/json: schema: type: object properties: cmd: type: object properties: commit: type: object properties: description: type: string description: Description for this commit. partial: type: object description: Partial commit options. properties: admin: type: object properties: member: type: array items: type: string description: Admin accounts to include in partial commit. examples: CommitConfigurationRequestExample: summary: Default commitConfiguration request x-microcks-default: true value: cmd: commit: description: Incident violation policy alert monitoring investigation rule policy on incident. partial: admin: member: - example-member_item - example-member_item responses: '200': description: Commit job initiated successfully. content: application/json: schema: type: object properties: '@status': type: string '@code': type: string result: type: object properties: msg: type: string job: type: string description: Job ID to poll for commit status. examples: CommitConfiguration200Example: summary: Default commitConfiguration 200 response x-microcks-default: true value: '@status': enabled '@code': example-@code result: msg: example-msg job: example-job '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK /Device/VirtualSystems: get: operationId: listVirtualSystems summary: Palo Alto Networks List Virtual Systems description: >- Returns all virtual systems (vsys) configured on the firewall. Virtual systems provide multi-tenancy on a single physical or virtual firewall appliance, each with its own security policy, interfaces, and zones. tags: - Device responses: '200': description: Virtual systems returned successfully. content: application/json: schema: type: object properties: '@status': type: string '@code': type: string result: type: object properties: '@total-count': type: string '@count': type: string entry: type: array items: $ref: '#/components/schemas/VirtualSystem' examples: ListVirtualSystems200Example: summary: Default listVirtualSystems 200 response x-microcks-default: true value: '@status': running '@code': example-@code result: '@total-count': example-@total-count '@count': example-@count entry: - '@name': Corporate Firewall 67 display-name: Corporate Policy 13 import: &id035 network: interface: member: - example-member_item - example-member_item '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' x-microcks-operation: delay: 0 dispatcher: FALLBACK components: securitySchemes: apiKey: type: apiKey in: header name: X-PAN-KEY description: >- PAN-OS API key generated via the /api/?type=keygen endpoint or from the web interface under Device > Administrators. The key is tied to an administrator account and inherits its role-based permissions. parameters: location: name: location in: query description: Configuration location scope. schema: type: string enum: - vsys - device-group - shared default: vsys vsys: name: vsys in: query description: Virtual system name when location is vsys. schema: type: string default: vsys1 responses: BadRequest: description: Malformed request or invalid parameters. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' Unauthorized: description: Missing or invalid API key. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' NotFound: description: The requested resource was not found. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' InternalServerError: description: An internal server error occurred. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' schemas: Address: type: object description: >- An address object representing an IP address, subnet, range, wildcard mask, or FQDN used in security policy rules. properties: '@name': type: string description: Unique name of the address object. example: Production Firewall 76 ip-netmask: type: string description: IP address with CIDR netmask (e.g., 10.0.0.0/24). example: example-ip-netmask ip-range: type: string description: IP address range (e.g., 10.0.0.1-10.0.0.254). example: example-ip-range ip-wildcard: type: string description: IP wildcard mask (e.g., 10.20.1.0/0.0.248.255). example: example-ip-wildcard fqdn: type: string description: Fully qualified domain name (e.g., www.example.com). example: api.acme-systems.org description: type: string description: Description of the address object. example: Blocked malware incident monitoring configured threat activity violation monitoring threat detected. tag: type: object properties: member: type: array items: type: string description: Tags assigned to this address object. example: - example-member_item example: *id001 AddressGroup: type: object description: >- A group of address objects. Can be static with an explicit member list or dynamic with a tag-based filter expression. properties: '@name': type: string description: Unique name of the address group. example: Branch Agent 57 static: type: object description: Static address group with explicit members. properties: member: type: array items: type: string description: List of address object names. example: - example-member_item - example-member_item example: *id003 dynamic: type: object description: Dynamic address group with tag-based filter. properties: filter: type: string description: >- Tag-based filter expression (e.g., "'web-servers' and 'production'"). example: example-filter example: *id004 description: type: string example: Policy alert detected violation network network violation suspicious on malware network. tag: type: object properties: member: type: array items: type: string example: - example-member_item - example-member_item example: *id005 Service: type: object description: >- A service object defining a TCP or UDP protocol with destination port or port range. properties: '@name': type: string description: Unique name of the service object. example: Staging Firewall 44 protocol: type: object properties: tcp: type: object properties: port: type: string description: TCP destination port or range (e.g., 80, 8080-8090). example: example-port source-port: type: string description: TCP source port or range. example: example-source-port example: port: example-port source-port: example-source-port udp: type: object properties: port: type: string description: UDP destination port or range (e.g., 53, 500-502). example: example-port source-port: type: string description: UDP source port or range. example: example-source-port example: port: example-port source-port: example-source-port example: *id006 description: type: string example: On endpoint traffic rule alert blocked. tag: type: object properties: member: type: array items: type: string example: - example-member_item - example-member_item example: *id007 ServiceGroup: type: object description: A group of service objects for use in security policy rules. properties: '@name': type: string description: Unique name of the service group. example: Primary Policy 84 members: type: object properties: member: type: array items: type: string description: List of service object names. example: - example-member_item - example-member_item example: *id008 tag: type: object properties: member: type: array items: type: string example: - example-member_item example: *id009 Tag: type: object description: A tag for categorizing configuration objects. properties: '@name': type: string description: Unique name of the tag. example: Production Policy 97 color: type: string description: Display color for the tag (e.g., color1, color2). example: example-color comments: type: string description: Description or comments for the tag. example: On alert endpoint firewall activity detected suspicious. SecurityRule: type: object description: >- A security policy rule controlling traffic flow between zones based on source, destination, application, service, and user criteria. properties: '@name': type: string description: Unique name of the security rule. example: Branch Policy 11 from: type: object properties: member: type: array items: type: string description: Source zones (e.g., trust, untrust). example: - example-member_item example: *id010 to: type: object properties: member: type: array items: type: string description: Destination zones. example: - example-member_item - example-member_item example: *id011 source: type: object properties: member: type: array items: type: string description: Source addresses or address groups (use "any" for all). example: - example-member_item - example-member_item example: *id012 destination: type: object properties: member: type: array items: type: string description: Destination addresses or address groups. example: - example-member_item example: *id013 source-user: type: object properties: member: type: array items: type: string description: Source users or user groups (use "any" for all). example: - example-member_item example: *id014 application: type: object properties: member: type: array items: type: string description: Application names (e.g., ssl, web-browsing, any). example: - example-member_item example: *id015 service: type: object properties: member: type: array items: type: string description: >- Service objects or application-default to use application native ports. example: - example-member_item example: *id016 category: type: object properties: member: type: array items: type: string description: URL categories. example: - example-member_item - example-member_item example: *id017 action: type: string enum: - allow - deny - drop - reset-client - reset-server - reset-both description: Action to take on matching traffic. example: drop log-start: type: string enum: - 'yes' - 'no' description: Log at session start. example: 'no' log-end: type: string enum: - 'yes' - 'no' description: Log at session end. example: 'yes' log-setting: type: string description: Log forwarding profile name. example: example-log-setting profile-setting: type: object description: Security profile group or individual profiles. properties: group: type: object properties: member: type: array items: type: string example: - example-member_item - example-member_item example: member: - example-member_item example: *id018 disabled: type: string enum: - 'yes' - 'no' description: Whether the rule is disabled. example: 'no' description: type: string example: Endpoint rule network investigation incident blocked detected applied investigation suspicious rule traffic. tag: type: object properties: member: type: array items: type: string example: - example-member_item example: *id019 NatRule: type: object description: >- A NAT policy rule defining source or destination address translation for matching traffic. properties: '@name': type: string description: Unique name of the NAT rule. example: Corporate Policy 48 from: type: object properties: member: type: array items: type: string description: Source zones. example: - example-member_item - example-member_item example: *id020 to: type: object properties: member: type: array items: type: string description: Destination zones. example: - example-member_item - example-member_item example: *id021 source: type: object properties: member: type: array items: type: string description: Source addresses. example: - example-member_item example: *id022 destination: type: object properties: member: type: array items: type: string description: Destination addresses. example: - example-member_item example: *id023 service: type: string description: Service object or any. example: example-service source-translation: type: object description: Source address translation settings. properties: dynamic-ip-and-port: type: object properties: interface-address: type: object properties: interface: type: string example: example-interface example: interface: example-interface translated-address: type: object properties: member: type: array items: type: string example: - example-member_item example: member: - example-member_item example: interface-address: interface: example-interface translated-address: member: - example-member_item - example-member_item static-ip: type: object properties: translated-address: type: string example: example-translated-address bi-directional: type: string enum: - 'yes' - 'no' example: 'no' example: translated-address: example-translated-address bi-directional: 'no' example: *id024 destination-translation: type: object description: Destination address translation settings. properties: translated-address: type: string example: example-translated-address translated-port: type: string example: example-translated-port example: *id025 nat-type: type: string enum: - ipv4 - nat64 - nptv6 example: nat64 disabled: type: string enum: - 'yes' - 'no' example: 'yes' description: type: string example: Suspicious endpoint network monitoring suspicious threat suspicious on Security. tag: type: object properties: member: type: array items: type: string example: - example-member_item - example-member_item example: *id026 QosRule: type: object description: >- A QoS policy rule classifying traffic into QoS classes for bandwidth management and prioritization. properties: '@name': type: string description: Unique name of the QoS rule. example: Staging Policy 36 from: type: object properties: member: type: array items: type: string description: Source zones. example: - example-member_item example: *id027 to: type: object properties: member: type: array items: type: string description: Destination zones. example: - example-member_item - example-member_item example: *id028 source: type: object properties: member: type: array items: type: string example: - example-member_item - example-member_item example: *id029 destination: type: object properties: member: type: array items: type: string example: - example-member_item example: *id030 application: type: object properties: member: type: array items: type: string example: - example-member_item example: *id031 service: type: object properties: member: type: array items: type: string example: - example-member_item - example-member_item example: *id032 dscp-tos: type: object description: DSCP/TOS marking settings. properties: any: type: object example: {} example: *id033 action: type: object properties: class: type: string description: QoS class number (1-8). example: example-class example: *id034 disabled: type: string enum: - 'yes' - 'no' example: 'no' description: type: string example: Rule blocked Security firewall policy applied suspicious detected firewall endpoint network investigation. VirtualSystem: type: object description: A virtual system (vsys) on the PAN-OS firewall. properties: '@name': type: string description: Virtual system name (e.g., vsys1, vsys2). example: Corporate Firewall 67 display-name: type: string description: Human-readable display name for the vsys. example: Corporate Policy 13 import: type: object description: Imported network resources for this vsys. properties: network: type: object properties: interface: type: object properties: member: type: array items: type: string description: Network interfaces assigned to this vsys. example: - example-member_item - example-member_item example: member: - example-member_item example: interface: member: - example-member_item example: *id035 CommitStatus: type: object description: Status of a commit job. properties: '@status': type: string example: active '@code': type: string example: example-@code result: type: object properties: job: type: object properties: id: type: string example: example-id type: type: string example: custom status: type: string enum: - ACT - PEND - FIN - WARN example: PEND result: type: string enum: - OK - FAIL - WARN example: WARN progress: type: string description: Commit progress percentage (0-100). example: example-progress details: type: object properties: line: oneOf: - type: string - type: array items: type: string example: example-line example: line: example-line example: id: example-id type: standard status: ACT result: FAIL progress: example-progress details: line: example-line example: *id036 PanOsResponse: type: object description: Standard PAN-OS API response envelope. properties: '@status': type: string enum: - success - error example: error '@code': type: string example: example-@code msg: type: string example: example-msg ErrorResponse: type: object properties: '@status': type: string example: running '@code': type: string example: example-@code msg: type: object properties: line: type: string description: Error message detail. example: example-line example: *id002