[rancid] Palo Alto XML backups - sort of solved
Adam Thompson
athompson at merlin.mb.ca
Tue Sep 7 18:28:39 UTC 2021
I remember this being discussed several times here - Palo Alto's PANOS only emits JSON-formatted config when you run "show config running", which cannot be used to restore the device from scratch.
You can (at least as of v9.x) convince "show config running" to emit XML, you need the "set cli op-command-xml-output on" command first, then "show config running".
It's not very useful to humans, e.g. email diffs become utterly useless, but it IS usable for restoring a firewall from scratch.
I documented this in slightly deeper detail at https://github.com/ytti/oxidized/issues/440#issuecomment-914517884 on the "other" project, don't feel like re-typing it all.
Hopefully that helps someone...
-Adam
Adam Thompson
Consultant, Infrastructure Services
[1593169877849]
100 - 135 Innovation Drive
Winnipeg, MB, R3T 6A8
(204) 977-6824 or 1-800-430-6404 (MB only)
athompson at merlin.mb.ca<mailto:athompson at merlin.mb.ca>
www.merlin.mb.ca<http://www.merlin.mb.ca/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20210907/f6a75634/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Outlook-1593169877.png
Type: image/png
Size: 2687 bytes
Desc: Outlook-1593169877.png
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20210907/f6a75634/attachment.png>
More information about the Rancid-discuss
mailing list