forked from demisto/content
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathplaybook-PAN-OS_-_Block_IP_-_Custom_Block_Rule_Test.yml
106 lines (105 loc) · 2.26 KB
/
playbook-PAN-OS_-_Block_IP_-_Custom_Block_Rule_Test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
id: PAN-OS - Block IP - Custom Block Rule Test
version: -1
name: PAN-OS - Block IP - Custom Block Rule Test
starttaskid: "0"
fromversion: "4.0.0"
tasks:
"0":
id: "0"
taskid: 98aa4cc4-b9c7-4523-8f20-9f25d6a320ae
type: start
task:
id: 98aa4cc4-b9c7-4523-8f20-9f25d6a320ae
version: -1
name: ""
iscommand: false
brand: ""
nexttasks:
'#none#':
- "1"
separatecontext: false
view: |-
{
"position": {
"x": 450,
"y": 50
}
}
note: false
timertriggers: []
ignoreworker: false
"1":
id: "1"
taskid: 37984fe3-025a-49d3-8f79-33dab40ce05e
type: playbook
task:
id: 37984fe3-025a-49d3-8f79-33dab40ce05e
version: -1
name: PAN-OS - Block IP - Custom Block Rule
description: |-
This playbook blocks IP addresses using Palo Alto Networks Panorama or Firewall through Custom Block Rules.
The playbook will get malicious IP addresses as inputs, create a custom bi-directional rule to block them, and commit the configuration.
***Note - The playbook will not check if the IP address is already blocked.
playbookName: PAN-OS - Block IP - Custom Block Rule
type: playbook
iscommand: false
brand: ""
nexttasks:
'#none#':
- "2"
scriptarguments:
AutoCommit:
simple: "No"
IP: {}
LogForwarding: {}
separatecontext: true
loop:
iscommand: false
exitCondition: ""
wait: 1
view: |-
{
"position": {
"x": 450,
"y": 230
}
}
note: false
timertriggers: []
ignoreworker: false
"2":
id: "2"
taskid: d95ecc29-bab5-4272-881c-5c5870227006
type: title
task:
id: d95ecc29-bab5-4272-881c-5c5870227006
version: -1
name: Done
type: title
iscommand: false
brand: ""
separatecontext: false
view: |-
{
"position": {
"x": 450,
"y": 420
}
}
note: false
timertriggers: []
ignoreworker: false
view: |-
{
"linkLabelsPosition": {},
"paper": {
"dimensions": {
"height": 435,
"width": 380,
"x": 450,
"y": 50
}
}
}
inputs: []
outputs: []