A tool to generate device certificate reports from PAN-OS devices.
Project description
PAN-OS Device Certificate Report
A CLI tool to generate device certificate reports from Palo Alto Networks PAN-OS devices.
This tool assists customers in navigating the information provided within this Knowledge Base article.
Table of Contents
Features
- Multiple Data Sources: Collect device information from CSV files, Panorama appliances, or individual firewalls.
- Comprehensive Reports: Generates detailed PDF reports including device certificate status, software versions, and upgrade requirements.
- Easy to Use: Provides a straightforward command-line interface powered by Typer.
- Data Validation: Utilizes Pydantic models for robust data handling.
- Flexible Workflows: Supports multiple workflows for different use cases and environments.
Installation
Requires Python 3.7 or higher.
Install the package using pip:
$ pip install device-certificate-report
---> 100%
Successfully installed device-certificate-report
Usage
The device-certificate-report utility provides three subcommands:
csv: Generate a report from a CSV file containing device information.panorama: Connect to a Panorama appliance to retrieve connected firewalls and generate a report.firewall: Connect directly to a firewall appliance to generate a report.
CSV Subcommand
Process a CSV file to generate the report.
$ device-certificate-report csv --csv-file <path_to_csv_file> --output-file <output_pdf>
--csv-fileand--output-fileflags are optional*
Examples:
$ device-certificate-report csv ─╯
CSV file path: panorama.csv
Cleaned CSV file saved as: /Users/cdot/development/cdot65/device_certificate_report/cleaned.csv
Processing cleaned CSV file: /Users/cdot/development/cdot65/device_certificate_report/cleaned.csv
Report generated at device_certificate_report.pdf
$ device-certificate-report csv --csv-file panorama.csv --output-file device_certificate_report.pdf ─╯
Cleaned CSV file saved as: /Users/cdot/development/cdot65/device_certificate_report/cleaned.csv
Processing cleaned CSV file: /Users/cdot/development/cdot65/device_certificate_report/cleaned.csv
Report generated at device_certificate_report.pdf
Panorama Subcommand
Connect to a Panorama appliance and generate the report from connected firewalls.
$ device-certificate-report panorama --hostname <panorama_ip> --username <user> --password <password> --output-file <output_pdf>
--hostname,--username,--password, and--output-fileflags are optional*
Examples:
$ device-certificate-report panorama ─╯
Panorama hostname or IP: panorama1.example.io
Panorama username: admin
Panorama password:
Connecting to Panorama at panorama1.example.io
INFO:device_certificate_report.components.data_collection:Sending operational command to Panorama to retrieve all devices.
INFO:device_certificate_report.components.data_collection:Parsing XML response from Panorama.
INFO:device_certificate_report.components.data_collection:Found 14 devices connected to Panorama.
Report generated at device_certificate_report.pdf
$ device-certificate-report panorama --hostname panorama.example.io --username admin --password paloalto123 --output-file panorama_report.pdf ─╯
Connecting to Panorama at panorama1.example.io
INFO:device_certificate_report.components.data_collection:Sending operational command to Panorama to retrieve all devices.
INFO:device_certificate_report.components.data_collection:Parsing XML response from Panorama.
INFO:device_certificate_report.components.data_collection:Found 14 devices connected to Panorama.
Report generated at panorama_report.pdf
Firewall Subcommand
Connect to a single Firewall appliance and generate the report.
$ device-certificate-report firewall --hostname <firewall_ip> --username <user> --password <password> --output-file <output_pdf>
Examples:
$ device-certificate-report firewall ─╯
Firewall hostname or IP: austin-fw1.example.io
Firewall username: admin
Firewall password:
Connecting to Firewall at austin-fw1.example.io
INFO:device_certificate_report.components.data_collection:Sending operational command to Firewall to retrieve system info.
INFO:device_certificate_report.components.data_collection:Sending operational command to Firewall to retrieve device certificate status.
INFO:device_certificate_report.components.data_collection:Parsing XML response from Firewall system info.
INFO:device_certificate_report.components.data_collection:Parsing XML response from Firewall device certificate status.
Report generated at austin-fw1.example.io.pdf
$ device-certificate-report firewall --hostname austin-fw1.example.io --username admin --password paloalto123 --output-file firewall.pdf ─╯
Connecting to Firewall at austin-fw1.example.io
INFO:device_certificate_report.components.data_collection:Sending operational command to Firewall to retrieve system info.
INFO:device_certificate_report.components.data_collection:Sending operational command to Firewall to retrieve device certificate status.
INFO:device_certificate_report.components.data_collection:Parsing XML response from Firewall system info.
INFO:device_certificate_report.components.data_collection:Parsing XML response from Firewall device certificate status.
Report generated at firewall.pdf
Note: If --output-file is not specified, the report will be saved with a default name.
Contributing
Contributions are welcome! Please follow these steps:
- Fork the repository.
- Create a new branch (
git checkout -b feature/your-feature). - Commit your changes (
git commit -am 'Add some feature'). - Push to the branch (
git push origin feature/your-feature). - Open a Pull Request.
Please ensure that your code adheres to the existing coding standards and includes appropriate test coverage.
License
This project is licensed under the Apache 2.0 License - see the LICENSE file for details.
Support
For details on the support provided by Palo Alto Networks for this project, please consult the SUPPORT.md file in the repository.
More extensive documentation will be available through our GitHub Pages site.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file device_certificate_report-0.1.1.tar.gz.
File metadata
- Download URL: device_certificate_report-0.1.1.tar.gz
- Upload date:
- Size: 21.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.7.1 CPython/3.11.7 Darwin/23.6.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | a8fa3aecbb30f17ef93e68b8895dfcfcb0ad1f1b380270cb2bccb6e624ee6411 |
|
| MD5 | c9cb81796cd6e892d78f2cddac6ae457 |
|
| BLAKE2b-256 | f3c90dc482745d47d3ea2d7f74567b52112b7e4044119de0ca482f7c3038a053 |
File details
Details for the file device_certificate_report-0.1.1-py3-none-any.whl.
File metadata
- Download URL: device_certificate_report-0.1.1-py3-none-any.whl
- Upload date:
- Size: 23.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.7.1 CPython/3.11.7 Darwin/23.6.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | a94825048cc794f161eeb1658f51728bc7dc23807bc90925183b665c05492d35 |
|
| MD5 | 6aea17b6186e736930b596ed3c0713fa |
|
| BLAKE2b-256 | 4fb48eba8db32a0cf5b2cdd792ed13a871a9bbdbd740cd892e7d395dc6f05bde |
