Configuring the AlienApp for Palo Alto Networks Panorama

Role Availability Read-Only Investigator Analyst Manager

When the AlienApp for Palo Alto Networks Panorama is enabled and connected to your Palo Alto Networks environment, you can launch app actions and create orchestration rules to send data from USM Anywhere to your Palo Alto device. See AlienApp for Palo Alto Networks Panorama Actions for more information about the orchestration actions supported by the AlienApp for Palo Alto Networks Panorama,

AlienApp for Palo Alto Networks Panorama Setup

Tto configure Palo Alto Networks Panorama in USM Anywhere, you need the following:

  • A dedicated Palo Alto Networks Panorama admin account with the account password
  • The IP address or hostname of the Panorama instance
  • API access enabled in your Panorama account
  • Syslog forwarding enabled in Panorama

To generate API access in Panorama

  1. Go to the Palo Alto Networks Panorama documentation and follow the vendor instructions to enable API access.
  2. Enable all XML API features.

To enable log forwarding in Panorama

  1. Go to the Palo Alto Networks Panorama Log Forwarding documentation and follow the vendor instructions.
  2. In step 2 of the instructions, follow the instructions to configure a syslog server profile.

Enable AlienApp for Palo Alto Networks Panorama in USM Anywhere

Once you have enabled API access and log forwarding in Panorama, you can enable the AlienApp for Palo Alto Networks Panorama in USM Anywhere.

To enable the AlienApp for Palo Alto Networks Panorama in USM Anywhere

  1. In USM Anywhere, go to Data Sources > AlienApps.
  2. Click the Available Apps tab.
  3. Search for the AlienApp, and then click the tile.
  4. Click Configure API.

  5. If you have more than one deployed USM Anywhere Sensor, select the sensor that you want to use for the enabled AlienApp.

    AlienApps operate through a deployed sensor and use APIs to integrate with the connected third-party technology. Select the sensor that can access the integration endpoint. The HTTPS connections to the API will originate from this sensor, so it is important to make sure the sensor has network access to the AlienApp API endpoints.

  6. Specify the connection information for Palo Alto Networks:

    • IP address or hostname: Enter the IP address or hostname of your Panorama instance.
    • User Name: Enter the name of the admin account you created.
    • Password: Enter the password for the Palo Alto Panorama user account.
    • (Optional) Validate HTTPS host name: Select the checkbox to validate the HTTPS host-name.
  7. Click Save.