Configuring the BlueApp for Palo Alto Networks Panorama

Role Availability Read-Only Investigator Analyst Manager

When the BlueApp for Palo Alto Networks Panorama is enabled and connected to your Palo Alto Networks environment, you can launch app actions and create orchestration rules to send data from USM Anywhere to your Palo Alto device. See BlueApp for Palo Alto Networks Panorama Actions for more information about the orchestration actions supported by the BlueApp for Palo Alto Networks Panorama,

BlueApp for Palo Alto Networks Panorama Setup

Tto configure Palo Alto Networks Panorama in USM Anywhere, you need the following:

  • A dedicated Palo Alto Networks Panorama admin account with the account password
  • The IP address or hostname of the Panorama instance
  • API access enabled in your Panorama account
  • Syslog forwarding enabled in Panorama

To generate API access in Panorama

  1. Go to the Palo Alto Networks Panorama documentation and follow the vendor instructions to enable API access.
  2. Enable all XML API features.

To enable log forwarding in Panorama

  1. Go to the Palo Alto Networks Panorama Log Forwarding documentation and follow the vendor instructions.
  2. In step 2 of the instructions, follow the instructions to configure a syslog server profile.

Enable BlueApp for Palo Alto Networks Panorama in USM Anywhere

Once you have enabled API access and log forwarding in Panorama, you can enable the BlueApp for Palo Alto Networks Panorama in USM Anywhere.

To enable the BlueApp for Palo Alto Networks Panorama in USM Anywhere

  1. In USM Anywhere, go to Data Sources > BlueApps.
  2. Click the Available Apps tab.
  3. Search for the BlueApp, and then click the tile.
  4. Click Configure API.

  5. If you have more than one deployed USM Anywhere Sensor, select the sensor that you want to use for the enabled BlueApp.

    BlueApps operate through a deployed sensor and use APIs to integrate with the connected third-party technology. Select the sensor that can access the integration endpoint. The HTTPS connections to the API will originate from this sensor, so it is important to make sure the sensor has network access to the BlueApp API endpoints.

  6. Specify the connection information for Palo Alto Networks:

    • IP address or hostname: Enter the IP address or hostname of your Panorama instance.
    • User Name: Enter the name of the admin account you created.
    • Password: Enter the password for the Palo Alto Panorama user account.
    • (Optional) Validate HTTPS host name: Select the checkbox to validate the HTTPS host-name.
  7. Click Save.