I have an odd issue with pantag that I cannot figure out. I have a PA-200 device, and the pantag script fails in debug mode like this:
2016-09-29 20:20:53,351 +0000 ERROR common:183 - Unable to get apikey from firewall: Invalid credentials.
2016-09-29 20:20:53,476 +0000 INFO common:174 - Debugging enabled
2016-09-29 20:20:53,476 +0000 INFO common:202 - Determining if required arguments are present
2016-09-29 20:20:53,476 +0000 INFO common:202 - Determining how firewalls should be contacted based on arguments
2016-09-29 20:20:53,476 +0000 INFO common:202 - Use Panorama: False
2016-09-29 20:20:53,476 +0000 INFO common:202 - VSys: vsys1
2016-09-29 20:20:53,477 +0000 INFO common:202 - Hostname: ***.***.***.***
2016-09-29 20:20:53,477 +0000 INFO common:202 - Using serials from logs
2016-09-29 20:20:53,477 +0000 INFO common:202 - Begin get API key
2016-09-29 20:20:53,503 +0000 INFO common:202 - API Key was not in Splunk credential store
2016-09-29 20:20:53,503 +0000 INFO common:202 - Getting credentials from Splunk credential store
2016-09-29 20:20:53,512 +0000 INFO common:202 - Getting API Key from firewall/Panorama
2016-09-29 20:20:53,855 +0000 ERROR common:182 - File "/opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/panTag.py", line 249, in
main_splunk()
File "/opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/panTag.py", line 155, in main_splunk
apikey = common.apikey(sessionKey, hostname, debug)
File "/opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/lib/common.py", line 166, in apikey
exit_with_error("Unable to get apikey from firewall: %s" % str(e))
File "/opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/lib/common.py", line 182, in exit_with_error
logger.error(''.join(traceback.format_stack()))
2016-09-29 20:20:53,855 +0000 ERROR common:183 - Unable to get apikey from firewall: Invalid credentials.
However from the same server I CAN generate an API key via curl both to panorama and the device itself:
curl -kX GET 'https://192.168.57.253/api/?type=keygen&user=*****&password=*******'*****
↧