# Nautobot Panorama ChatOps
# The code in this repository has been migrated to the [Nautobot ChatOps Repository](https://github.com/nautobot/nautobot-plugin-chatops) as an integration - read more about it in the [ChatOps Docs](https://docs.nautobot.com/projects/chatops/en/latest/admin/install/)! As of July 2023 this repository has been **FROZEN** - all development / issues / discussions for this integration are in the [Nautobot ChatOps Repository](https://github.com/nautobot/nautobot-plugin-chatops) going forward.
This is a plugin for [Nautobot](https://github.com/nautobot/nautobot) that extends ChatOps support to Palo Alto Panorama systems. The plugin adds some useful commands into your ChatOps environment that enhances an administrator's and end user's day-to-day usage of Panorama. This framework allows for the quick extension of new ChatOps commands for Panorama.
Note: While this plugin requires Nautobot and the base Nautobot ChatOps plugin, it does _not_ require the Panorama or Palo Alto inventory to be in Nautobot. It is effectively Nautobot-independent, except for using it as a backend to run the chatbot itself.
## Usage
The supported commands are listed below. We welcome any new command or feature requests by submitting an issue or PR.
| /panorama Command | Description |
| -------------------- | -------------------------------------------------------------------------- |
| get-devices | Get information about connected devices from Panorama. |
| get-devicegroups | Get information about DeviceGroups and their devices from Panorama. |
| validate-rule-exists | Verify that a specific ACL rule exists within a device, via Panorama. |
| get-version | Obtain software version information for Panorama. |
| upload-software | Upload software to specified Palo Alto device. |
| install-software | Install software to specified Palo Alto device. |
| get-device-rules | Return a list of all firewall rules on a given device with details. |
| export-device-rules | Generate a downloadable list of firewall rules with details in CSV format. |
| capture-traffic | Run a packet capture on PANOS Device for specified IP traffic. |
## Prerequisites
This plugin requires the [Nautobot ChatOps Plugin](https://github.com/nautobot/nautobot-plugin-chatops) to be installed and configured before using. You can find detailed setup and configuration instructions [here](https://github.com/nautobot/nautobot-plugin-chatops/blob/develop/README.md).
## Installation
The plugin is available as a Python package in pypi and can be installed with pip:
```shell
pip install nautobot-plugin-chatops-panorama
```
> The plugin is compatible with Nautobot 1.1.0 and higher
To ensure Nautobot Panorama ChatOps is automatically re-installed during future upgrades, create a file named `local_requirements.txt` (if not already existing) in the Nautobot root directory (alongside `requirements.txt`) and list the `nautobot-plugin-chatops-panorama` package:
```no-highlight
# echo nautobot-plugin-chatops-panorama >> local_requirements.txt
```
Once installed, the plugin needs to be enabled in your `nautobot_config.py`
```python
# In your configuration.py
PLUGINS = ["nautobot_chatops", "nautobot_plugin_chatops_panorama"]
```
In addition, add/update the below `PLUGINS_CONFIG` section to `nautobot_config.py`.
> It is only necessary to add the sections from the below snippet for the chat platform you will be using (Slack, Webex, etc.).
```python
# Also in nautobot_config.py
PLUGINS_CONFIG = {
"nautobot_chatops": {
# Slack
"enable_slack": os.environ.get("ENABLE_SLACK", False),
"slack_api_token": os.environ.get("SLACK_API_TOKEN"),
"slack_signing_secret": os.environ.get("SLACK_SIGNING_SECRET"),
"slack_slash_command_prefix": os.environ.get("SLACK_SLASH_COMMAND_PREFIX", "/"),
# Webex
"enable_webex": os.environ.get("ENABLE_WEBEX", False),
"webex_token": os.environ.get("WEBEX_TOKEN"),
"webex_signing_secret": os.environ.get("WEBEX_SIGNING_SECRET"),
# Mattermost
"enable_mattermost": os.environ.get("ENABLE_MATTERMOST", False),
"mattermost_api_token": os.environ.get("MATTERMOST_API_TOKEN"),
"mattermost_url": os.environ.get("MATTERMOST_URL"),
# MS Teams
"enable_ms_teams": os.environ.get("ENABLE_MS_TEAMS", False),
"microsoft_app_id": os.environ.get("MICROSOFT_APP_ID"),
"microsoft_app_password": os.environ.get("MICROSOFT_APP_PASSWORD"),
},
"nautobot_plugin_chatops_panorama": {
"panorama_host": os.environ.get("PANORAMA_HOST"),
"panorama_user": os.environ.get("PANORAMA_USER"),
"panorama_password": os.environ.get("PANORAMA_PASSWORD"),
},
}
```
### Environment Variables
You will need to set the following environment variables for your Nautobot instance, then restart the services for them to take effect.
- PANORAMA_HOST - This is the management DNS/IP address used to reach your Panorama instance.
- PANORAMA_USER - A user account with API access to Panorama.
- PANORAMA_PASSWORD - The password that goes with the above user account.
```bash
export PANORAMA_HOST="{{ Panorama DNS/URL }}"
export PANORAMA_USER="{{ Panorama account username }}"
export PANORAMA_PASSWORD="{{ Panorama account password }}"
```
If the base Nautobot Chatops plugin is not already installed, the following environment variables are required for the chat platform in use. The [Platform-specific Setup](https://github.com/nautobot/nautobot-plugin-chatops/blob/develop/docs/chat_setup/chat_setup.md#platform-specific-setup) document describes how to retrieve the tokens and secrets for each chat platform that will need to be used in the environment variables.
> It is only necessary to create the environment variables shown below for the chat platform you will be using. To make the environment variables persistent, add them to the ~/.bash_profile for the user running Nautobot.
```bash
# Slack
export ENABLE_SLACK="true"
export SLACK_API_TOKEN="foobar"
export SLACK_SIGNING_SECRET="foobar"
# Webex
export ENABLE_WEBEX="true"
export WEBEX_TOKEN="foobar"
export WEBEX_SIGNING_SECRET="foobar"
# Mattermost
export ENABLE_MATTERMOST="false"
export MATTERMOST_API_TOKEN="foobar"
export MATTERMOST_URL="foobar"
# Microsoft Teams
export ENABLE_MS_TEAMS="false"
export MICROSOFT_APP_ID="foobar"
export MICROSOFT_APP_PASSWORD="foobar"
```
> When deploying as Docker containers, all of the above environment variables should be defined in the file `development/creds.env`. An example credentials file `creds.env.example` is available in the `development` folder.
## Access Control
Just like with the regular `/nautobot` command from the base Nautobot ChatOps plugin, the `/panorama` command supports access control through the Access Grants menu in Nautobot. See section [Grant Access to the Chatbot](https://github.com/nautobot/nautobot-plugin-chatops/blob/develop/docs/chat_setup/chat_setup.md#grant-access-to-the-chatbot) in the installation guide for the base Nautobot ChatOps plugin for setting this up.
## Questions
For any questions or comments, please check the [FAQ](FAQ.md) first and feel free to swing by the [Network to Code slack channel](https://networktocode.slack.com/) (channel #networktocode).
Sign up [here](http://slack.networktocode.com/)
## Screenshots
![Help](docs/img/screenshot1.png)
![Validate Rule Exists Success](docs/img/screenshot2.png)
![Validate Rule Exists Failure](docs/img/screenshot3.png)
![Upload Software](docs/img/screenshot4.png)
![Capture Traffic Filter](docs/img/screenshot5.png)
![Capture Traffic](docs/img/screenshot6.png)
![Get Devices](docs/img/screenshot7.png)
![Get DeviceGroups](docs/img/screenshot8.png)
![Get Device Rules](docs/img/screenshot9.png)
Raw data
{
"_id": null,
"home_page": "https://github.com/nautobot/nautobot-plugin-chatops-panorama",
"name": "nautobot-plugin-chatops-panorama",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7,<4.0",
"maintainer_email": "",
"keywords": "nautobot,nautobot-plugin,nautobot-chatops-plugin",
"author": "Network to Code, LLC",
"author_email": "opensource@networktocode.com",
"download_url": "https://files.pythonhosted.org/packages/03/22/fac25c300317d7d1480971c5e0b5e04b4f145b2d6edda359301183be6cb0/nautobot_plugin_chatops_panorama-1.2.0.tar.gz",
"platform": null,
"description": "# Nautobot Panorama ChatOps\n\n# The code in this repository has been migrated to the [Nautobot ChatOps Repository](https://github.com/nautobot/nautobot-plugin-chatops) as an integration - read more about it in the [ChatOps Docs](https://docs.nautobot.com/projects/chatops/en/latest/admin/install/)! As of July 2023 this repository has been **FROZEN** - all development / issues / discussions for this integration are in the [Nautobot ChatOps Repository](https://github.com/nautobot/nautobot-plugin-chatops) going forward.\n\nThis is a plugin for [Nautobot](https://github.com/nautobot/nautobot) that extends ChatOps support to Palo Alto Panorama systems. The plugin adds some useful commands into your ChatOps environment that enhances an administrator's and end user's day-to-day usage of Panorama. This framework allows for the quick extension of new ChatOps commands for Panorama.\n\nNote: While this plugin requires Nautobot and the base Nautobot ChatOps plugin, it does _not_ require the Panorama or Palo Alto inventory to be in Nautobot. It is effectively Nautobot-independent, except for using it as a backend to run the chatbot itself.\n\n## Usage\n\nThe supported commands are listed below. We welcome any new command or feature requests by submitting an issue or PR.\n\n| /panorama Command | Description |\n| -------------------- | -------------------------------------------------------------------------- |\n| get-devices | Get information about connected devices from Panorama. |\n| get-devicegroups | Get information about DeviceGroups and their devices from Panorama. |\n| validate-rule-exists | Verify that a specific ACL rule exists within a device, via Panorama. |\n| get-version | Obtain software version information for Panorama. |\n| upload-software | Upload software to specified Palo Alto device. |\n| install-software | Install software to specified Palo Alto device. |\n| get-device-rules | Return a list of all firewall rules on a given device with details. |\n| export-device-rules | Generate a downloadable list of firewall rules with details in CSV format. |\n| capture-traffic | Run a packet capture on PANOS Device for specified IP traffic. |\n\n## Prerequisites\n\nThis plugin requires the [Nautobot ChatOps Plugin](https://github.com/nautobot/nautobot-plugin-chatops) to be installed and configured before using. You can find detailed setup and configuration instructions [here](https://github.com/nautobot/nautobot-plugin-chatops/blob/develop/README.md).\n\n## Installation\n\nThe plugin is available as a Python package in pypi and can be installed with pip:\n\n```shell\npip install nautobot-plugin-chatops-panorama\n```\n\n> The plugin is compatible with Nautobot 1.1.0 and higher\n\nTo ensure Nautobot Panorama ChatOps is automatically re-installed during future upgrades, create a file named `local_requirements.txt` (if not already existing) in the Nautobot root directory (alongside `requirements.txt`) and list the `nautobot-plugin-chatops-panorama` package:\n\n```no-highlight\n# echo nautobot-plugin-chatops-panorama >> local_requirements.txt\n```\n\nOnce installed, the plugin needs to be enabled in your `nautobot_config.py`\n\n```python\n# In your configuration.py\nPLUGINS = [\"nautobot_chatops\", \"nautobot_plugin_chatops_panorama\"]\n```\n\nIn addition, add/update the below `PLUGINS_CONFIG` section to `nautobot_config.py`.\n\n> It is only necessary to add the sections from the below snippet for the chat platform you will be using (Slack, Webex, etc.).\n\n```python\n# Also in nautobot_config.py\nPLUGINS_CONFIG = {\n \"nautobot_chatops\": {\n # Slack\n \"enable_slack\": os.environ.get(\"ENABLE_SLACK\", False),\n \"slack_api_token\": os.environ.get(\"SLACK_API_TOKEN\"),\n \"slack_signing_secret\": os.environ.get(\"SLACK_SIGNING_SECRET\"),\n \"slack_slash_command_prefix\": os.environ.get(\"SLACK_SLASH_COMMAND_PREFIX\", \"/\"),\n # Webex\n \"enable_webex\": os.environ.get(\"ENABLE_WEBEX\", False),\n \"webex_token\": os.environ.get(\"WEBEX_TOKEN\"),\n \"webex_signing_secret\": os.environ.get(\"WEBEX_SIGNING_SECRET\"),\n # Mattermost\n \"enable_mattermost\": os.environ.get(\"ENABLE_MATTERMOST\", False),\n \"mattermost_api_token\": os.environ.get(\"MATTERMOST_API_TOKEN\"),\n \"mattermost_url\": os.environ.get(\"MATTERMOST_URL\"),\n # MS Teams\n \"enable_ms_teams\": os.environ.get(\"ENABLE_MS_TEAMS\", False),\n \"microsoft_app_id\": os.environ.get(\"MICROSOFT_APP_ID\"),\n \"microsoft_app_password\": os.environ.get(\"MICROSOFT_APP_PASSWORD\"),\n },\n \"nautobot_plugin_chatops_panorama\": {\n \"panorama_host\": os.environ.get(\"PANORAMA_HOST\"),\n \"panorama_user\": os.environ.get(\"PANORAMA_USER\"),\n \"panorama_password\": os.environ.get(\"PANORAMA_PASSWORD\"),\n },\n}\n```\n\n### Environment Variables\n\nYou will need to set the following environment variables for your Nautobot instance, then restart the services for them to take effect.\n\n- PANORAMA_HOST - This is the management DNS/IP address used to reach your Panorama instance.\n- PANORAMA_USER - A user account with API access to Panorama.\n- PANORAMA_PASSWORD - The password that goes with the above user account.\n\n```bash\nexport PANORAMA_HOST=\"{{ Panorama DNS/URL }}\"\nexport PANORAMA_USER=\"{{ Panorama account username }}\"\nexport PANORAMA_PASSWORD=\"{{ Panorama account password }}\"\n```\n\nIf the base Nautobot Chatops plugin is not already installed, the following environment variables are required for the chat platform in use. The [Platform-specific Setup](https://github.com/nautobot/nautobot-plugin-chatops/blob/develop/docs/chat_setup/chat_setup.md#platform-specific-setup) document describes how to retrieve the tokens and secrets for each chat platform that will need to be used in the environment variables.\n\n> It is only necessary to create the environment variables shown below for the chat platform you will be using. To make the environment variables persistent, add them to the ~/.bash_profile for the user running Nautobot.\n\n```bash\n# Slack\nexport ENABLE_SLACK=\"true\"\nexport SLACK_API_TOKEN=\"foobar\"\nexport SLACK_SIGNING_SECRET=\"foobar\"\n# Webex\nexport ENABLE_WEBEX=\"true\"\nexport WEBEX_TOKEN=\"foobar\"\nexport WEBEX_SIGNING_SECRET=\"foobar\"\n# Mattermost\nexport ENABLE_MATTERMOST=\"false\"\nexport MATTERMOST_API_TOKEN=\"foobar\"\nexport MATTERMOST_URL=\"foobar\"\n# Microsoft Teams\nexport ENABLE_MS_TEAMS=\"false\"\nexport MICROSOFT_APP_ID=\"foobar\"\nexport MICROSOFT_APP_PASSWORD=\"foobar\"\n```\n\n> When deploying as Docker containers, all of the above environment variables should be defined in the file `development/creds.env`. An example credentials file `creds.env.example` is available in the `development` folder.\n\n## Access Control\n\nJust like with the regular `/nautobot` command from the base Nautobot ChatOps plugin, the `/panorama` command supports access control through the Access Grants menu in Nautobot. See section [Grant Access to the Chatbot](https://github.com/nautobot/nautobot-plugin-chatops/blob/develop/docs/chat_setup/chat_setup.md#grant-access-to-the-chatbot) in the installation guide for the base Nautobot ChatOps plugin for setting this up.\n\n## Questions\n\nFor any questions or comments, please check the [FAQ](FAQ.md) first and feel free to swing by the [Network to Code slack channel](https://networktocode.slack.com/) (channel #networktocode).\nSign up [here](http://slack.networktocode.com/)\n\n## Screenshots\n\n![Help](docs/img/screenshot1.png)\n\n![Validate Rule Exists Success](docs/img/screenshot2.png)\n\n![Validate Rule Exists Failure](docs/img/screenshot3.png)\n\n![Upload Software](docs/img/screenshot4.png)\n\n![Capture Traffic Filter](docs/img/screenshot5.png)\n\n![Capture Traffic](docs/img/screenshot6.png)\n\n![Get Devices](docs/img/screenshot7.png)\n\n![Get DeviceGroups](docs/img/screenshot8.png)\n\n![Get Device Rules](docs/img/screenshot9.png)\n\n",
"bugtrack_url": null,
"license": "Apache-2.0",
"summary": "Nautobot Chatops plugin for Panorama",
"version": "1.2.0",
"project_urls": {
"Homepage": "https://github.com/nautobot/nautobot-plugin-chatops-panorama",
"Repository": "https://github.com/nautobot/nautobot-plugin-chatops-panorama"
},
"split_keywords": [
"nautobot",
"nautobot-plugin",
"nautobot-chatops-plugin"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "107770e414aa220cd264081e590ae44ef595d5d8993318c0c2927854e0c427c3",
"md5": "7589d8ca455dc4be354f129060b0b21d",
"sha256": "7bc4cd81f0d9eac552f7ec2852ed72dd5da1c82969bc593ee6853e887da88401"
},
"downloads": -1,
"filename": "nautobot_plugin_chatops_panorama-1.2.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "7589d8ca455dc4be354f129060b0b21d",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7,<4.0",
"size": 109497,
"upload_time": "2023-08-21T19:25:26",
"upload_time_iso_8601": "2023-08-21T19:25:26.772926Z",
"url": "https://files.pythonhosted.org/packages/10/77/70e414aa220cd264081e590ae44ef595d5d8993318c0c2927854e0c427c3/nautobot_plugin_chatops_panorama-1.2.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "0322fac25c300317d7d1480971c5e0b5e04b4f145b2d6edda359301183be6cb0",
"md5": "97513fd63f6fc0b5a89f5ad1782fcd7c",
"sha256": "ee7190e06e05c342d3baf81ed2416b44e05bf808c68fea0c1ac6122064543271"
},
"downloads": -1,
"filename": "nautobot_plugin_chatops_panorama-1.2.0.tar.gz",
"has_sig": false,
"md5_digest": "97513fd63f6fc0b5a89f5ad1782fcd7c",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7,<4.0",
"size": 107407,
"upload_time": "2023-08-21T19:25:28",
"upload_time_iso_8601": "2023-08-21T19:25:28.080191Z",
"url": "https://files.pythonhosted.org/packages/03/22/fac25c300317d7d1480971c5e0b5e04b4f145b2d6edda359301183be6cb0/nautobot_plugin_chatops_panorama-1.2.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-08-21 19:25:28",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "nautobot",
"github_project": "nautobot-plugin-chatops-panorama",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "nautobot-plugin-chatops-panorama"
}