Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VPN Loggedin Users and Count #2

Open
ghost opened this issue Jan 3, 2020 · 2 comments
Open

VPN Loggedin Users and Count #2

ghost opened this issue Jan 3, 2020 · 2 comments

Comments

@ghost
Copy link

ghost commented Jan 3, 2020
edited by ghost

Having issues with the custom palo alto GP sensor. I am showing 0 users. The current command is successful but does not provide results because I believe that the show command requires the name of the portal and possibly the vsys.

Is the show command outdated for version 9?

Is it suppose to be: <show><global-protect-gateway><current-user></current-user></global-protect-gateway></show>

As seen here:

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-panorama-api/pan-os-xml-api-use-cases/show-and-manage-globalprotect-users-api.html

Thanks,

Jon
@FoUStep
Copy link

FoUStep commented Jul 18, 2022
edited

Just found this gem. It shows everyone logged in at the portal (to either download the client or whatever).

You need to change the portal into the gateway as shown above, along with and a change into the counting code. Change all this in the sensor.py file, restart your entire Home Assistant host and it'll work.

Like this:
<show><global-protect-gateway><current-user/></global-protect-gateway></show>

Also look for this piece:

    def parse_globalprotect_users(self):
        user_count = 0
        vpn_users = []
        root = ET.fromstring(self._gp_users)
        nodes = root.findall('result/gp-portal-users/user')
        for user in nodes:
            user_count += 1
            vpn_users.append(user.find('username').text)

Change the nodes rule into:

    def parse_globalprotect_users(self):
        user_count = 0
        vpn_users = []
        root = ET.fromstring(self._gp_users)
        nodes = root.findall('result/entry')
        for user in nodes:
            user_count += 1
            vpn_users.append(user.find('username').text)

Tested this on PAN-OS 10.2 on a PA-220. It works.

@footcricket05
Copy link

It appears that you are working with Palo Alto GlobalProtect and trying to retrieve information about connected users using the API. The API structure may vary between different versions of Palo Alto PAN-OS, and it's essential to use the appropriate API endpoint and XML structure for the version you're working with.

In PAN-OS version 9.1, the correct XML structure for retrieving GlobalProtect user information should be as follows:

<show>
    <global-protect-gateway>
        <current-user></current-user>
    </global-protect-gateway>
</show>

The structure you've provided appears to be correct based on the documentation you linked. The command should be valid for version 9.1.

Here are a few things to check if you are not getting the expected results:

  1. Ensure that you have the necessary permissions and access to retrieve user information.
  2. Double-check your API request to make sure there are no typos or syntax errors.
  3. Verify that the GlobalProtect Gateway and VSYS names you are using in your request are accurate.
  4. Check the version of PAN-OS you are working with, as the API structure can differ between versions. Make sure you are using the correct structure for version 9.1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@FoUStep @footcricket05