Python receive txt/xml logs from Palo Alto HTTP
I have a flask application that should receive txt/xml logs from a Palo Alto Firewall. How can I receive the traffic logs?
My Python Script: main.py
import flask
from flask import request
# For development!
app = flask.Flask(__name__)
@app.route('/', methods=['GET', 'POST'])
def __index():
# Request as TEXT/XML
xml_data = None
try:
xml_data = request.form
print(f"requests.xml_data={xml_data}")
except Exception as e:
print(f"Error #2 Could not get request.form data: {e}")
if xml_data is None:
raise Exception(f"Error #3 Could not get json data because missing xml_data as post")
# Flattern
xml_data_flattern = xml_data.to_dict(flat=True)
# Log JSON data
print(f"xml_data={xml_data}")
print(f"xml_data_flattern={xml_data_flattern}")
# Finish program
return {"message": "Finished", "data": ""}
if __name__ == '__main__':
app.run(debug=False, host="0.0.0.0", port=8080)
Palo Alto:
This is the Device->HTTP->HTTP Server Profile->Servers:
- Name: MyServer
- Address: myserver.runn.app
- Protocol: HTTPS
- Port: 443
- TLS Version: 1.2
- Certificate profile: None
- HTTP Method: POST
- Username: admin
- Pasword: admin
This is the Device->HTTP->HTTP Server Profile->Payload Format for Traffic:
- Name: Traffic-Payload
- HTTP Headers: content-type text/xml
- Payload:
<request><entry><short_description> $type</short_description></entry></request>
From what I gather from your code it seems that you want to read text/xml from the Flask request instead of json.
According to Flask Docs you can retrive raw data/text by using the function get_data().
In your code you would write xml_data = request.get_data(). You might also want to include the asText = True parameter. It makes the return value a decoded unicode string.
xml_data = request.get_data(asText = True)
Please note this warning from the documentation, and please do evaluate if this is relevant to your integrations:
Usually it’s a bad idea to call this method without checking the content length first as a client could send dozens of megabytes or more to cause memory problems on the server.
- ImproperlyConfigured: You're using the staticfiles app without having set the STATIC_ROOT setting to a filesystem path
- With Pydantic V2 and model_validate, how can I create a "computed field" from an attribute of an ORM model that IS NOT part of the Pydantic model
- Simple log filtering with Flask
- How can I access different Anaconda environment from Pycharm (on Windows 10)
- Create regex-like (run length encoding) of string s for blocks of a given length k
- Failed scipy install using pip on Windows [Preparing metadata (pyproject.toml) did not run successfully]
- How to form tuple column from two columns in Pandas
- Filtering dictionary elements by few initial values
- Filter DataFrame events not in time windows DataFrame
- PyTorch .to(torch.device("cuda")) slow when first called?
- Finding many strings in directory
- How to set the default of a JSONField to empty list in Django and django-jsonfield?
- How to solve "OSError: telling position disabled by next() call"
- How can I stream a response from LangChain's OpenAI using Flask API?
- cannot import name 'randn_tensor' from 'diffusers.utils'
- Pylance doesn't catch all deprecated functions or classes
- Python: Cannot get attribute from superclass
- Python tkinter - grid configuration
- How do I override __getattr__ without breaking the default behavior?
- Algorithm for transformation of an 1-D-gradient into a special form of a 2-D-gradient
- Communication link failure with pyodbc
- Python - how to overwrite output from Markdown library
- Convert string based NaN's to numpy NaN's
- Selenium-Python returning empty text for one specific class or tag in HTML but not visible on webpage
- Referencing columns by assigned name in numpy array
- Pretty-print indices/coordinates of 2D Numpy array
- Can I force array numpy to keep its uint32 type?
- Reshape dataframe into a timeseries when time information is split into columns and index?
- Simple math addition
- Docker: ModuleNotFoundError: No module named 'tabulate'