userid

package
v0.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 11, 2022 License: ISC Imports: 6 Imported by: 2

Documentation

Overview

Package userid is the client.UserId namespace, for interacting with the User-ID API. This includes login/logout of a user, user/group mappings, and dynamic address group tags.

Various features of User-ID API are supported across all versions of PANOS for the firewall, but User-ID API for Panorama was only added to PANOS version 8.0.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Group added in v0.4.0 

type Group struct {
	Name  string
	Users []string
}

Group specifies a static user group's members.

Some care is needed when dealing with the groups. You cannot add or remove individual users from a group. You have to specify the group in its entirety each time you want to update group membership.

type Login added in v0.4.0 

type Login struct {
	User string
	Ip   string
}

Login logs a user in.

type LoginInfo added in v0.5.0 

type LoginInfo struct {
	Ip          string `xml:"ip"`
	Vsys        string `xml:"vsys"`
	Type        string `xml:"type"`
	User        string `xml:"user"`
	IdleTimeout int    `xml:"idle_timeout"`
	Timeout     int    `xml:"timeout"`
}

LoginInfo is the structure returned from GetLogins().

type Logout added in v0.4.0 

type Logout struct {
	User string
	Ip   string
}

Logout logs a user out.

type Message added in v0.4.0 

type Message struct {
	Logins     []Login
	Logouts    []Logout
	TagIps     []TagIp
	UntagIps   []UntagIp
	Groups     []Group
	TagUsers   []TagUser
	UntagUsers []UntagUser
}

Message is a user-id message to be sent to PAN-OS.

This can contain multiple actions to be performed, such as logging in a user, tagging an IP, or setting group membership.

type TagIp added in v0.4.0 

type TagIp struct {
	Ip   string
	Tags []string
}

TagIp assigns tags to the specified IP address.

type TagUser added in v0.4.0 

type TagUser struct {
	User string
	Tags []UserTag
}

TagUser assigns tags to the specified user.

Note: PAN-OS 9.1+.

type UntagIp added in v0.4.0 

type UntagIp struct {
	Ip   string
	Tags []string
}

UntagIp removes tags from the specified IP address.

type UntagUser added in v0.4.0 

type UntagUser struct {
	User string
	Tags []string
}

UntagUser removes tags from the specified user.

Note: PAN-OS 9.1+.

type UserId 

type UserId struct {
	// contains filtered or unexported fields
}

UserId is the client.UserId namespace.

func (*UserId) GetGroupMembers added in v0.4.0 

func (c *UserId) GetGroupMembers(group, vsys string) ([]string, error)

GetGroupsMembers returns the list of users in the given group.

The vsys will default to "vsys1" if left as an empty string.

func (*UserId) GetGroups added in v0.4.0 

func (c *UserId) GetGroups(style, vsys string) ([]string, error)

GetGroups returns the list of groups defined.

The style param can be used to limit the groups returned to the specified kind. If style is an empty string, all groups are returned.

The vsys will default to "vsys1" if left as an empty string.

func (*UserId) GetIpTags added in v0.4.0 

func (c *UserId) GetIpTags(ip, tag, vsys string) (map[string][]string, error)

GetIpTags returns the registered IP address / tags for the given vsys.

Both the ip and tag params are server-side filters.

The vsys param is which vsys these operations should take place in. If vsys is an empty string, vsys defaults to "vsys1".

func (*UserId) GetLogins added in v0.5.0 

func (c *UserId) GetLogins(ip, lType, vsys string) ([]LoginInfo, error)

GetLogins returns a list of IP/user mappings.

If `ip' is not an empty string, filter on the given IP/netmask.

If `lType' is not an empty string and `ip' is specified, then filter on the given login type. This can be any of the following:

* AD - Active directory * CP - Captive Portal * EDIR - eDirectory * GP - Global Protect * GP-CLIENTLESSVPN - Global Protect Clientless VPN * SSO - SSO * SYSLOG - Syslog * UIA - User-ID Agent * UNKNOWN - Unknown * XMLAPI - XML API

func (*UserId) GetUserTags added in v0.4.0 

func (c *UserId) GetUserTags(user, vsys string) (map[string][]string, error)

GetUserTags returns dynamic user tags.

Note: PAN-OS 9.1+

The user param will filter on just the specified user instead of all users and all tags.

If vsys is an empty string, then this function defaults to "vsys1".

func (*UserId) Initialize 

func (c *UserId) Initialize(i util.XapiClient)

Initialize is invoked on client.Initialize().

func (*UserId) Run 

func (c *UserId) Run(msg *Message, vsys string) error

Run executes the given User-Id message. This allows you to perform User-Id operations, such as logging in users, tagging IP addresses, and setting group memberhsip.

Please refer to the Message class for the details.

The vsys param is which vsys these operations should take place in. If vsys is an empty string, vsys defaults to "vsys1".

type UserTag added in v0.4.0 

type UserTag struct {
	Tag     string
	Timeout int
}

UserTag is a tag with an optional timeout.

Note: PAN-OS 9.1+.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.