Documentation
¶
Overview ¶
Package userid is the client.UserId namespace, for interacting with the User-ID API. This includes login/logout of a user, user/group mappings, and dynamic address group tags.
Various features of User-ID API are supported across all versions of PANOS for the firewall, but User-ID API for Panorama was only added to PANOS version 8.0.
Index ¶
- type Group
- type Login
- type LoginInfo
- type Logout
- type Message
- type TagIp
- type TagUser
- type UntagIp
- type UntagUser
- type UserId
- func (c *UserId) GetGroupMembers(group, vsys string) ([]string, error)
- func (c *UserId) GetGroups(style, vsys string) ([]string, error)
- func (c *UserId) GetIpTags(ip, tag, vsys string) (map[string][]string, error)
- func (c *UserId) GetLogins(ip, lType, vsys string) ([]LoginInfo, error)
- func (c *UserId) GetUserTags(user, vsys string) (map[string][]string, error)
- func (c *UserId) Initialize(i util.XapiClient)
- func (c *UserId) Run(msg *Message, vsys string) error
- type UserTag
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Group ¶
Group specifies a static user group's members.
Some care is needed when dealing with the groups. You cannot add or remove individual users from a group. You have to specify the group in its entirety each time you want to update group membership.
type LoginInfo ¶
type LoginInfo struct {
Ip string `xml:"ip"`
Vsys string `xml:"vsys"`
Type string `xml:"type"`
User string `xml:"user"`
IdleTimeout int `xml:"idle_timeout"`
Timeout int `xml:"timeout"`
}
LoginInfo is the structure returned from GetLogins().
type Message ¶
type Message struct {
Logins []Login
Logouts []Logout
TagIps []TagIp
UntagIps []UntagIp
Groups []Group
TagUsers []TagUser
UntagUsers []UntagUser
}
Message is a user-id message to be sent to PAN-OS.
This can contain multiple actions to be performed, such as logging in a user, tagging an IP, or setting group membership.
type UserId ¶
type UserId struct {
// contains filtered or unexported fields
}
UserId is the client.UserId namespace.
func (*UserId) GetGroupMembers ¶
GetGroupsMembers returns the list of users in the given group.
The vsys will default to "vsys1" if left as an empty string.
func (*UserId) GetGroups ¶
GetGroups returns the list of groups defined.
The style param can be used to limit the groups returned to the specified kind. If style is an empty string, all groups are returned.
The vsys will default to "vsys1" if left as an empty string.
func (*UserId) GetIpTags ¶
GetIpTags returns the registered IP address / tags for the given vsys.
Both the ip and tag params are server-side filters.
The vsys param is which vsys these operations should take place in. If vsys is an empty string, vsys defaults to "vsys1".
func (*UserId) GetLogins ¶
GetLogins returns a list of IP/user mappings.
If `ip' is not an empty string, filter on the given IP/netmask.
If `lType' is not an empty string and `ip' is specified, then filter on the given login type. This can be any of the following:
* AD - Active directory * CP - Captive Portal * EDIR - eDirectory * GP - Global Protect * GP-CLIENTLESSVPN - Global Protect Clientless VPN * SSO - SSO * SYSLOG - Syslog * UIA - User-ID Agent * UNKNOWN - Unknown * XMLAPI - XML API
func (*UserId) GetUserTags ¶
GetUserTags returns dynamic user tags.
Note: PAN-OS 9.1+
The user param will filter on just the specified user instead of all users and all tags.
If vsys is an empty string, then this function defaults to "vsys1".
func (*UserId) Initialize ¶
func (c *UserId) Initialize(i util.XapiClient)
Initialize is invoked on client.Initialize().
func (*UserId) Run ¶
Run executes the given User-Id message. This allows you to perform User-Id operations, such as logging in users, tagging IP addresses, and setting group memberhsip.
Please refer to the Message class for the details.
The vsys param is which vsys these operations should take place in. If vsys is an empty string, vsys defaults to "vsys1".
Source Files