# ###############################################################################
# # AUTHOR : Suresh Kalavala
# # DATE : 03/04/2018
# # PACKAGE : PALO ALTO APPLANCE/DEVICE SENSOR
# # Description : Package to monitor PaloAlto device, logged-in users, vpn users
# # and other system information
# ###############################################################################
# homeassistant:
# customize:
# # Sensors from custom component
# sensor.paloalto_host_name:
# friendly_name: Palo Alto Host Name
# sensor.paloalto_operation_mode:
# friendly_name: Device Operation Mode
# sensor.paloalto_serial_number:
# friendly_name: Device Serial Number
# sensor.paloalto_global_protect_user_count:
# friendly_name: VPN Loggedin User Count
# sensor.paloalto_global_protect_users:
# friendly_name: VPN Loggedin Users
# sensor.paloalto_global_protect_version:
# friendly_name: VPN Software Version
# sensor.paloalto_logdb_version:
# friendly_name: Log Db Version
# sensor.paloalto_software_version:
# friendly_name: Device Software Version
# sensor.paloalto_core_temperature:
# friendly_name: Core Temperature
# sensor.paloalto_system_temperature:
# friendly_name: System Temperature
# sensor.paloalto_up_time:
# friendly_name: Up Time
# # Scripts
# script.paloalto_clear_traffic_logs:
# friendly_name: Clear Traffic Logs
# script.paloalto_clear_threat_logs:
# friendly_name: Clear Threat Logs
# script.paloalto_clear_alarm_logs:
# friendly_name: Clear Alarm Logs
# script.paloalto_clear_authentication_logs:
# friendly_name: Clear Authentication Logs
# script.paloalto_clear_config_logs:
# friendly_name: Clear Configuration Logs
# script.paloalto_clear_system_logs:
# friendly_name: Clear System Logs
# script.paloalto_shutdown:
# friendly_name: Shutdown Palo Alto Device
# icon: mdi:power
# script.paloalto_restart:
# friendly_name: Restart Palo Alto Device
# icon: mdi:restart
# sensor:
# - platform: paloalto
# api_key: !secret paloalto_authkey
# ip_address: !secret paloalto_hostip
# ssl: True
# verify_ssl: False
# scan_interval: 60
# monitored_conditions:
# - host_name
# - up_time
# - serial_no
# - sw_version
# - gp_version
# - logdb_version
# - operation_mode
# - core_temp
# - sys_temp
# - gp_users
# - gp_user_count
# - loggedin_user_count
# - loggedin_users
# #
# # All the URLs below use the following format
# # For ex: paloalto_clear_traffic_logs: "curl -k 'https://192.xxx.xxx.xxx/api/?type=op&cmd=<clear><log><traffic></traffic></log></clear>&key=YOUR_API_KEY'"
# # Check out secrets.example file for additional details about the commands
# # https://github.com/skalavala/smarthome/blob/master/secrets.example
# #
# shell_command:
# paloalto_clear_traffic_logs: !secret paloalto_clear_traffic_logs
# paloalto_clear_threat_logs: !secret paloalto_clear_threat_logs
# paloalto_clear_alarm_logs: !secret paloalto_clear_alarm_logs
# paloalto_clear_authentication_logs: !secret paloalto_clear_authentication_logs
# paloalto_clear_config_logs: !secret paloalto_clear_config_logs
# paloalto_clear_system_logs: !secret paloalto_clear_system_logs
# paloalto_shutdown: !secret paloalto_shutdown
# paloalto_restart: !secret paloalto_restart
# script:
# paloalto_clear_traffic_logs:
# sequence:
# - service: shell_command.paloalto_clear_traffic_logs
# paloalto_clear_threat_logs:
# sequence:
# - service: shell_command.paloalto_clear_threat_logs
# paloalto_clear_alarm_logs:
# sequence:
# - service: shell_command.paloalto_clear_alarm_logs
# paloalto_clear_authentication_logs:
# sequence:
# - service: shell_command.paloalto_clear_authentication_logs
# paloalto_clear_config_logs:
# sequence:
# - service: shell_command.paloalto_clear_config_logs
# paloalto_clear_system_logs:
# sequence:
# - service: shell_command.paloalto_clear_system_logs
# paloalto_shutdown:
# sequence:
# - service: shell_command.paloalto_shutdown
# paloalto_restart:
# sequence:
# - service: shell_command.paloalto_restart
# automation:
# #
# # Alerts me when someone logs into my VPN network
# # This automation compares before and after state changes
# # and alerts when someone logged in/out of VPN
# #
# - alias: Alert When Someone Logged into VPN
# initial_state: true
# hide_entity: true
# trigger:
# - platform: state
# entity_id: sensor.paloalto_global_protect_users
# condition:
# - condition: template
# value_template: '{{ trigger.from_state.state | lower != trigger.to_state.state | lower }}'
# action:
# - service: script.notify_me
# data_template:
# message: >-
# {% set before = trigger.from_state.state %}
# {% set after = trigger.to_state.state %}
# {% macro loggedIn(beforeList, afterList) %}
# {%- for user in afterList if user != 'None' and user not in beforeList%}
# {%- if loop.first %}{% elif loop.last %} and{% else %},{% endif -%}
# {{- user }}
# {%- endfor %}
# {%- endmacro %}
# {% macro loggedOut(beforeList, afterList) %}
# {%- for user in beforeList if user != 'None' and user not in afterList %}
# {%- if loop.first %}{% elif loop.last %} and{% else %},{% endif -%}
# {{- user }}
# {%- endfor %}
# {%- endmacro %}
# {%- macro checkUsers(beforeList, afterList) -%}
# {%- set loggedInUsers = loggedIn(beforeList, afterList) -%}
# {%- set loggedOutUsers = loggedOut(beforeList, afterList) -%}
# {%- if loggedInUsers | trim != "" -%}
# Alert! {{- loggedInUsers | title }} just logged into your Web VPN.
# {%- endif -%}
# {%- if loggedOutUsers | trim != "" %}
# {{- loggedOutUsers |title }} just logged out of your Web VPN.
# {% endif %}
# {%- endmacro -%}
# {{ checkUsers(before.split(','), after.split(',')) }}
# #
# # Alerts me when someone logs into my firewall.
# # This automation compares before and after state changes
# # and alerts when someone logged in/out of Firewall
# #
# - alias: Alert When Someone Logged into Firewall
# initial_state: true
# hide_entity: true
# trigger:
# - platform: state
# entity_id: sensor.paloalto_loggedin_users
# condition:
# - condition: template
# value_template: '{{ trigger.from_state.state | lower != trigger.to_state.state | lower }}'
# action:
# - service: script.notify_me
# data_template:
# message: >-
# {% set before = trigger.from_state.state %}
# {% set after = trigger.to_state.state %}
# {% macro loggedIn(beforeList, afterList) %}
# {%- for user in afterList if user != 'None' and user not in beforeList%}
# {%- if loop.first %}{% elif loop.last %} and{% else %},{% endif -%}
# {{- user }}
# {%- endfor %}
# {%- endmacro %}
# {% macro loggedOut(beforeList, afterList) %}
# {%- for user in beforeList if user != 'None' and user not in afterList %}
# {%- if loop.first %}{% elif loop.last %} and{% else %},{% endif -%}
# {{- user }}
# {%- endfor %}
# {%- endmacro %}
# {%- macro checkUsers(beforeList, afterList) -%}
# {%- set loggedInUsers = loggedIn(beforeList, afterList) -%}
# {%- set loggedOutUsers = loggedOut(beforeList, afterList) -%}
# {%- if loggedInUsers | trim != "" -%}
# Alert! {{- loggedInUsers | title }} just logged into your Palo Alto Firewall.
# {%- endif -%}
# {%- if loggedOutUsers | trim != "" %}
# {{- loggedOutUsers |title }} just logged out of your Palo Alto Firewall.
# {% endif %}
# {%- endmacro -%}
# {{ checkUsers(before.split(','), after.split(',')) }}
# #
# # Palo Alto PA-200 device sucks ass in terms of its disk space!
# # A work around would be to clear traffic logs periodically
# # This automation runs every hour and clears traffic log/log files
# #
# - alias: Clear Traffic Logs
# initial_state: True
# hide_entity: True
# trigger:
# - platform: time_pattern
# hours: '/1'
# minutes: 00
# action:
# - service: script.paloalto_clear_traffic_logs