Palo Alto Firewall: Block Value activity

After the workflow has identified a value that is not on the firewall, the record is routed for approval. Upon approval, this activity connects to the MID Server via your SSH credentials and invokes a script that adds the value to the firewall External Block List.

Input variables

Input variables determine the initial behavior of the activity.
Note: You must manually enter the input variables for this activity and then publish the workflow. If the workflow is not published, the input variables will not be saved for non-admin users.
Table 1. Input variables
Variable Description
toBeBlockedValue [string] The value to be added to the EDL if not already present. This input variable is mandatory.
typeToBeBlocked [string] The type of value to be blocked: IP, URL, or Domain. This input variable is mandatory.
targetHost [string] The MID Server on which the script is executed.
SSHCredentialTag [string] The SSH credential tag defined on the MID server.
scriptCommand [string] The AppendValueToList.sh script used to add the value to the EDL. It requires the full path to the MID Server.

Output variables

The output variables contain data that can be used in subsequent activities.

Table 2. Output variables
Variable Description
result [string] The result passed to the EDL.