Palo Alto Firewall: Blocked Status activity

This activity checks if the value (IP, URL, or domain) is included in its respective External Dynamic List/Dynamic Block List (EDL/DBL) on firewall. The EDL/DBL details are obtained from the firewall using an operational command, and a routine is performed to check if the value is blocked on the firewall.

Input variables

Input variables determine the initial behavior of the activity. All input variable entries listed are mandatory.

Table 1. Input variables
Variable Description
valueToBeChecked [string] The value in the block request.
showEDLDetailsCommand [string] The External Dynamic List command being used to determine whether the value exists on the firewall.
FirewallIpAddress [string] The IP address of the firewall used.
FirewallApiKey [string] The firewall API key.

Output variables

The output variables contain data that can be used in subsequent activities. The output consists of data from the firewall configuration, as well as data dynamically generated using the Palo Alto Firewall Operational Command API message.

Table 2. Output variables
Variable Description
commandResult [string] The results from the firewall for the show EDL Details command.
blockedStatus [Boolean] True indicates blocked. False indicates not blocked.
commandResponse [string] The response status obtained from the firewall for the show EDL Details Command.