Skip to main content

PAN-OS - Add Domains EDL To Anti-Spyware

This Playbook is part of the PAN-OS by Palo Alto Networks Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.5.0 and later.

This playbook add domains EDL to Panorama Anti-Spyware. It assigns External Dynamic List URLs that contain domains to block to Panorama Anti-Spyware. You can create an External Dynamic List (EDL) and add domains to it using the Cortex XSOAR pack called "Generic Export Indicators Service". We recommend using this playbook as a one-time job. Once EDL is created and assigned to anti-spyware, domains can be blocked by adding them to the EDL.


This playbook uses the following sub-playbooks, integrations, and scripts.


  • PAN-OS Commit Configuration


  • Panorama


This playbook does not use any scripts.


  • pan-os-apply-dns-signature-policy
  • pan-os-get-edl
  • pan-os-create-anti-spyware-best-practice-profile
  • pan-os-create-edl
  • pan-os-edit-edl

Playbook Inputs#

NameDescriptionDefault ValueRequired
EDL_URLThe URL from which to pull the EDL.Required
Add_To_Existing_PAN-OS_EDLSet to "true" to use the existing PAN-OS EDL.Optional
PAN-OS_EDL_NamePAN-OS EDL name to create/edit if it exists (depending on the value in Add_To_Existing_PAN-OS_EDL).Required
Device_GroupThe device group for which to return addresses for the EDL (Panorama instances).
Certificate_ProfileThe certificate profile name for the URL that was previously uploaded to PAN OS.
Anti_Spyware_ProfileName of the anti-spyware profile to create OR to edit if it exists (depending on the value in Use_Existing_AntiSpyware_Profile).Required
Use_Existing_AntiSpyware_ProfileSet to "true" to create a new anti-spyware profile.Optional

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

PAN-OS - Add Domains EDL To Anti-Spyware