Skip to main content

PAN-OS create or edit policy

This Playbook is part of the Change Management Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.1.0 and later.

This playbook will automate the process of creating or editing a policy. The first task in the playbook checks whether there is a security policy that matches the playbook inputs. If there is no security policy that matches, a new policy will be created. If there is a security policy that matches, the user will be able to modify the existing policy or create a new hardened policy.


This playbook uses the following sub-playbooks, integrations, and scripts.


  • PAN-OS Commit Configuration
  • PAN-OS edit policy


This playbook does not use any integrations.


  • PanoramaSecurityPolicyMatchWrapper
  • SetGridField


  • setIncident
  • panorama-create-rule

Playbook Inputs#

NameDescriptionDefault ValueRequired
ProtocolThe IP protocol numberincident.protocolOptional
ActionAction for the rule (allow, deny, drop)incident.policyactionsOptional
ApplicationA comma-separated list of application object names for the rule to create.Optional
Destination_zoneA comma-separated list of destination zones.incident.destinationnetworksOptional
Log_forwardingLog forwarding profile.Optional
Profile_settingA profile setting group.Optional
RulenameName of the rule to create.Optional
ServiceA comma-separated list of service object names for the rule.incident.policyactionsOptional
Source_zoneA comma-separated list of source zones.incident.sourcenetworksOptional
EmailThe email of the network/security team.Optional
Rule_positionPre rule or Post rule (Panorama instances).
Possible options:
- post-rulebase
- pre-rulebase
Destination_portDestination port.incident.dstportsOptional
TargetTarget number of the firewall. Use only for a Panorama instance.Optional
VsysTarget vsys of the firewall. Use only for a Panorama instance.Optional
LimitMaximum number of API requests that the
PanoramaSecurityPolicyMatchWrapper script will send.
The default is 500.

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

PAN-OS create or edit policy