Saucepan

User Tools

Site Tools

Trace:
paloaltonetworks:api:url_testing

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
paloaltonetworks:api:url_testing [2020/08/31 06:30] – external edit 127.0.0.1paloaltonetworks:api:url_testing [2022/11/23 12:49] (current) – external edit 127.0.0.1
Line 8: Line 8:
 If you want to process the URL category example, you can use the following. It produces the format ''<CATEOGORY> <URL>'' If you want to process the URL category example, you can use the following. It produces the format ''<CATEOGORY> <URL>''
 <code>cat output.txt | grep Cloud | awk -F " " '{ print $2 " " $1 }' > processed-data.txt</code> <code>cat output.txt | grep Cloud | awk -F " " '{ print $2 " " $1 }' > processed-data.txt</code>
 +
 +
 +
 +====== Check URL Category from File List =====
 +
 +Run the following file called 'evalutedomains.sh' as
 +<code>./evaluatedomains.sh listofdomains.txt</code>
 +It will output to cleandata.csv
 +<code>#!/bin/bash
 +
 +Counter=0
 +
 +NameOfOutput=cleandata.csv
 +
 +TotalLines=`wc -l $1 | awk -F " " '{print $1}'`
 +
 +StartTime=`date`
 +
 +echo " "
 +echo "Writing $TotalLines lines to $NameOfOutput"
 +echo "Starting at $StartTime"
 +echo " "
 +
 +while IFS='' read -r LinefromFile || [[ -n "${LinefromFile}" ]]; do
 +  ((Counter++))
 +
 +  KEY="asdfasdfasdfasdfSFBlaUUycjRCa3d0UFBqb289RUNkQS9JZEppRjRXYW82Z3ZQVlJ5VlFxanBWNEZjNXN3MmdZcGY1VUduasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfPQ=="
 +
 +  CMD="<test><url>${LinefromFile}</url></test>"
 +
 +  URL="https://10.1.1.1/api/?key=$KEY&type=op&cmd=$CMD"
 +
 +  echo "Processing line $Counter of $TotalLines"
 +  curl --insecure -g -s -X GET $URL | grep Cloud | sed 's/(Cloud db)//g' | sed 's/\ /,/g' | sed 's/,,/,/g' |  sed 's/,$//g' >> $NameOfOutput
 +
 +done < "$1"
 +
 +echo " "
 +echo "************************************************************"
 +echo "Finished writing $TotalLines lines to $NameOfOutput"
 +echo "Start time  : $StartTime"
 +echo "Finish time : `date`"
 +</code>
 +
 +===== Check DNS From File List =====
 +<code>#!/bin/bash
 +
 +Counter=0
 +
 +NameOfOutput=cleandns.csv
 +
 +TotalLines=`wc -l $1 | awk -F " " '{print $1}'`
 +
 +StartTime=`date`
 +
 +echo " "
 +echo "Writing $TotalLines lines to $NameOfOutput"
 +echo "Starting at $StartTime"
 +echo " "
 +
 +while IFS='' read -r LinefromFile || [[ -n "${LinefromFile}" ]]; do
 +  ((Counter++))
 +
 +  KEY="asdfasdfasdfasdfppRjRXYW82Z3ZQVlJ5VasdfasdfasdfasdfXN3MmdZcGY1VUduTUUxT2xRellOak9BUCtNV21UV0xTWWovUzBKMktasdfasdfasdfasdf=="
 +
 +  CMD="<test><dns-proxy><dns-signature><fqdn>${LinefromFile}</fqdn></dns-signature></dns-proxy></test>"
 +
 +  URL="https://192.168.99.10/api/?key=$KEY&type=op&cmd=$CMD"
 +
 +  echo "Processing line $Counter of $TotalLines"
 +  curl --insecure -g -s -X GET $URL | grep result | sed s/\"//g | sed s/'{dns-signature: \[ {fqdn: '//g | sed s/'category: '//g | sed s/'ttl: '//g | sed s/}]}//g | sed s/"<\/result><\/response>"//g | sed s/"<response status=success><result>"//g >> $NameOfOutput
 +
 +done < "$1"
 +
 +echo " "
 +echo "************************************************************"
 +echo "Finished writing $TotalLines lines to $NameOfOutput"
 +echo "Start time  : $StartTime"
 +echo "Finish time : `date`"
 +
 +#output
 +#{dns-signature: [ {fqdn: againforwardweek.top,category: 3,ttl: 300}]}
 +#categoriess
 +#0=benign
 +#1=malware
 +#2=c2
 +#3=phishing
 +#4=dynamic
 +#5=new
 +#6=grayware
 +#7=parked
 +#8=proxy</code>
paloaltonetworks/api/url_testing.1598855443.txt.gz · Last modified: (external edit)