Differences

This shows you the differences between two versions of the page.

--- paloaltonetworks:api:url_testing [2022/02/12 10:09] – bstafford
+++ paloaltonetworks:api:url_testing [2022/11/23 12:49] (current) – external edit 127.0.0.1
@@ Line 41: / Line 41: @@
   echo "Processing line $Counter of $TotalLines"
-  curl --insecure -g -s -X GET $URL | grep Cloud | sed 's/(Cloud db)//g' | sed 's/\ /,/g' | sed 's/,$//g' >> $NameOfOutput
+  curl --insecure -g -s -X GET $URL | grep Cloud | sed 's/(Cloud db)//g' | sed 's/\ /,/g' | sed 's/,,/,/g' |  sed 's/,$//g' >> $NameOfOutput
 done < "$1"
@@ Line 51: / Line 51: @@
 echo "Finish time : `date`"
 </code>
+===== Check DNS From File List =====
+<code>#!/bin/bash
+Counter=0
+NameOfOutput=cleandns.csv
+TotalLines=`wc -l $1 | awk -F " " '{print $1}'`
+StartTime=`date`
+echo " "
+echo "Writing $TotalLines lines to $NameOfOutput"
+echo "Starting at $StartTime"
+echo " "
+while IFS='' read -r LinefromFile || [[ -n "${LinefromFile}" ]]; do
+  ((Counter++))
+  KEY="asdfasdfasdfasdfppRjRXYW82Z3ZQVlJ5VasdfasdfasdfasdfXN3MmdZcGY1VUduTUUxT2xRellOak9BUCtNV21UV0xTWWovUzBKMktasdfasdfasdfasdf=="
+  CMD="<test><dns-proxy><dns-signature><fqdn>${LinefromFile}</fqdn></dns-signature></dns-proxy></test>"
+  URL="https://192.168.99.10/api/?key=$KEY&type=op&cmd=$CMD"
+  echo "Processing line $Counter of $TotalLines"
+  curl --insecure -g -s -X GET $URL | grep result | sed s/\"//g | sed s/'{dns-signature: \[ {fqdn: '//g | sed s/'category: '//g | sed s/'ttl: '//g | sed s/}]}//g | sed s/"<\/result><\/response>"//g | sed s/"<response status=success><result>"//g >> $NameOfOutput
+done < "$1"
+echo " "
+echo "************************************************************"
+echo "Finished writing $TotalLines lines to $NameOfOutput"
+echo "Start time  : $StartTime"
+echo "Finish time : `date`"
+#output
+#{dns-signature: [ {fqdn: againforwardweek.top,category: 3,ttl: 300}]}
+#categoriess
+#0=benign
+#1=malware
+#2=c2
+#3=phishing
+#4=dynamic
+#5=new
+#6=grayware
+#7=parked
+#8=proxy</code>