Pan Os Rest Api Security Rule Structure
A security policy rule controlling traffic flow between zones based on source, destination, application, service, and user criteria.
Type: object
Properties: 17
Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR
SecurityRule is a JSON Structure definition published by Palo Alto Networks, describing 17 properties. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.
{
"$schema": "https://json-structure.org/meta/core/v0/#",
"$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/pan-os-rest-api-security-rule-structure.json",
"name": "SecurityRule",
"description": "A security policy rule controlling traffic flow between zones based on source, destination, application, service, and user criteria.",
"type": "object",
"properties": {
"@name": {
"type": "string",
"description": "Unique name of the security rule."
},
"from": {
"type": "object",
"properties": {
"member": {
"type": "array",
"description": "Source zones (e.g., trust, untrust).",
"items": {
"type": "string"
}
}
}
},
"to": {
"type": "object",
"properties": {
"member": {
"type": "array",
"description": "Destination zones.",
"items": {
"type": "string"
}
}
}
},
"source": {
"type": "object",
"properties": {
"member": {
"type": "array",
"description": "Source addresses or address groups (use \"any\" for all).",
"items": {
"type": "string"
}
}
}
},
"destination": {
"type": "object",
"properties": {
"member": {
"type": "array",
"description": "Destination addresses or address groups.",
"items": {
"type": "string"
}
}
}
},
"source-user": {
"type": "object",
"properties": {
"member": {
"type": "array",
"description": "Source users or user groups (use \"any\" for all).",
"items": {
"type": "string"
}
}
}
},
"application": {
"type": "object",
"properties": {
"member": {
"type": "array",
"description": "Application names (e.g., ssl, web-browsing, any).",
"items": {
"type": "string"
}
}
}
},
"service": {
"type": "object",
"properties": {
"member": {
"type": "array",
"description": "Service objects or application-default to use application native ports.",
"items": {
"type": "string"
}
}
}
},
"category": {
"type": "object",
"properties": {
"member": {
"type": "array",
"description": "URL categories.",
"items": {
"type": "string"
}
}
}
},
"action": {
"type": "string",
"description": "Action to take on matching traffic.",
"enum": [
"allow",
"deny",
"drop",
"reset-client",
"reset-server",
"reset-both"
]
},
"log-start": {
"type": "string",
"description": "Log at session start.",
"enum": [
"yes",
"no"
]
},
"log-end": {
"type": "string",
"description": "Log at session end.",
"enum": [
"yes",
"no"
]
},
"log-setting": {
"type": "string",
"description": "Log forwarding profile name."
},
"profile-setting": {
"type": "object",
"description": "Security profile group or individual profiles.",
"properties": {
"group": {
"type": "object",
"properties": {
"member": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
},
"disabled": {
"type": "string",
"description": "Whether the rule is disabled.",
"enum": [
"yes",
"no"
]
},
"description": {
"type": "string"
},
"tag": {
"type": "object",
"properties": {
"member": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
}