Custom Applications#
Custom applications allow you to define your own applications for use in security policy rules.
File Location#
Custom applications are defined in files located in:
ngfw/objects/applications
This path is defined in the settings.py module as CUSTOM_APPLICATION_SIGNATURES_FOLDER.
File format#
Applications must be defined in idividual XML files.
Create a signature in PAN-OS web-interface, export and save it to the
ngfw/objects/applications folder.
<application version="10.2.0">
<entry name="APP-windows-conn-check">
<subcategory>general-business</subcategory>
<category>business-systems</category>
<technology>client-server</technology>
<description>This signature covers connectivity checks performed by Windows OS</description>
<risk>1</risk>
<signature>
<entry name="windows-connectivity-check">
<and-condition>
<entry name="And Condition 1">
<or-condition>
<entry name="Or Condition 1">
<operator>
<pattern-match>
<qualifier>
<entry name="http-method">
<value>GET</value>
</entry>
</qualifier>
<pattern>www\.msftconnecttest\.com</pattern>
<context>http-req-host-header</context>
</pattern-match>
</operator>
</entry>
<entry name="Or Condition 2">
<operator>
<pattern-match>
<qualifier>
<entry name="http-method">
<value>HEAD</value>
</entry>
</qualifier>
<pattern>www\.msftconnecttest\.com</pattern>
<context>http-req-host-header</context>
</pattern-match>
</operator>
</entry>
</or-condition>
</entry>
<entry name="And Condition 2">
<or-condition>
<entry name="Or Condition 1">
<operator>
<pattern-match>
<pattern>\/connecttest\.txt</pattern>
<context>http-req-uri-path</context>
</pattern-match>
</operator>
</entry>
</or-condition>
</entry>
</and-condition>
<scope>protocol-data-unit</scope>
<order-free>yes</order-free>
</entry>
</signature>
<default>
<port>
<member>tcp/80</member>
</port>
</default>
<able-to-transfer-file>yes</able-to-transfer-file>
<file-type-ident>yes</file-type-ident>
<parent-app>web-browsing</parent-app>
</entry>
</application>