Looking to make simple changes to a Palo Alto config from Slack… basically hand it a policy name and an argument (enable/disable) to allow us to easily turn on/off a couple of rules.
I’ve been able to determine that the xpath of the rule is:
/config/devices/entry[@name=‘localhost.localdomain’]/vsys/entry[@name=‘vsys1’]/rulebase/security/rules/entry[@name=‘InsightConnect State’]
but I’m unclear on the next step, handing the element over to do the change. If I want to simply disable the “InsightConnect State” rule, what would the element be? Something like /member[@name=‘disabled’]=True?
Thanks