Cortex Data Lake Quickstart

note

The following guide will walk you through making your first API request to the Cortex Data Lake.

Choose a Language

Python NodeJS Java

SDK Installation

pip install pan-cortex-data-lake

Authentication

Perhaps the easiest way to get started is by leveraging a Developer Token provided by the API Explorer's token redemption service. See Developer Tokens for details.

Export environment variables:

export PAN_DEVELOPER_TOKEN=<your_developer_token>
export PAN_DEVELOPER_TOKEN_PROVIDER=https://app.apiexplorer.rocks/request_token

Instantiate credentials object

from pan_cortex_data_lake import Credentials
c = Credentials()

Verify credentials

Next, let's test to make sure the credentials object is working as expected:

c.refresh()

Example output:

>>> c.refresh()
'eyJ...<your_access_token>'

Basic usage

Now that your credentials are set, let's make our first API request!

1. Import the package:

from pan_cortex_data_lake import QueryService

2. Construct a Query Service object

qs = QueryService(credentials=c)

3. Define a SQL statement

SQL = "SELECT source_ip, dest_ip from `<tenant_id>.firewall.traffic` LIMIT 5"

4. Perform the query

q = qs.create_query(query_params={"query": SQL})

5. Print the output

job_id = q.json()["jobId"]
for p in qs.iter_job_results(job_id=job_id):
print(p.text)

Example output:

(output formatted for display purposes)

{
"jobId": "9c276960-d0ef-49e5-8da8-31aaab27ee96",
"state": "DONE",
"rowsInJob": 5,
"rowsInPage": 5,
"page": {
"pageCursor": null,
"result": {
"data": [
{
"source_ip": {
"value": "10.154.1.20",
"hex": "00000000000000000000ffff0a9a0114"
},
"dest_ip": {
"value": "212.180.157.132",
"hex": "00000000000000000000ffffd4b49d84"
}
},
{
"source_ip": {
"value": "10.154.1.20",
"hex": "00000000000000000000ffff0a9a0114"
},
"dest_ip": {
"value": "212.180.157.132",
"hex": "00000000000000000000ffffd4b49d84"
}
},
{
"source_ip": {
"value": "10.154.1.20",
"hex": "00000000000000000000ffff0a9a0114"
},
"dest_ip": {
"value": "212.180.157.132",
"hex": "00000000000000000000ffffd4b49d84"
}
},
{
"source_ip": {
"value": "10.154.1.20",
"hex": "00000000000000000000ffff0a9a0114"
},
"dest_ip": {
"value": "212.180.157.132",
"hex": "00000000000000000000ffffd4b49d84"
}
},
{
"source_ip": {
"value": "10.154.1.20",
"hex": "00000000000000000000ffff0a9a0114"
},
"dest_ip": {
"value": "212.180.157.132",
"hex": "00000000000000000000ffffd4b49d84"
}
}
]
}
},
"resultFormat": "valuesDictionary"
}

Complete Example

(Previous code snippets in a single block)

from pan_cortex_data_lake import Credentials, QueryService
c = Credentials()
qs = QueryService(credentials=c)
SQL = "SELECT source_ip, dest_ip from `<tenant_id>.firewall.traffic` LIMIT 5"
q = qs.create_query(query_params={"query": SQL})
job_id = q.json()["jobId"]
for p in qs.iter_job_results(job_id=job_id):
print(p.text)
Last updated on by Steven Serrata