1. Logsign Support Center
  2. Logsign Unified SecOps Platform
  3. Responses

Palo Alto WildFire Response Integration via API

Updated

Log in to Palo Alto Networks Customer Support Portal

Go to https://support.paloaltonetworks.com in your browser.

Sign in using your Palo Alto Networks support account credentials. If you don’t have an account, you must register using a valid support contract.

Access the API Key Management Page

After logging in, go to the Resources or Tools section.

Locate and click on “API Key Generation” or navigate directly to https://wildfire.paloaltonetworks.com

If prompted, log in again using your support account credentials.

Generate Your WildFire API Key

On the WildFire portal, locate the “Get Your API Key” section.

Click the appropriate button to generate your API key.

The system will display a long alphanumeric string – this is your API Key.

Example: f81ecb118e3e0e85875806706e26feb3

Note: This key grants access to your organization’s WildFire submissions and verdicts. Keep it confidential and do not share it publicly.

Use the API Key for Integration

Configure Integration in Logsign USO
-Log in to the Logsign Unified SO Platform (USO).
-Navigate to Responses > WildFire.
-Device Name > WildFire
-API Key: The api key you received
-Host: Select the Region where your server is located. You can find the list below.

Regions

Global cloud https://wildfire.paloaltonetworks.com/publicapi
EU cloud https://eu.wildfire.paloaltonetworks.com/publicapi
Japan cloud https://jp.wildfire.paloaltonetworks.com/publicapi
Singapore cloud https://sg.wildfire.paloaltonetworks.com/publicapi
UK cloud https://uk.wildfire.paloaltonetworks.com/publicapi
Canada cloud https://ca.wildfire.paloaltonetworks.com/publicapi
Australia cloud https://au.wildfire.paloaltonetworks.com/publicapi
Germany cloud https://de.wildfire.paloaltonetworks.com/publicapi
India cloud https://in.wildfire.paloaltonetworks.com/publicapi
Switzerland cloud https://ch.wildfire.paloaltonetworks.com/publicapi
Poland cloud https://pl.wildfire.paloaltonetworks.com/publicapi
Indonesia cloud https://id.wildfire.paloaltonetworks.com/publicapi
Taiwan cloud https://tw.wildfire.paloaltonetworks.com/publicapi
France cloud https://fr.wildfire.paloaltonetworks.com/publicapi
Qatar cloud https://qatar.wildfire.paloaltonetworks.com/publicapi
South Korea cloud https://kr.wildfire.paloaltonetworks.com/publicapi
Israel cloud https://il.wildfire.paloaltonetworks.com/publicapi
Saudi Arabia cloud https://sa.wildfire.paloaltonetworks.com/publicapi
Spain cloud https://es.wildfire.paloaltonetworks.com/publicapi

 

Verdict Values

0: Benign
1: Malware 
2: Grayware
4: Phishing
5: Command and Control (C2) 
-100: Pending (the sample exists, but there is currently no verdict) 
-101: Error 
-102: Unknown (cannot find sample record in the database) 
-103: Invalid hash value 

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more
Become a Certified Logsign User/Administrator
Sign-up for Logsign Academy and take the courses to learn about Logsign USO Platform in detail. Enjoy the courses, and get your badges and certificates. In these courses, you'll learn how to use Logsign in your work and add value to your career.
Visit Our Blog
Our Logsign USO Platform illustrate our expertise. So do the blog. Through our blog posts, deepen your knowledge on various SecOps topics or get updated about important news & modern approaches for cybersecurity. Get into the habit of reading valuable information provided by Logsign. Be a step ahead.