prisma-sdwan-apps
$
npx mdskill add automateyournetwork/netclaw/prisma-sdwan-appsLists Prisma SD-WAN application definitions for policy visibility
- Helps identify and categorize applications for policy enforcement
- Uses OAuth2 authentication with Prisma SD-WAN MCP server
- Fetches application definitions including categories and risk levels
- Delivers results as a structured list of application data
SKILL.md
.github/skills/prisma-sdwan-appsView on GitHub ↗
---
name: prisma-sdwan-apps
description: "View Prisma SD-WAN application definitions for policy visibility"
license: Apache-2.0
user-invocable: true
metadata:
openclaw:
requires:
bins: ["python3"]
env: ["PAN_CLIENT_ID", "PAN_CLIENT_SECRET", "PAN_TSG_ID"]
---
# Prisma SD-WAN Application Visibility
View application definitions in your Palo Alto Networks Prisma SD-WAN fabric. Understand which applications are defined for policy enforcement, their categories, and risk levels.
## When to Use
- Listing all application definitions in the fabric
- Finding applications by name or category
- Understanding application risk classifications
- Reviewing SaaS vs on-premise application types
- Auditing application categories for policy decisions
## MCP Server
- **Server**: `prisma-sdwan-mcp` (community MCP from iamdheerajdubey)
- **Command**: `python3 -u mcp-servers/prisma-sdwan-mcp/src/prisma_sdwan_mcp/server.py` (stdio transport)
- **Auth**: OAuth2 via `PAN_CLIENT_ID`, `PAN_CLIENT_SECRET`, `PAN_TSG_ID`
- **Region**: `PAN_REGION` (americas or europe, default: americas)
## Available Tools
| Tool | Parameters | What It Does |
|------|------------|--------------|
| `get_app_defs` | None | List all application definitions with categories and risk |
## Workflow Examples
### Application Discovery
```bash
# List all applications
"Show me all SD-WAN application definitions"
# Find specific application
"Is Office 365 defined as an application?"
# List by category
"What business applications are defined?"
```
### Risk Analysis
```bash
# Find high-risk applications
"Which applications are classified as high risk?"
# Review SaaS applications
"List all SaaS application definitions"
```
### Policy Planning
```bash
# Understand categories
"What application categories are available for policies?"
# Review productivity apps
"Show me all productivity category applications"
```
## Integration with Other Skills
- **prisma-sdwan-config**: View policies that reference these applications
- **prisma-sdwan-topology**: Understand where policies are applied
- **prisma-sdwan-status**: Check if app-based policies are working
## Response Examples
### Application Definitions Response
```json
{
"applications": [
{
"id": "app001",
"name": "office365",
"display_name": "Microsoft Office 365",
"category": "business",
"subcategory": "productivity",
"risk": "low",
"app_type": "saas"
},
{
"id": "app002",
"name": "zoom",
"display_name": "Zoom Video Communications",
"category": "business",
"subcategory": "conferencing",
"risk": "low",
"app_type": "saas"
}
],
"total_count": 250
}
```
## Error Handling
| Error Code | Meaning | Resolution |
|------------|---------|------------|
| AUTH_FAILED | OAuth2 authentication failed | Verify PAN_CLIENT_ID, PAN_CLIENT_SECRET, PAN_TSG_ID |
| RATE_LIMITED | API rate limit exceeded | Wait and retry |
## Notes
- Read-only operations - no ServiceNow CR gating required
- Application definitions are fabric-wide (not per-site)
- Risk levels: low, medium, high
- App types: saas, on-premise, custom
- All operations logged to GAIT audit trail
More from automateyournetwork/netclaw
- aap-automationRed Hat Ansible Automation Platform — inventory management, job template execution, project SCM sync, ad-hoc commands, host management, Galaxy content discovery. Use when automating infrastructure with Ansible, running playbooks, managing inventories, or searching for Ansible collections and roles.
- aap-edaEvent-Driven Ansible (EDA) — activation lifecycle, rulebook management, decision environments, event stream monitoring. Use when managing event-driven automation triggers, enabling/disabling activations, or reviewing EDA rulebooks.
- aap-lintansible-lint playbook and role validation — syntax checking, best practice enforcement, project-wide analysis, rule filtering. Use when validating Ansible playbooks, checking code quality, or enforcing automation best practices before deployment.
- aci-change-deploySafe ACI policy change deployment - ServiceNow CR lifecycle, pre/post-change fault baselines, APIC policy application, automatic rollback on fault delta, and GAIT audit trail. Use when deploying ACI policy changes, creating tenants or EPGs, pushing config to APIC, or running a change window with rollback protection.
- aci-fabric-auditComprehensive Cisco ACI fabric health audit - node status, tenant/VRF/BD/EPG policy review, contract analysis, fault triage, and endpoint learning verification. Use when auditing ACI fabric health, checking for faults, reviewing tenant policies, or running pre/post-change baselines on APIC.
- arista-cvpArista CloudVision Portal (CVP) automation via REST API — device inventory, events, connectivity monitoring, tag management (4 tools). Use when managing Arista devices, checking CloudVision events, monitoring network connectivity probes, or tagging devices in CVP.
- aruba-cx-configView and manage Aruba CX switch configurations, perform ISSU upgrades, and firmware operations
- aruba-cx-interfacesMonitor Aruba CX switch interface status, LLDP neighbors, and optical transceiver health
- aruba-cx-switchingView and manage Aruba CX switch VLANs and MAC address tables for Layer 2 operations
- aruba-cx-systemDiscover Aruba CX switch system information, firmware versions, and VSF topology