I'm receiving some wildfire reports in the PAN application, but not everything. I'm seeing the following in my python.log:
2015-02-17 06:56:03,100 -0800 WARNING retrieveWildFireReport:117 - Traceback (most recent call last):
File "/opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/retrieveWildFireReport.py", line 107, in wfReportXml = retrieveWildFireData(PAN_WF_APIKEY, result['serial_number'], result['report_id']).read().strip()
File "/opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/retrieveWildFireReport.py", line 84, in retrieveWildFireData result = opener.open(wfReq, post_data)
File "/opt/splunk/lib/python2.7/urllib2.py", line 410, in open response = meth(req, response)
File "/opt/splunk/lib/python2.7/urllib2.py", line 523, in http_response 'http', request, response, code, msg, hdrs)
File "/opt/splunk/lib/python2.7/urllib2.py", line 448, in error return self._call_chain(*args)
File "/opt/splunk/lib/python2.7/urllib2.py", line 382, in _call_chain result = func(*args)
File "/opt/splunk/lib/python2.7/urllib2.py", line 531, in http_error_default raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
HTTPError: HTTP Error 420: Insufficient Arguments
It almost looks like I might need to configure my device serial numbers, but I don't see that in any configuration guide I can find.
This is a partner supported app, meaning Palo Alto Networks support this app. Please contact them at btorres-gil@paloaltonetworks.com, and they can provide a bit more guidance, but I think you are on the right track.