ruby-paloalto-client 0.0.1 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bdc9c84ff0f1d1f1e1abde649da826eba4e47288
-  data.tar.gz: ae3c9a3e01f7d336561c33e2754423192b6b159b
+  metadata.gz: 891c7018edef362497d303ebdc67fa8bb8302f3a
+  data.tar.gz: 57b28f4a5d6e4efe54cf3477aa6a3ac85cd9f893
 SHA512:
-  metadata.gz: bd186bd765e99f2398e47dded35b8d79d552691d4d002922e95c17722ba7ae6fbb7eb8a76d44b2ff313e31f70616c473cb5cae534d81d7e4e5756e6dd47fc250
-  data.tar.gz: 7274bf968c19fba909e672ffe1ea65a2ca38b474dfe33cfb9cbfb44feff0340d9318714c28e65d139a6af3e33bb55de8fddeeb9694cdb8cb013279b05e62a041
+  metadata.gz: 8590c3367f11adab04ffe41ef95522921e830d3493b0c5db0821552f4755cd6ac76b9c143fdc656759b1b7a12c7fe664f0d08f099454aee64396eb1390b0279a
+  data.tar.gz: e1ca7bc8ca9189e0a14cac849e1780e467ac91e3021c2375e1d9872327857b05c69a7b4b43e5c872f82d7872525698360e32b54a5700d6e27bb8027e5381757f

data/README.md

@@ -150,3 +150,43 @@ address_groups = pa_client.address_groups
 
 address_group = address_groups[0]
 ```
+
+### Logs
+
+The logs interface allows capturing logs from the PaloAlto device. This process is an asynchronous task and requires
+triggering a job on the PaloAlto device to generate the logs, and then fetching the logs from the device when the
+job has been completed. If the log job has not yet completed, an Exception is raised indicating that the Job
+has not yet completed and the logs are not yet available.
+
+#### Traffic Logs
+
+To capture traffic logs from the PaloAlto device, perform the following:
+
+```bash
+# create log generation job and capture the job_id
+log_job_id = pa_client.generate_logs(log_type: "traffic")
+
+# query for the logs - job has not yet completed, Exception is raised
+pa_client.get_logs(job_id: log_job_id)
+
+=> Exception: "Log job with ID '12345' is still in progress"
+
+# query for the logs - job has completed, log array is returned
+pa_client.get_logs(job_id: log_job_id)
+
+=> [#<PaloAlto::Models::TrafficLogEntry:0x0000000295ec30 @id="6143315061768195499", @serial="001606017466", @seqno="3936876", @type="TRAFFIC", @domain="1", @receive_time="2015/04/30 08:44:51", @actionflags="0x0", @subtype="end", @config_ver="1", @time_generated="2015/04/30 08:44:51", @src="192.168.5.156", @dst="192.168.4.3", @rule="allow global-protect-ssl", @srcloc="CN", @dstloc="US", @app="insufficient-data", @vsys="vsys1", @from="outside", @to="outside", @inbound_if="ethernet1/3", @outbound_if="ethernet1/3", @time_received="2015/04/30 08:44:51", @sessionid="3396", @repeatcnt="1", @sport="60000", @dport="5632", @natsport="0", @natdport="0", @flags="0", @flag_pcap="no", @flag_flagged="no", @flag_proxy="no", @flag_url_denied="no", @flag_nat="no", @captive_portal="no", @exported="no", @transaction="no", @pbf_c2s="no", @pbf_s2c="no", @temporary_match="no", @sym_return="no", @decrypt_mirror="no", @proto="udp", @action="allow", @cpadding="0", @bytes="60", @bytes_sent="60", @bytes_received="0", @packets="1", @start="2015/04/30 08:43:51", @elapsed="0", @category="any", @padding="0", @pkts_sent="1", @pkts_received="0">]
+```
+
+#### System Logs
+
+To capture system logs from the PaloAlto device, perform the following:
+
+```bash
+# create log generation job and capture the job_id
+log_job_id = pa_client.generate_logs(log_type: "system")
+
+# query for the logs - job has completed, log array is returned
+pa_client.get_logs(job_id: log_job_id)
+
+=> [#<PaloAlto::Models::SystemLogEntry:0x000000020535c8 @log_id="6143315061768192081", @serial="001606017466", @seqno="122200", @type="SYSTEM", @domain="1", @receive_time="2015/04/30 09:16:23", @actionflags="0x0", @subtype="general", @config_ver="0", @time_generated="2015/04/30 09:16:23", @eventid="general", @fmt="0", @id="0", @module="general", @severity="informational", @opaque="User jkarimi logged out via Web from 10.0.0.4">, #<PaloAlto::Models::SystemLogEntry:0x0000000204ae28 @log_id="6143315061768192080", @serial="001606017466", @seqno="122199", @type="SYSTEM", @domain="1", @receive_time="2015/04/30 09:16:23", @actionflags="0x0", @subtype="general", @config_ver="0", @time_generated="2015/04/30 09:16:23", @eventid="general", @fmt="0", @id="0", @module="general", @severity="informational", @opaque="User jkarimi logged in via Web from 10.0.0.4 using https">, #<PaloAlto::Models::SystemLogEntry:0x00000002042840 @log_id="6143315061768192079", @serial="001606017466", @seqno="122198", @type="SYSTEM", @domain="1", @receive_time="2015/04/30 09:16:23", @actionflags="0x0", @subtype="general", @config_ver="0", @time_generated="2015/04/30 09:16:23", @eventid="auth-success", @fmt="0", @id="0", @module="general", @severity="informational", @opaque="User 'jkarimi' authenticated. Profile Active Directory via ACS in an authentication sequence Radius-then-Local succeeded.  From: 10.0.0.4.">]
+```

data/lib/{palo-alto → palo_alto}/client/version.rb

@@ -1,5 +1,5 @@
 module PaloAlto
   module Client
-    VERSION = "0.0.1"
+    VERSION = "0.0.2"
   end
 end

data/lib/{palo-alto → palo_alto}/client.rb

@@ -1,6 +1,6 @@
-require "palo-alto/client/version"
-require "palo-alto/common/base-api"
-require "palo-alto/helpers/rest"
+require "palo_alto/client/version"
+require "palo_alto/common/base_api"
+require "palo_alto/helpers/rest"
 
 module PaloAlto
   module Client

data/lib/{palo-alto → palo_alto}/helpers/rest.rb

@@ -1,4 +1,4 @@
-require "rest-client"
+require "rest_client"
 
 module PaloAlto
   module Helpers

data/lib/palo_alto/models/log_entry.rb

@@ -0,0 +1,93 @@
+module PaloAlto
+  module Models
+    class LogEntry
+      attr_accessor :log_id, :serial, :seqno, :type
+
+      SUPPORTED_TYPES = [ "traffic", "system", "data" ]
+
+      # Create and returns a new PaloAlto::Models::LogEntry instance with the given parameters
+      #
+      # == Attributes
+      #
+      # * +log_id+    - Unique ID of the log
+      # * +serial+    - Serial number of the log
+      # * +seqno+     - Sequence number of the log
+      # * +type+      - Type of log
+      # * +add_attrs+ - Additional attributes to create setters/getters for
+      #
+      # == Example
+      #
+      #  PaloAlto::Models::LogEntry.new serial: '9390235701',
+      #                                 seqno:  '2',
+      #                                 type:   'TRAFFIC'
+      def initialize(log_id:, serial:, seqno:, type:, addl_attrs: [])
+        self.log_id = log_id
+        self.serial = serial
+        self.seqno  = seqno
+        self.type   = type
+
+        # dynamically create setter/getter methods
+        addl_attrs.each do |attr|
+          self.instance_eval("def #{attr}; @#{attr}; end")
+          self.instance_eval("def #{attr}=(val); @#{attr}=val; end")
+        end
+
+        self
+      end
+
+      # Construct a log from the incoming Nokogiri XML data type
+      #
+      # == Attributes
+      #
+      # * +log_xml+ - Nokogiri element containing the log element
+      #
+      # == Example
+      #
+      #  PaloAlto::Models::LogEntry.from_xml xml_data: log_xml
+      def self.from_xml(xml_data:)
+        log_instance = nil
+        log_type     = xml_data.xpath('.//type')[0]
+
+        if log_type.nil? or (log_type_string = log_type.content).nil?
+          raise "Log type is unknown"
+        else
+          # construct the log instance based on supported known log types
+          begin
+            # get the minimum required attributes for creating any log type
+            log_id          = xml_data.xpath('@logid')[0].content
+            serial_number   = xml_data.xpath('.//serial')[0].content
+            sequence_number = xml_data.xpath('.//seqno')[0].content
+
+            case log_type_string.downcase
+            when "traffic"
+              log_instance = PaloAlto::Models::TrafficLogEntry.new(log_id: log_id, serial: serial_number, seqno: sequence_number)
+            when "system"
+              log_instance = PaloAlto::Models::SystemLogEntry.new(log_id: log_id, serial: serial_number, seqno: sequence_number)
+            else
+              raise "Log type '#{log_type_string}' is unsupported at this time"
+            end
+          rescue Exception => e
+            raise "Could not find a required attribute for the specified log type: #{e.message}"
+          end
+
+          begin
+            # normalize the attributes and dynamically assign them based on the XML data
+            xml_data.xpath('.//*').each do |attr|
+              unless [ "log_id", "serial", "seqno", "type" ].include?(attr.name)
+                log_instance.send("#{attr.name.gsub('-', '_')}=", attr.content)
+              end
+            end
+          rescue Exception => e
+            raise "Unsupported attribute type: #{e.message}"
+          end
+        end
+
+        return log_instance
+      end
+    end
+  end
+end
+
+# load required libraries - required after definition to avoid potential circular dependencies
+require "palo_alto/models/traffic_log_entry"
+require "palo_alto/models/system_log_entry"

data/lib/palo_alto/models/system_log_entry.rb

@@ -0,0 +1,29 @@
+require "palo_alto/models/log_entry"
+
+module PaloAlto
+  module Models
+    class SystemLogEntry < PaloAlto::Models::LogEntry
+      attr_accessor :domain, :receive_time, :actionflags, :subtype, :config_ver, :time_generated,
+                    :eventid, :fmt, :id, :module, :severity, :opaque, :object
+
+      # Create and returns a new PaloAlto::Models::LogEntry instance with the given parameters
+      #
+      # == Attributes
+      #
+      # * +log_id+ - ID of the log
+      # * +serial+ - Serial number of the log
+      # * +seqno+  - Sequence number of the log
+      #
+      # == Example
+      #
+      #  PaloAlto::Models::SystemLogEntry.new log_id: '23954702',
+      #                                       serial: '9390235701',
+      #                                       seqno:  '2'
+      def initialize(log_id:, serial:, seqno:)
+        super(log_id: log_id, serial: serial, seqno: seqno, type: 'SYSTEM')
+
+        self
+      end
+    end
+  end
+end

data/lib/palo_alto/models/traffic_log_entry.rb

@@ -0,0 +1,33 @@
+require "palo_alto/models/log_entry"
+
+module PaloAlto
+  module Models
+    class TrafficLogEntry < PaloAlto::Models::LogEntry
+      attr_accessor :domain, :receive_time, :actionflags, :subtype, :config_ver, :time_generated, :src, :dst,
+                    :rule, :srcloc, :dstloc, :app, :vsys, :from, :to, :inbound_if, :outbound_if, :time_received,
+                    :sessionid, :repeatcnt, :sport, :dport, :natsport, :natdport, :flags, :flag_pcap, :pcap_file, :flag_flagged,
+                    :flag_proxy, :flag_url_denied, :flag_nat, :captive_portal, :exported, :transaction, :pbf_c2s, :natdst,
+                    :pbf_s2c, :temporary_match, :sym_return, :decrypt_mirror, :proto, :action, :cpadding, :bytes, :natsrc,
+                    :bytes_sent, :bytes_received, :packets, :start, :elapsed, :category, :padding, :pkts_sent, :pkts_received
+
+      # Create and returns a new PaloAlto::Models::LogEntry instance with the given parameters
+      #
+      # == Attributes
+      #
+      # * +log_id+ - Unique ID of the log
+      # * +serial+ - Serial number of the log
+      # * +seqno+  - Sequence number of the log
+      #
+      # == Example
+      #
+      #  PaloAlto::Models::TrafficLogEntry.new log_id: '23954702',
+      #                                        serial: '9390235701',
+      #                                        seqno:  '2'
+      def initialize(log_id:, serial:, seqno:)
+        super(log_id: log_id, serial: serial, seqno: seqno, type: 'TRAFFIC')
+
+        self
+      end
+    end
+  end
+end

data/lib/{palo-alto/v6/address-api.rb → palo_alto/v6/address_api.rb}

@@ -1,4 +1,4 @@
-require "palo-alto/models/address"
+require "palo_alto/models/address"
 
 module PaloAlto
   module V6

data/lib/{palo-alto/v6/address-group-api.rb → palo_alto/v6/address_group_api.rb}

@@ -1,5 +1,5 @@
-require "palo-alto/models/address-group"
-require "palo-alto/models/address"
+require "palo_alto/models/address_group"
+require "palo_alto/models/address"
 
 module PaloAlto
   module V6

data/lib/{palo-alto → palo_alto}/v6/api.rb

@@ -1,7 +1,8 @@
-require "palo-alto/v6/device-api"
-require "palo-alto/v6/virtual-system-api"
-require "palo-alto/v6/address-api"
-require "palo-alto/v6/address-group-api"
+require "palo_alto/v6/device_api"
+require "palo_alto/v6/virtual_system_api"
+require "palo_alto/v6/address_api"
+require "palo_alto/v6/address_group_api"
+require "palo_alto/v6/log_api"
 
 module PaloAlto
   module V6
@@ -11,6 +12,7 @@ module PaloAlto
       include PaloAlto::V6::VirtualSystemApi
       include PaloAlto::V6::AddressApi
       include PaloAlto::V6::AddressGroupApi
+      include PaloAlto::V6::LogApi
     end
   end
 end

data/lib/{palo-alto/v6/device-api.rb → palo_alto/v6/device_api.rb}

@@ -1,5 +1,5 @@
-require "palo-alto/models/device"
-require "palo-alto/models/virtual-system"
+require "palo_alto/models/device"
+require "palo_alto/models/virtual_system"
 
 module PaloAlto
   module V6

data/lib/palo_alto/v6/log_api.rb

@@ -0,0 +1,189 @@
+require "palo_alto/models/log_entry"
+
+module PaloAlto
+  module V6
+    module LogApi
+      MIN_LOG_REQUEST = 20
+      MAX_LOG_REQUEST = 5000
+
+      # Kicks off a job to generate logs asynchronously
+      #
+      # == Parameters
+      #
+      #  * +log_type+ - Type of log to generate
+      #  * +query+    - Query string to use for log generation
+      #  * +num_logs+ - Number of log entries to query for (check MIN/MAX range for specifics)
+      #
+      # == Returns
+      #
+      #  * +String+ - String containing the Job ID
+      #
+      # == Raises
+      #
+      #  * +Exception+ - Raises an exception if the request is unsuccessful or an
+      #                  invalid log_type parameter is passed
+      def generate_logs(log_type:, query: "", num_logs: MIN_LOG_REQUEST)
+        raise "Invalid log_type - must be one of #{PaloAlto::Models::LogEntry::SUPPORTED_TYPES}" unless PaloAlto::Models::LogEntry::SUPPORTED_TYPES.include?(log_type)
+        raise "num_logs must be within range (#{MIN_LOG_REQUEST}..#{MAX_LOG_REQUEST})" unless (MIN_LOG_REQUEST..MAX_LOG_REQUEST) === num_logs
+
+        log_job_id = ''
+
+        # configure options for the request
+        options = {}
+        options[:url]     = self.endpoint
+        options[:method]  = :post
+        options[:payload] = { :type       => "log",
+                              :'log-type' => log_type,
+                              :key        => self.auth_key,
+                              :query      => query,
+                              :nlogs      => num_logs.to_s }
+
+        html_result = Helpers::Rest.make_request(options)
+
+        raise "Error obtaining log job XML" if html_result.nil?
+
+        # parse the XML data
+        data          = Nokogiri::XML(html_result)
+        response_code = data.xpath('//response/@status').to_s
+
+        if response_code == "success"
+          log_job_id = data.xpath('//response/result/job')[0].content.to_s
+        else
+          raise "Error in response XML: #{data.inspect}"
+        end
+
+        log_job_id
+      end
+
+      # Gets the status of a log job based on the Job ID
+      #
+      # == Parameters
+      #
+      # * +job_id+ - ID of the job that is generating the logs
+      #
+      # == Returns
+      #
+      # * +Boolean+ - True if job is complete, false if job is still processing
+      #
+      # == Raises
+      #
+      # * +Exception+ - Raises an exception if the request is unsuccessful
+      def log_job_complete?(job_id:)
+        status        = false
+        xml_data      = get_log_xml(job_id: job_id)
+        response_code = get_log_xml_response_code(xml_data: xml_data)
+
+        if response_code == "success"
+          job_status = get_log_job_status(xml_data: xml_data)
+          status = true if job_status == "FIN"
+        else
+          raise "Error in response XML: #{data.inspect}"
+        end
+
+        status
+      end
+
+      # Gets a set of logs based on the Job ID
+      #
+      # == Parameters
+      #
+      #  * +job_id+ - ID of the job that generated the logs
+      #
+      # == Returns
+      #
+      #  * +Array+ - Array of Strings that are the log messages
+      #
+      # == Raises
+      #
+      #  * +Exception+ - Raises an exception if the request is unsuccessful
+      def get_logs(job_id:)
+        logs          = []
+        xml_data      = get_log_xml(job_id: job_id)
+        response_code = get_log_xml_response_code(xml_data: xml_data)
+
+        if response_code == "success"
+          job_status = get_log_job_status(xml_data: xml_data)
+
+          if job_status == "FIN"
+            xml_data.xpath('//response/result/log/logs/*').each do |log_xml|
+              logs << PaloAlto::Models::LogEntry.from_xml(xml_data: log_xml)
+            end
+          else
+            raise "Log job with ID '#{job_id}' is still in progress"
+          end
+        else
+          raise "Error in response XML: #{data.inspect}"
+        end
+
+        logs
+      end
+
+      private
+
+      # Retrieves the XML file for a given Job ID and returns the data in XML format
+      #
+      # == Parameters
+      #
+      # * +job_id+ - ID of the job to retrieve data for
+      #
+      # == Returns
+      #
+      # * +Nokogiri::XML::Document+ - XML data structure containing the response data from the job request
+      #
+      # == Raises
+      #
+      # * +Exception+ - Raises an exception if the request is unsuccessful
+      def get_log_xml(job_id:)
+        options = {}
+        options[:url]     = self.endpoint
+        options[:method]  = :post
+        options[:payload] = { :type     => "log",
+                              :action   => :get,
+                              :'job-id' => job_id,
+                              :key      => self.auth_key }
+
+        html_result = Helpers::Rest.make_request(options)
+
+        raise "Error obtaining log job XML" if html_result.nil?
+
+        Nokogiri::XML(html_result)
+      end
+
+      # Retrieves the response code from an XML data object
+      #
+      # == Parameters
+      #
+      # * +xml_data+ - Nokogiri::XML::Document object containing the XML data to parse
+      #
+      # == Returns
+      #
+      # * +String+ - String containing the response code returned in the XML data
+      #
+      # == Raises
+      #
+      # * +Exception+ - Raises an exception if the input data is not a valid Nokogiri::XML::Document
+      def get_log_xml_response_code(xml_data:)
+        raise "xml_data must be a valid Nokogiri::XML::Document type" unless xml_data.is_a?(Nokogiri::XML::Document)
+        xml_data.xpath('//response/@status').to_s
+      end
+
+      # Retrieves the job status from an XML data object
+      #
+      # == Parameters
+      #
+      # * +xml_data+ - Nokogiri::XML::Document object containing the XML data to parse
+      #
+      # == Returns
+      #
+      # * +String+ - String containing the job status returned in the XML data
+      #
+      # == Raises
+      #
+      # * +Exception+ - Raises an exception if the input data is not a valid Nokogiri::XML::Document
+      def get_log_job_status(xml_data:)
+        raise "xml_data must be a valid Nokogiri::XML::Document type" unless xml_data.is_a?(Nokogiri::XML::Document)
+        xml_data.xpath('//response/result/job/status')[0].content.to_s
+      end
+    end
+  end
+end

data/lib/{palo-alto/v6/virtual-system-api.rb → palo_alto/v6/virtual_system_api.rb}

@@ -1,7 +1,7 @@
-require "palo-alto/models/virtual-system"
-require "palo-alto/models/address"
-require "palo-alto/models/address-group"
-require "palo-alto/models/rulebase"
+require "palo_alto/models/virtual_system"
+require "palo_alto/models/address"
+require "palo_alto/models/address_group"
+require "palo_alto/models/rulebase"
 
 module PaloAlto
   module V6

data/ruby-paloalto-client.gemspec

@@ -1,7 +1,7 @@
 # coding: utf-8
 lib = File.expand_path('../lib', __FILE__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'palo-alto/client/version'
+require 'palo_alto/client/version'
 
 Gem::Specification.new do |spec|
   spec.name          = "ruby-paloalto-client"

data/spec/fixtures/blank_traffic_logs.xml

@@ -0,0 +1,27 @@
+<response status="success">
+  <result>
+    <job>
+      <tenq>12:18:28</tenq>
+      <tdeq>12:18:28</tdeq>
+      <tlast>12:18:32</tlast>
+      <status>FIN</status>
+      <id>2023</id>
+    </job>
+    <log>
+      <logs count="0" progress="100">
+      </logs>
+    </log>
+    <meta>
+      <devices>
+        <entry name="localhost.localdomain">
+          <hostname>localhost.localdomain</hostname>
+          <vsys>
+            <entry name="vsys1">
+              <display-name>vsys1</display-name>
+            </entry>
+          </vsys>
+        </entry>
+      </devices>
+    </meta>
+  </result>
+</response>

data/spec/fixtures/log_complete.xml

@@ -0,0 +1,81 @@
+<response status="success"><result>
+  <job>
+    <tenq>15:00:31</tenq>
+    <tdeq>15:00:31</tdeq>
+    <tlast>15:00:32</tlast>
+    <status>FIN</status>
+    <id>2015</id>
+  </job>
+  <log>
+    <logs count="1" progress="100">
+      <entry logid="6155931957696928918">
+        <domain>1</domain>
+        <receive_time>2015/06/03 15:00:13</receive_time>
+        <serial>001606017466</serial>
+        <seqno>4086925</seqno>
+        <actionflags>0x0</actionflags>
+        <type>TRAFFIC</type>
+        <subtype>end</subtype>
+        <config_ver>1</config_ver>
+        <time_generated>2015/06/03 15:00:13</time_generated>
+        <src>192.168.80.50</src>
+        <dst>192.168.80.51</dst>
+        <rule>temp allow ping</rule>
+        <srcloc>10.0.0.0-10.255.255.255</srcloc>
+        <dstloc>192.168.0.0-192.168.255.255</dstloc>
+        <app>insufficient-data</app>
+        <vsys>vsys1</vsys>
+        <from>inside</from>
+        <to>outside</to>
+        <inbound_if>ethernet1/2</inbound_if>
+        <outbound_if>ethernet1/3</outbound_if>
+        <time_received>2015/06/03 15:00:13</time_received>
+        <sessionid>22301</sessionid>
+        <repeatcnt>1</repeatcnt>
+        <sport>388</sport>
+        <dport>546</dport>
+        <natsport>0</natsport>
+        <natdport>0</natdport>
+        <flags>0</flags>
+        <flag-pcap>no</flag-pcap>
+        <flag-flagged>no</flag-flagged>
+        <flag-proxy>no</flag-proxy>
+        <flag-url-denied>no</flag-url-denied>
+        <flag-nat>no</flag-nat>
+        <captive-portal>no</captive-portal>
+        <exported>no</exported>
+        <transaction>no</transaction>
+        <pbf-c2s>no</pbf-c2s>
+        <pbf-s2c>no</pbf-s2c>
+        <temporary-match>no</temporary-match>
+        <sym-return>no</sym-return>
+        <decrypt-mirror>no</decrypt-mirror>
+        <proto>udp</proto>
+        <action>allow</action>
+        <cpadding>0</cpadding>
+        <bytes>476</bytes>
+        <bytes_sent>476</bytes_sent>
+        <bytes_received>0</bytes_received>
+        <packets>2</packets>
+        <start>2015/06/03 14:59:40</start>
+        <elapsed>3</elapsed>
+        <category>any</category>
+        <padding>0</padding>
+        <pkts_sent>2</pkts_sent>
+        <pkts_received>0</pkts_received>
+      </entry>
+    </logs>
+  </log>
+  <meta>
+    <devices>
+      <entry name="localhost.localdomain">
+        <hostname>localhost.localdomain</hostname>
+        <vsys>
+          <entry name="vsys1">
+            <display-name>vsys1</display-name>
+          </entry>
+        </vsys>
+      </entry>
+    </devices>
+  </meta>
+</result></response>

data/spec/fixtures/log_in_progress.xml

@@ -0,0 +1,28 @@
+<?xml version="1.0"?>
+<response status="success">
+  <result>
+  <job>
+    <tenq>15:22:46</tenq>
+    <tdeq>15:22:46</tdeq>
+    <tlast>19:00:00</tlast>
+    <status>ACT</status>
+    <id>2015</id>
+  </job>
+  <log>
+    <logs count="0" progress="0">
+    </logs>
+  </log>
+  <meta>
+    <devices>
+      <entry name="localhost.localdomain">
+        <hostname>localhost.localdomain</hostname>
+        <vsys>
+          <entry name="vsys1">
+            <display-name>vsys1</display-name>
+          </entry>
+        </vsys>
+      </entry>
+    </devices>
+  </meta>
+</result>
+</response>

data/spec/fixtures/log_job.xml

@@ -0,0 +1,8 @@
+<response status="success" code="19">
+  <result>
+    <msg>
+      <line>query job enqueued with jobid 2014</line>
+    </msg>
+    <job>2014</job>
+  </result>
+</response>