As we recently rolled out a bunch of PA firewalls, I have created a powershell script to backup the running configuration using the XML API.
You can grab the script from my github here:
The instructions are as follows:
1. Create the folder c:\panbackup\ on your Windows Server.
2. Create a local administrator on the firewall as a member of super users (read only). This will allow rights to export the full configuration with phash keys. Which means you can restore the config on a new appliance easily. The below PA documentation details how to create a local firewall administrator: Create Firewall Administrator
3. Generate your API key as follows: https:///api/?type=keygen&user=&password= You can also generate api key via cURL as per the PA documentation below:
Generate your API key
4. Test your powershell script! You may need to set the correct saving path, file names etc. Add a scheduled task and viola! Peace of mind.