Public/Get-PaSecurityPolicy.ps1

function Get-PaSecurityPolicy {
    [CmdletBinding()]
    Param (
        [Parameter(ParameterSetName = "rulebase", Mandatory = $False, Position = 0)]
        [Parameter(ParameterSetName = "prerulebase", Mandatory = $False, Position = 0)]
        [Parameter(ParameterSetName = "postrulebase", Mandatory = $False, Position = 0)]
        [string]$Name,

        [Parameter(ParameterSetName = "prerulebase", Mandatory = $True)]
        [switch]$PreRulebase,

        [Parameter(ParameterSetName = "postrulebase", Mandatory = $True)]
        [switch]$PostRulebase
    )

    BEGIN {
        $VerbosePrefix = "Get-PaSecurityPolicy:"

        # get the right xpath (panorama vs regular)
        switch ($PsCmdlet.ParameterSetName) {
            'postrulebase' {
                $XPathNode = 'post-rulebase/security/rules'
            }
            'prerulebase' {
                $XPathNode = 'pre-rulebase/security/rules'
            }
            'rulebase' {
                $XPathNode = 'rulebase/security/rules'
            }
        }

        $ResponseNode = 'rules'
        $Xpath = $Global:PaDeviceObject.createXPath($XPathNode, $null)
    }

    PROCESS {
        if ($null -ne $Global:PaDeviceObject.Config) {
            $Entries = $global:PaDeviceObject.Config.config.devices.entry.vsys.entry.rulebase.security.rules.entry
        } else {
            $Response = Invoke-PaApiConfig -Get -Xpath $XPath
            if ($Response.response.result.$ResponseNode) {
                $Entries = $Response.response.result.$ResponseNode.entry
            } else {
                $Entries = $Response.response.result.entry
            }
        }

        $ReturnObject = @()
        $i = 0
        foreach ($entry in $Entries) {
            $i++
            # Initialize object, add to returned array
            $Object = [PaSecurityPolicy]::new([HelperXml]::parseCandidateConfigXml($entry.name, $false))
            $ReturnObject += $Object


            # General
            $Object.Number = $i
            $Object.RuleType = [HelperXml]::parseCandidateConfigXml($entry.'rule-type', $false)
            $Object.Description = [HelperXml]::parseCandidateConfigXml($entry.description, $false)
            $Object.Tags = [HelperXml]::GetMembersFromXml($entry.tag)

            $Disabled = [HelperXml]::parseCandidateConfigXml($entry.'disabled', $false)
            if ($Disabled) {
                $Object.LogAtSessionEnd = [HelperApi]::TranslatePaToBool($Disabled, $Object.Disabled)
            }

            # Source
            $Object.SourceZone = [HelperXml]::GetMembersFromXml($entry.from)
            $Object.SourceAddress = [HelperXml]::GetMembersFromXml($entry.source)

            # User
            $Object.SourceUser = [HelperXml]::GetMembersFromXml($entry.'source-user')
            $Object.HipProfile = [HelperXml]::GetMembersFromXml($entry.'hip-profiles')

            # Destination
            $Object.DestinationZone = [HelperXml]::GetMembersFromXml($entry.to)
            $Object.DestinationAddress = [HelperXml]::GetMembersFromXml($entry.destination)

            # Application
            $Object.Application = [HelperXml]::GetMembersFromXml($entry.application)

            # Service/Url Category
            $Object.Service = [HelperXml]::GetMembersFromXml($entry.service)
            $Object.UrlCategory = [HelperXml]::GetMembersFromXml($entry.category)

            # Actions
            ## Action Setting
            $Object.Action = [HelperXml]::parseCandidateConfigXml($entry.action, $false)
            $SendIcmpUnreachable = [HelperXml]::parseCandidateConfigXml($entry.'icmp-unreachable', $false)
            $Object.SendIcmpUnreachable = [HelperApi]::TranslatePaToBool($SendIcmpUnreachable, $Object.SendIcmpUnreachable)

            ## Profile Setting
            $Object.ProfileType = [HelperXml]::parseCandidateConfigXml($entry.'profile-setting', $true)
            switch ($Object.ProfileType) {
                'group' {
                    $Object.GroupProfile = [HelperXml]::GetMembersFromXml($entry.'profile-setting'.group)
                }
                'profiles' {
                    $Object.Antivirus = [HelperXml]::GetMembersFromXml($entry.'profile-setting'.profiles.virus)
                    $Object.VulnerabilityProtection = [HelperXml]::GetMembersFromXml($entry.'profile-setting'.profiles.vulnerability)
                    $Object.AntiSpyware = [HelperXml]::GetMembersFromXml($entry.'profile-setting'.profiles.spyware)
                    $Object.UrlFiltering = [HelperXml]::GetMembersFromXml($entry.'profile-setting'.profiles.'url-filtering')
                    $Object.FileBlocking = [HelperXml]::GetMembersFromXml($entry.'profile-setting'.profiles.'file-blocking')
                    $Object.DataFiltering = [HelperXml]::GetMembersFromXml($entry.'profile-setting'.profiles.'data-filtering')
                    $Object.WildFireAnalysis = [HelperXml]::GetMembersFromXml($entry.'profile-setting'.profiles.'wildfire-analysis')
                }
            }

            ## Log Setting
            $LogStart = [HelperXml]::parseCandidateConfigXml($entry.'log-start', $false)
            $Object.LogAtSessionStart = [HelperApi]::TranslatePaToBool($LogStart, $Object.LogAtSessionStart)

            $Object.LogForwarding = [HelperXml]::parseCandidateConfigXml($entry.'log-setting', $false)

            $LogEnd = [HelperXml]::parseCandidateConfigXml($entry.'log-end', $false)
            if ($LogEnd) {
                $Object.LogAtSessionEnd = [HelperApi]::TranslatePaToBool($LogEnd, $Object.LogAtSessionEnd)
            }

            ## Other Settings
            $Object.Schedule = [HelperXml]::parseCandidateConfigXml($entry.schedule, $false)

            $Dsri = [HelperXml]::parseCandidateConfigXml($entry.option.'disable-server-response-inspection', $false)
            $Object.Dsri = [HelperApi]::TranslatePaToBool($Dsri, $Object.Dsri)

            $QosMarkingType = [HelperXml]::parseCandidateConfigXml($entry.qos.marking, $true)

            switch ($QosMarkingType) {
                'follow-c2s-flow' {
                    $Object.QosType = 'FollowC2S'
                }
                'ip-precedence' {
                    $Object.QosType = 'IpPrecedence'
                    $Object.QosMarking = [HelperXml]::parseCandidateConfigXml($entry.qos.marking.'ip-precedence', $false)
                }
                'ip-dscp' {
                    $Object.QosType = 'IpDscp'
                    $Object.QosMarking = [HelperXml]::parseCandidateConfigXml($entry.qos.marking.'ip-dscp', $false)
                }
            }
        }

        if ($Name) {
            $ReturnObject = $ReturnObject | Where-Object { $_.Name -eq $Name }
        }

        $ReturnObject
    }
}