check_point.mgmt.cp_mgmt_threat_rule_facts – Get threat-rule objects facts on Check Point over Web Services API
Note
This plugin is part of the check_point.mgmt collection (version 2.0.0).
To install it use: ansible-galaxy collection install check_point.mgmt.
To use it in a playbook, specify: check_point.mgmt.cp_mgmt_threat_rule_facts.
New in version 2.9: of check_point.mgmt
Synopsis
- Get threat-rule objects facts on Check Point devices.
- All operations are performed over Web Services API.
- This module handles both operations, get a specific object and get several objects, For getting a specific object use the parameter ‘name’.
Parameters
| Parameter | Choices/Defaults | Comments | ||
|---|---|---|---|---|
| dereference_group_members boolean |
| Indicates whether to dereference "members" field by details level for every object in reply. | ||
| details_level string |
| The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object. | ||
| filter string | Search expression to filter the rulebase. The provided text should be exactly the same as it would be given in Smart Console. The logical operators in the expression ('AND', 'OR') should be provided in capital letters. If an operator is not used, the default OR operator applies. | |||
| filter_settings dictionary | Sets filter preferences. | |||
| packet_search_settings dictionary | When 'search-mode' is set to 'packet', this object allows to set the packet search preferences. | |||
| expand_group_members boolean |
| When true, if the search expression contains a UID or a name of a group object, results will include rules that match on at least one member of the group. | ||
| expand_group_with_exclusion_members boolean |
| When true, if the search expression contains a UID or a name of a group-with-exclusion object, results will include rules that match at least one member of the "include" part and is not a member of the "except" part. | ||
| match_on_any boolean |
| Whether to match on 'Any' object. | ||
| match_on_group_with_exclusion boolean |
| Whether to match on a group-with-exclusion. | ||
| match_on_negate boolean |
| Whether to match on a negated cell. | ||
| search_mode string |
| When set to 'general', both the Full Text Search and Packet Search are enabled. In this mode, Packet Search will not match on 'Any' object, a negated cell or a group-with-exclusion. When the search-mode is set to 'packet', by default, the match on 'Any' object, a negated cell or a group-with-exclusion are enabled. packet-search-settings may be provided to change the default behavior. | ||
| layer string | Layer that the rule belongs to identified by the name or UID. | |||
| limit integer | No more than that many results will be returned. This parameter is relevant only for getting few objects. | |||
| name string | Object name. Should be unique in the domain. | |||
| offset integer | Skip that many results before beginning to return them. This parameter is relevant only for getting few objects. | |||
| order list / elements=string | Sorts results by the given field. By default the results are sorted in the ascending order by name. This parameter is relevant only for getting few objects. | |||
| ASC string |
| Sorts results by the given field in ascending order. | ||
| DESC string |
| Sorts results by the given field in descending order. | ||
| package string | Name of the package. | |||
| show_membership boolean |
| Indicates whether to calculate and show "groups" field for every object in reply. | ||
| use_object_dictionary boolean |
| N/A | ||
| version string | Version of checkpoint. If not given one, the latest version taken. | |||
Examples
- name: show-threat-rule
cp_mgmt_threat_rule_facts:
layer: New Layer 1
name: Rule Name
- name: show-threat-rulebase
cp_mgmt_threat_rule_facts:
details_level: standard
filter: ''
limit: 20
name: Threat Prevention
offset: 0
use_object_dictionary: false
Authors
- Or Soffer (@chkp-orso)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/check_point/mgmt/cp_mgmt_threat_rule_facts_module.html