Try SpotterGet threat-rule objects facts on Check Point over Web Services API
| "added in version" 2.9 of ansible.builtin"
Authors: Or Soffer (@chkp-orso)
preview | supported by community
pipInstall with pip install ansible==2.9.17
Get threat-rule objects facts on Check Point devices.
All operations are performed over Web Services API.
This module handles both operations, get a specific object and get several objects, For getting a specific object use the parameter 'name'.
- name: show-threat-rule
cp_mgmt_threat_rule_facts:
layer: New Layer 1
name: Rule Name
- name: show-threat-rulebase
cp_mgmt_threat_rule_facts:
details_level: standard
filter: ''
limit: 20
name: Threat Prevention
offset: 0
use_object_dictionary: false
name:
description:
- Object name. Should be unique in the domain.
type: str
layer:
description:
- Layer that the rule belongs to identified by the name or UID.
type: str
limit:
description:
- No more than that many results will be returned. This parameter is relevant only
for getting few objects.
type: int
order:
description:
- Sorts results by the given field. By default the results are sorted in the ascending
order by name. This parameter is relevant only for getting few objects.
suboptions:
ASC:
choices:
- name
description:
- Sorts results by the given field in ascending order.
type: str
DESC:
choices:
- name
description:
- Sorts results by the given field in descending order.
type: str
type: list
filter:
description:
- Search expression to filter the rulebase. The provided text should be exactly the
same as it would be given in Smart Console. The logical operators in the expression
('AND', 'OR') should be provided in capital letters. If an operator is not used,
the default OR operator applies.
type: str
offset:
description:
- Skip that many results before beginning to return them. This parameter is relevant
only for getting few objects.
type: int
package:
description:
- Name of the package.
type: str
version:
description:
- Version of checkpoint. If not given one, the latest version taken.
type: str
details_level:
choices:
- uid
- standard
- full
description:
- The level of detail for some of the fields in the response can vary from showing
only the UID value of the object to a fully detailed representation of the object.
type: str
filter_settings:
description:
- Sets filter preferences.
suboptions:
packet_search_settings:
description:
- When 'search-mode' is set to 'packet', this object allows to set the packet
search preferences.
suboptions:
expand_group_members:
description:
- When true, if the search expression contains a UID or a name of a group
object, results will include rules that match on at least one member of
the group.
type: bool
expand_group_with_exclusion_members:
description:
- When true, if the search expression contains a UID or a name of a group-with-exclusion
object, results will include rules that match at least one member of the
"include" part and is not a member of the "except" part.
type: bool
match_on_any:
description:
- Whether to match on 'Any' object.
type: bool
match_on_group_with_exclusion:
description:
- Whether to match on a group-with-exclusion.
type: bool
match_on_negate:
description:
- Whether to match on a negated cell.
type: bool
type: dict
search_mode:
choices:
- general
- packet
description:
- When set to 'general', both the Full Text Search and Packet Search are enabled.
In this mode, Packet Search will not match on 'Any' object, a negated cell or
a group-with-exclusion. When the search-mode is set to 'packet', by default,
the match on 'Any' object, a negated cell or a group-with-exclusion are enabled.
packet-search-settings may be provided to change the default behavior.
type: str
type: dict
show_membership:
description:
- Indicates whether to calculate and show "groups" field for every object in reply.
type: bool
use_object_dictionary:
description:
- N/A
type: bool
dereference_group_members:
description:
- Indicates whether to dereference "members" field by details level for every object
in reply.
type: bool
ansible_facts: description: The checkpoint object facts. returned: always. type: dict