Try SpotterRemoved in 3.0.0
Reason:Updated modules released with increased functionality | Alternative:cisco.meraki.organizations_appliance_security_intrusion and cisco.meraki.networks_appliance_security_intrusion
Manage intrustion prevention in the Meraki cloud
Authors: Kevin Breit (@kbreit)
deprecated | supported by community
Install with ansible-galaxy collection install cisco.meraki:==2.18.0
collections:
- name: cisco.meraki
version: 2.18.0Allows for management of intrusion prevention rules networks within Meraki MX networks.
- name: Set whitelist for organization
meraki_intrusion_prevention:
auth_key: '{{auth_key}}'
state: present
org_id: '{{test_org_id}}'
allowed_rules:
- rule_id: "meraki:intrusion/snort/GID/01/SID/5805"
rule_message: Test rule
delegate_to: localhost
- name: Query IPS info for organization
meraki_intrusion_prevention:
auth_key: '{{auth_key}}'
state: query
org_name: '{{test_org_name}}'
delegate_to: localhost
register: query_org
- name: Set full ruleset with check mode
meraki_intrusion_prevention:
auth_key: '{{auth_key}}'
state: present
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}} - IPS'
mode: prevention
ids_rulesets: security
protected_networks:
use_default: true
included_cidr:
- 192.0.1.0/24
excluded_cidr:
- 10.0.1.0/24
delegate_to: localhost
- name: Clear rules from organization
meraki_intrusion_prevention:
auth_key: '{{auth_key}}'
state: absent
org_name: '{{test_org_name}}'
allowed_rules: []
delegate_to: localhost
host:
default: api.meraki.com
description:
- Hostname for Meraki dashboard.
- Can be used to access regional Meraki environments, such as China.
type: str
mode:
choices:
- detection
- disabled
- prevention
description:
- Operational mode of Intrusion Prevention system.
type: str
state:
choices:
- absent
- present
- query
default: present
description:
- Create or modify an organization.
type: str
net_id:
description:
- ID number of a network.
type: str
org_id:
description:
- ID of organization.
type: str
timeout:
default: 30
description:
- Time to timeout for HTTP requests.
type: int
auth_key:
description:
- Authentication key provided by the dashboard. Required if environmental variable
C(MERAKI_KEY) is not set.
required: true
type: str
net_name:
aliases:
- name
- network
description:
- Name of a network.
type: str
org_name:
aliases:
- organization
description:
- Name of organization.
type: str
use_https:
default: true
description:
- If C(no), it will use HTTP. Otherwise it will use HTTPS.
- Only useful for internal Meraki developers.
type: bool
use_proxy:
default: false
description:
- If C(no), it will not use a proxy, even if one is defined in an environment variable
on the target hosts.
type: bool
ids_rulesets:
choices:
- connectivity
- balanced
- security
description:
- Ruleset complexity setting.
type: str
output_level:
choices:
- debug
- normal
default: normal
description:
- Set amount of debug output during module execution.
type: str
allowed_rules:
description:
- List of IDs related to rules which are allowed for the organization.
elements: dict
suboptions:
rule_id:
description:
- ID of rule as defined by Snort.
type: str
rule_message:
aliases:
- message
description:
- Description of rule.
- This is overwritten by the API.
- Formerly C(message) which was deprecated but still maintained as an alias.
type: str
version_added: 2.3.0
version_added_collection: cisco.meraki
type: list
output_format:
choices:
- snakecase
- camelcase
default: snakecase
description:
- Instructs module whether response keys should be snake case (ex. C(net_id)) or camel
case (ex. C(netId)).
type: str
validate_certs:
default: true
description:
- Whether to validate HTTP certificates.
type: bool
protected_networks:
description:
- Set included/excluded networks for Intrusion Prevention.
suboptions:
excluded_cidr:
description:
- List of network IP ranges to exclude from scanning.
elements: str
type: list
included_cidr:
description:
- List of network IP ranges to include in scanning.
elements: str
type: list
use_default:
description:
- Whether to use special IPv4 addresses per RFC 5735.
type: bool
type: dict
rate_limit_retry_time:
default: 165
description:
- Number of seconds to retry if rate limiter is triggered.
type: int
internal_error_retry_time:
default: 60
description:
- Number of seconds to retry if server returns an internal server error.
type: int
data:
contains:
idsRulesets:
description: Setting of selected ruleset.
returned: success, when network is queried or modified
sample: balanced
type: str
mode:
description: Enabled setting of intrusion prevention.
returned: success, when network is queried or modified
sample: enabled
type: str
protectedNetworks:
contains:
excludedCidr:
description: List of CIDR notiation networks to exclude from protection.
returned: success, when network is queried or modified
sample: 192.0.1.0/24
type: str
includedCidr:
description: List of CIDR notiation networks to protect.
returned: success, when network is queried or modified
sample: 192.0.1.0/24
type: str
useDefault:
description: Whether to use special IPv4 addresses.
returned: success, when network is queried or modified
sample: true
type: bool
description: Networks protected by IPS.
returned: success, when network is queried or modified
type: complex
whitelistedRules:
contains:
ruleId:
description: A rule identifier for an IPS rule.
returned: success, when organization is queried or modified
sample: meraki:intrusion/snort/GID/01/SID/5805
type: str
rule_message:
description: Description of rule.
returned: success, when organization is queried or modified
sample: MALWARE-OTHER Trackware myway speedbar runtime detection - switch
engines
type: str
description: List of whitelisted IPS rules.
returned: success, when organization is queried or modified
type: complex
description: Information about the Threat Protection settings.
returned: success
type: complex