|
@@ -4396,7 +4472,7 @@ Parameters
|
- Default:
"No"
+ Default:
"no"
|
Value of a Setting.
@@ -7223,43 +7299,14 @@ Examples
value: true
platform_setting_demo_mode_enabled:
value: true
-
- # Play Run:
- # =========
- #
- # "system_settings": {
- # "after": {
- # "platform_setting_demo_mode_enabled": {
- # "value": true
- # },
- # "platform_setting_http_strict_transport_enabled": {
- # "value": true
- # },
- # "platform_setting_syslog_config_id": {
- # "value": "12"
- # }
- # },
- # "before": {
- # "platform_setting_demo_mode_enabled": {
- # "value": "false"
- # },
- # "platform_setting_http_strict_transport_enabled": {
- # "value": "false"
- # },
- # "platform_setting_syslog_config_id": {
- # "value": "0"
- # }
- # }
- # }
-
- name: Reset/Delete the input System Settings Config
trendmicro.deepsec.deepsec_system_settings:
state: absent
config:
name:
- - platform_setting_syslog_config_id
- - platform_setting_http_strict_transport_enabled
- - platform_setting_demo_mode_enabled
+ - platform_setting_syslog_config_id
+ - platform_setting_http_strict_transport_enabled
+ - platform_setting_demo_mode_enabled
# Play Run:
# =========
@@ -7294,9 +7341,9 @@ Examples
state: gathered
config:
name:
- - platform_setting_syslog_config_id
- - platform_setting_http_strict_transport_enabled
- - platform_setting_demo_mode_enabled
+ - platform_setting_syslog_config_id
+ - platform_setting_http_strict_transport_enabled
+ - platform_setting_demo_mode_enabled
# Play Run:
# =========
@@ -7319,629 +7366,6 @@ Examples
trendmicro.deepsec.deepsec_system_settings:
state: gathered
- # Play Run:
- # =========
- #
- # "gathered": {
- # "config": {
- # "anti_malware_setting_event_email_body_template": {
- # "value": ""
- # },
- # "anti_malware_setting_event_email_enabled": {
- # "value": "false"
- # },
- # "anti_malware_setting_event_email_recipients": {
- # "value": ""
- # },
- # "anti_malware_setting_event_email_subject": {
- # "value": ""
- # },
- # "anti_malware_setting_retain_event_duration": {
- # "value": "7 Days"
- # },
- # "application_control_setting_retain_event_duration": {
- # "value": "7 Days"
- # },
- # "application_control_setting_serve_rulesets_from_relays_enabled": {
- # "value": "false"
- # },
- # "firewall_setting_event_rank_severity_deny": {
- # "value": "100"
- # },
- # "firewall_setting_event_rank_severity_log_only": {
- # "value": "1"
- # },
- # "firewall_setting_event_rank_severity_packet_rejection": {
- # "value": "50"
- # },
- # "firewall_setting_global_stateful_config_id": {
- # "value": "0"
- # },
- # "firewall_setting_internet_connectivity_test_expected_content_regex": {
- # "value": ""
- # },
- # "firewall_setting_internet_connectivity_test_interval": {
- # "value": "10 Seconds"
- # },
- # "firewall_setting_internet_connectivity_test_url": {
- # "value": ""
- # },
- # "firewall_setting_intranet_connectivity_test_expected_content_regex": {
- # "value": ""
- # },
- # "firewall_setting_intranet_connectivity_test_url": {
- # "value": ""
- # },
- # "firewall_setting_retain_event_duration": {
- # "value": "7 Days"
- # },
- # "integrity_monitoring_setting_event_rank_severity_critical": {
- # "value": "100"
- # },
- # "integrity_monitoring_setting_event_rank_severity_high": {
- # "value": "50"
- # },
- # "integrity_monitoring_setting_event_rank_severity_low": {
- # "value": "1"
- # },
- # "integrity_monitoring_setting_event_rank_severity_medium": {
- # "value": "25"
- # },
- # "integrity_monitoring_setting_retain_event_duration": {
- # "value": "7 Days"
- # },
- # "intrusion_prevention_setting_event_rank_severity_filter_critical": {
- # "value": "100"
- # },
- # "intrusion_prevention_setting_event_rank_severity_filter_error": {
- # "value": "100"
- # },
- # "intrusion_prevention_setting_event_rank_severity_filter_high": {
- # "value": "50"
- # },
- # "intrusion_prevention_setting_event_rank_severity_filter_low": {
- # "value": "1"
- # },
- # "intrusion_prevention_setting_event_rank_severity_filter_medium": {
- # "value": "25"
- # },
- # "intrusion_prevention_setting_retain_event_duration": {
- # "value": "7 Days"
- # },
- # "log_inspection_setting_event_rank_severity_critical": {
- # "value": "100"
- # },
- # "log_inspection_setting_event_rank_severity_high": {
- # "value": "50"
- # },
- # "log_inspection_setting_event_rank_severity_low": {
- # "value": "1"
- # },
- # "log_inspection_setting_event_rank_severity_medium": {
- # "value": "25"
- # },
- # "log_inspection_setting_retain_event_duration": {
- # "value": "7 Days"
- # },
- # "platform_setting_active_sessions_max": {
- # "value": "10"
- # },
- # "platform_setting_active_sessions_max_exceeded_action": {
- # "value": "Block new sessions"
- # },
- # "platform_setting_agent_initiated_activation_duplicate_hostname_mode": {
- # "value": "Re-activate the existing Computer"
- # },
- # "platform_setting_agent_initiated_activation_enabled": {
- # "value": "For any computers"
- # },
- # "platform_setting_agent_initiated_activation_policy_id": {
- # "value": ""
- # },
- # "platform_setting_agent_initiated_activation_reactivate_cloned_enabled": {
- # "value": "true"
- # },
- # "platform_setting_agent_initiated_activation_reactivate_unknown_enabled": {
- # "value": "true"
- # },
- # "platform_setting_agent_initiated_activation_specify_hostname_enabled": {
- # "value": "false"
- # },
- # "platform_setting_agent_initiated_activation_token": {
- # "value": ""
- # },
- # "platform_setting_agent_initiated_activation_within_ip_list_id": {
- # "value": ""
- # },
- # "platform_setting_agentless_vcloud_protection_enabled": {
- # "value": "false"
- # },
- # "platform_setting_alert_agent_update_pending_threshold": {
- # "value": "7 Days"
- # },
- # "platform_setting_alert_default_email_address": {
- # "value": ""
- # },
- # "platform_setting_api_soap_web_service_enabled": {
- # "value": "false"
- # },
- # "platform_setting_api_status_monitoring_enabled": {
- # "value": "false"
- # },
- # "platform_setting_aws_external_id_retrieval_enabled": {
- # "value": "true"
- # },
- # "platform_setting_aws_manager_identity_access_key": {
- # "value": ""
- # },
- # "platform_setting_aws_manager_identity_secret_key": {
- # "value": ""
- # },
- # "platform_setting_aws_manager_identity_use_instance_role_enabled": {
- # "value": "true"
- # },
- # "platform_setting_azure_sso_certificate": {
- # "value": ""
- # },
- # "platform_setting_capture_encrypted_traffic_enabled": {
- # "value": "false"
- # },
- # "platform_setting_connected_threat_defense_control_manager_manual_source_api_key": {
- # "value": ""
- # },
- # "platform_setting_connected_threat_defense_control_manager_manual_source_server_url": {
- # "value": ""
- # },
- # "platform_setting_connected_threat_defense_control_manager_proxy_id": {
- # "value": ""
- # },
- # "platform_setting_connected_threat_defense_control_manager_source_option": {
- # "value": "Manually select an Apex Central server"
- # },
- # "platform_setting_connected_threat_defense_control_manager_suspicious_object_list_comparison_enabled": {
- # "value": "false"
- # },
- # "platform_setting_connected_threat_defense_control_manager_use_proxy_enabled": {
- # "value": "false"
- # },
- # "platform_setting_connected_threat_defenses_use_primary_tenant_server_settings_enabled": {
- # "value": "false"
- # },
- # "platform_setting_content_security_policy": {
- # "value": ""
- # },
- # "platform_setting_content_security_policy_report_only_enabled": {
- # "value": "true"
- # },
- # "platform_setting_ddan_auto_submission_enabled": {
- # "value": "false"
- # },
- # "platform_setting_ddan_manual_source_api_key": {
- # "value": ""
- # },
- # "platform_setting_ddan_manual_source_server_url": {
- # "value": ""
- # },
- # "platform_setting_ddan_proxy_id": {
- # "value": ""
- # },
- # "platform_setting_ddan_source_option": {
- # "value": "Manually select a Deep Discovery Analyzer server"
- # },
- # "platform_setting_ddan_submission_enabled": {
- # "value": "false"
- # },
- # "platform_setting_ddan_use_proxy_enabled": {
- # "value": "false"
- # },
- # "platform_setting_demo_mode_enabled": {
- # "value": "false"
- # },
- # "platform_setting_event_forwarding_sns_access_key": {
- # "value": ""
- # },
- # "platform_setting_event_forwarding_sns_advanced_config_enabled": {
- # "value": "false"
- # },
- # "platform_setting_event_forwarding_sns_config_json": {
- # "value": ""
- # },
- # "platform_setting_event_forwarding_sns_enabled": {
- # "value": "false"
- # },
- # "platform_setting_event_forwarding_sns_secret_key": {
- # "value": ""
- # },
- # "platform_setting_event_forwarding_sns_topic_arn": {
- # "value": ""
- # },
- # "platform_setting_exported_diagnostic_package_locale": {
- # "value": "en_US"
- # },
- # "platform_setting_exported_file_character_encoding": {
- # "value": "US-ASCII"
- # },
- # "platform_setting_http_public_key_pin_policy": {
- # "value": ""
- # },
- # "platform_setting_http_public_key_pin_policy_report_only_enabled": {
- # "value": "true"
- # },
- # "platform_setting_http_strict_transport_enabled": {
- # "value": "false"
- # },
- # "platform_setting_inactive_agent_cleanup_duration": {
- # "value": "1 Month"
- # },
- # "platform_setting_inactive_agent_cleanup_enabled": {
- # "value": "false"
- # },
- # "platform_setting_linux_upgrade_on_activation_enabled": {
- # "value": "false"
- # },
- # "platform_setting_load_balancer_heartbeat_address": {
- # "value": ""
- # },
- # "platform_setting_load_balancer_heartbeat_port": {
- # "value": "4120"
- # },
- # "platform_setting_load_balancer_manager_address": {
- # "value": ""
- # },
- # "platform_setting_load_balancer_manager_port": {
- # "value": "4119"
- # },
- # "platform_setting_load_balancer_relay_address": {
- # "value": ""
- # },
- # "platform_setting_load_balancer_relay_port": {
- # "value": "4122"
- # },
- # "platform_setting_logo_binary_image_img": {
- # "value": ""
- # },
- # "platform_setting_managed_detect_response_company_guid": {
- # "value": ""
- # },
- # "platform_setting_managed_detect_response_enabled": {
- # "value": "false"
- # },
- # "platform_setting_managed_detect_response_proxy_id": {
- # "value": ""
- # },
- # "platform_setting_managed_detect_response_server_url": {
- # "value": ""
- # },
- # "platform_setting_managed_detect_response_service_token": {
- # "value": ""
- # },
- # "platform_setting_managed_detect_response_use_primary_tenant_settings_enabled": {
- # "value": "false"
- # },
- # "platform_setting_managed_detect_response_use_proxy_enabled": {
- # "value": "false"
- # },
- # "platform_setting_new_tenant_download_security_update_enabled": {
- # "value": "true"
- # },
- # "platform_setting_primary_tenant_allow_tenant_add_vmware_vcenter_enabled": {
- # "value": "true"
- # },
- # "platform_setting_primary_tenant_allow_tenant_configure_forgot_password_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_allow_tenant_configure_remember_me_option_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_allow_tenant_configure_siem_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_allow_tenant_configure_snmp_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_allow_tenant_configure_sns_enabled": {
- # "value": "true"
- # },
- # "platform_setting_primary_tenant_allow_tenant_control_impersonation_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_allow_tenant_database_state": {
- # "value": "10"
- # },
- # "platform_setting_primary_tenant_allow_tenant_run_computer_discovery_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_allow_tenant_run_port_scan_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_allow_tenant_sync_with_cloud_account_enabled": {
- # "value": "true"
- # },
- # "platform_setting_primary_tenant_allow_tenant_synchronize_ldap_directories_enabled": {
- # "value": "true"
- # },
- # "platform_setting_primary_tenant_allow_tenant_use_default_relay_group_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_allow_tenant_use_scheduled_run_script_task_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_lock_and_hide_tenant_data_privacy_option_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_lock_and_hide_tenant_smtp_tab_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_lock_and_hide_tenant_storage_tab_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_share_connected_threat_defenses_enabled": {
- # "value": "false"
- # },
- # "platform_setting_primary_tenant_share_managed_detect_responses_enabled": {
- # "value": "false"
- # },
- # "platform_setting_product_usage_data_collection_enabled": {
- # "value": "true"
- # },
- # "platform_setting_proxy_agent_update_proxy_id": {
- # "value": ""
- # },
- # "platform_setting_proxy_manager_cloud_proxy_id": {
- # "value": ""
- # },
- # "platform_setting_proxy_manager_update_proxy_id": {
- # "value": ""
- # },
- # "platform_setting_recommendation_cpu_usage_level": {
- # "value": "High"
- # },
- # "platform_setting_recommendation_ongoing_scans_enabled": {
- # "value": "No"
- # },
- # "platform_setting_retain_agent_installers_per_platform_max": {
- # "value": "5"
- # },
- # "platform_setting_retain_counters_duration": {
- # "value": "13 Weeks"
- # },
- # "platform_setting_retain_security_updates_max": {
- # "value": "10"
- # },
- # "platform_setting_retain_server_log_duration": {
- # "value": "7 Days"
- # },
- # "platform_setting_retain_system_event_duration": {
- # "value": "53 Weeks"
- # },
- # "platform_setting_saml_identity_provider_certificate_expiry_warning_daysr": {
- # "value": "30"
- # },
- # "platform_setting_saml_retain_inactive_external_administrators_duration": {
- # "value": "365"
- # },
- # "platform_setting_saml_service_provider_certificate": {
- # "value": ""
- # },
- # "platform_setting_saml_service_provider_certificate_expiry_warning_days": {
- # "value": "30"
- # },
- # "platform_setting_saml_service_provider_entity_id": {
- # "value": ""
- # },
- # "platform_setting_saml_service_provider_name": {
- # "value": ""
- # },
- # "platform_setting_saml_service_provider_private_key": {
- # "value": ""
- # },
- # "platform_setting_sign_in_page_message": {
- # "value": ""
- # },
- # "platform_setting_smart_protection_feedback_bandwidth_max_kbytes": {
- # "value": "32"
- # },
- # "platform_setting_smart_protection_feedback_enabled": {
- # "value": "true"
- # },
- # "platform_setting_smart_protection_feedback_for_suspicious_file_enabled": {
- # "value": "true"
- # },
- # "platform_setting_smart_protection_feedback_industry_type": {
- # "value": "Not specified"
- # },
- # "platform_setting_smart_protection_feedback_interval": {
- # "value": "5"
- # },
- # "platform_setting_smart_protection_feedback_threat_detections_threshold": {
- # "value": "10"
- # },
- # "platform_setting_smtp_bounce_email_address": {
- # "value": ""
- # },
- # "platform_setting_smtp_from_email_address": {
- # "value": ""
- # },
- # "platform_setting_smtp_password": {
- # "value": ""
- # },
- # "platform_setting_smtp_requires_authentication_enabled": {
- # "value": "false"
- # },
- # "platform_setting_smtp_server_address": {
- # "value": ""
- # },
- # "platform_setting_smtp_start_tls_enabled": {
- # "value": "false"
- # },
- # "platform_setting_smtp_username": {
- # "value": ""
- # },
- # "platform_setting_syslog_config_id": {
- # "value": "0"
- # },
- # "platform_setting_system_event_forwarding_snmp_address": {
- # "value": ""
- # },
- # "platform_setting_system_event_forwarding_snmp_enabled": {
- # "value": "false"
- # },
- # "platform_setting_system_event_forwarding_snmp_port": {
- # "value": "162"
- # },
- # "platform_setting_tenant_allow_impersonation_by_primary_tenant_enabled": {
- # "value": "false"
- # },
- # "platform_setting_tenant_auto_revoke_impersonation_by_primary_tenant_enabled": {
- # "value": "false"
- # },
- # "platform_setting_tenant_auto_revoke_impersonation_by_primary_tenant_timeout": {
- # "value": "4 Hours"
- # },
- # "platform_setting_tenant_protection_usage_monitoring_computer_id_1": {
- # "value": "Hostname"
- # },
- # "platform_setting_tenant_protection_usage_monitoring_computer_id_2": {
- # "value": "Last Used IP Address"
- # },
- # "platform_setting_tenant_protection_usage_monitoring_computer_id_3": {
- # "value": "Platform"
- # },
- # "platform_setting_tenant_use_default_relay_group_from_primary_tenant_enabled": {
- # "value": "false"
- # },
- # "platform_setting_trend_micro_xdr_api_key": {
- # "value": ""
- # },
- # "platform_setting_trend_micro_xdr_api_server_url": {
- # "value": ""
- # },
- # "platform_setting_trend_micro_xdr_api_user": {
- # "value": ""
- # },
- # "platform_setting_trend_micro_xdr_common_log_receiver_url": {
- # "value": ""
- # },
- # "platform_setting_trend_micro_xdr_company_id": {
- # "value": ""
- # },
- # "platform_setting_trend_micro_xdr_enabled": {
- # "value": "false"
- # },
- # "platform_setting_trend_micro_xdr_identity_provider_api_url": {
- # "value": ""
- # },
- # "platform_setting_trend_micro_xdr_log_server_url": {
- # "value": ""
- # },
- # "platform_setting_update_agent_security_contact_primary_source_on_missing_relay_enabled": {
- # "value": "true"
- # },
- # "platform_setting_update_agent_security_on_missing_deep_security_manager_enabled": {
- # "value": "true"
- # },
- # "platform_setting_update_agent_software_use_download_center_on_missing_deep_security_manager_enabled": {
- # "value": "false"
- # },
- # "platform_setting_update_appliance_default_agent_version": {
- # "value": ""
- # },
- # "platform_setting_update_hostname_on_ip_change_enabled": {
- # "value": "false"
- # },
- # "platform_setting_update_imported_software_auto_download_enabled": {
- # "value": "true"
- # },
- # "platform_setting_update_relay_security_all_regions_patterns_download_enabled": {
- # "value": "false"
- # },
- # "platform_setting_update_relay_security_support_agent_9and_earlier_enabled": {
- # "value": "false"
- # },
- # "platform_setting_update_rules_policy_auto_apply_enabled": {
- # "value": "true"
- # },
- # "platform_setting_update_security_primary_source_mode": {
- # "value": "Trend Micro ActiveUpdate Server"
- # },
- # "platform_setting_update_security_primary_source_url": {
- # "value": "http://"
- # },
- # "platform_setting_update_software_alternate_update_server_urls": {
- # "value": ""
- # },
- # "platform_setting_user_enforce_terms_and_conditions_enabled": {
- # "value": "false"
- # },
- # "platform_setting_user_enforce_terms_and_conditions_message": {
- # "value": ""
- # },
- # "platform_setting_user_enforce_terms_and_conditions_title": {
- # "value": ""
- # },
- # "platform_setting_user_hide_unlicensed_modules_enabled": {
- # "value": "false"
- # },
- # "platform_setting_user_password_expiry": {
- # "value": "Never"
- # },
- # "platform_setting_user_password_expiry_send_email_enabled": {
- # "value": "false"
- # },
- # "platform_setting_user_password_length_min": {
- # "value": "8"
- # },
- # "platform_setting_user_password_require_letters_and_numbers_enabled": {
- # "value": "false"
- # },
- # "platform_setting_user_password_require_mixed_case_enabled": {
- # "value": "false"
- # },
- # "platform_setting_user_password_require_not_same_as_username_enabled": {
- # "value": "false"
- # },
- # "platform_setting_user_password_require_special_characters_enabled": {
- # "value": "false"
- # },
- # "platform_setting_user_session_duration_max": {
- # "value": "No Limit"
- # },
- # "platform_setting_user_session_idle_timeout": {
- # "value": "30 Minutes"
- # },
- # "platform_setting_user_sign_in_attempts_allowed_number": {
- # "value": "5"
- # },
- # "platform_setting_vmware_nsx_manager_node": {
- # "value": "1"
- # },
- # "platform_setting_whois_url": {
- # "value": ""
- # },
- # "platform_setting_windows_upgrade_on_activation_enabled": {
- # "value": "false"
- # },
- # "web_reputation_setting_event_rank_risk_blocked_by_administrator_rank": {
- # "value": "100"
- # },
- # "web_reputation_setting_event_rank_risk_dangerous": {
- # "value": "100"
- # },
- # "web_reputation_setting_event_rank_risk_highly_suspicious": {
- # "value": "50"
- # },
- # "web_reputation_setting_event_rank_risk_suspicious": {
- # "value": "25"
- # },
- # "web_reputation_setting_event_rank_risk_untested": {
- # "value": "25"
- # },
- # "web_reputation_setting_retain_event_duration": {
- # "value": "7 Days"
- # }
- # }
- # }
-
diff --git a/meta/runtime.yml b/meta/runtime.yml
index 6d538b0..c3682bb 100644
--- a/meta/runtime.yml
+++ b/meta/runtime.yml
@@ -5,11 +5,11 @@ plugin_routing:
anti_malware:
redirect: trendmicro.deepsec.deepsec_anti_malware
deprecation:
- removal_date: "2023-12-08"
+ removal_date: "2023-12-01"
warning_text: See the plugin documentation for more details
deepsec_anti_malware:
deprecation:
- removal_date: "2023-12-08"
+ removal_date: "2023-12-01"
warning_text: See the plugin documentation for more details
anti_malwares:
redirect: trendmicro.deepsec.deepsec_anti_malwares
@@ -18,11 +18,11 @@ plugin_routing:
firewallrules:
redirect: trendmicro.deepsec.deepsec_firewallrules
deprecation:
- removal_date: "2023-12-08"
+ removal_date: "2023-12-01"
warning_text: See the plugin documentation for more details
deepsec_firewallrules:
deprecation:
- removal_date: "2023-12-08"
+ removal_date: "2023-12-01"
warning_text: See the plugin documentation for more details
firewall_rules:
redirect: trendmicro.deepsec.deepsec_firewall_rules
@@ -31,11 +31,11 @@ plugin_routing:
log_inspectionrules:
redirect: trendmicro.deepsec.deepsec_log_inspectionrules
deprecation:
- removal_date: "2023-12-08"
+ removal_date: "2023-12-01"
warning_text: See the plugin documentation for more details
deepsec_log_inspectionrules:
deprecation:
- removal_date: "2023-12-08"
+ removal_date: "2023-12-01"
warning_text: See the plugin documentation for more details
log_inspection_rules:
redirect: trendmicro.deepsec.deepsec_log_inspection_rules
@@ -46,22 +46,22 @@ plugin_routing:
integrity_monitoringrules:
redirect: trendmicro.deepsec.deepsec_integrity_monitoringrules
deprecation:
- removal_date: "2023-12-08"
+ removal_date: "2023-12-01"
warning_text: See the plugin documentation for more details
deepsec_integrity_monitoringrules:
deprecation:
- removal_date: "2023-12-08"
+ removal_date: "2023-12-01"
warning_text: See the plugin documentation for more details
integrity_monitoring_rules:
redirect: trendmicro.deepsec.deepsec_integrity_monitoring_rules
intrusion_preventionrules:
redirect: trendmicro.deepsec.deepsec_intrusion_preventionrules
deprecation:
- removal_date: "2023-12-08"
+ removal_date: "2023-12-01"
warning_text: See the plugin documentation for more details
deepsec_intrusion_preventionrules:
deprecation:
- removal_date: "2023-12-08"
+ removal_date: "2023-12-01"
warning_text: See the plugin documentation for more details
intrusion_prevention_rules:
- redirect: trendmicro.deepsec.deepsec_intrusion_prevention_rules
\ No newline at end of file
+ redirect: trendmicro.deepsec.deepsec_intrusion_prevention_rules
diff --git a/plugins/httpapi/deepsec.py b/plugins/httpapi/deepsec.py
index 5112b29..dac4dd4 100644
--- a/plugins/httpapi/deepsec.py
+++ b/plugins/httpapi/deepsec.py
@@ -6,13 +6,13 @@
__metaclass__ = type
DOCUMENTATION = """
----
author: Ansible Security Automation Team
httpapi: deepsec
short_description: HttpApi Plugin for Trend Micro Deep Security
description:
- - This HttpApi plugin provides methods to connect to Trend Micro Deep Security
- over a HTTP(S)-based api.
+- This HttpApi plugin provides methods to connect to Trend Micro Deep Security over
+ a HTTP(S)-based api.
+version_added: 1.0.0
"""
import json
diff --git a/plugins/modules/deepsec_anti_malware.py b/plugins/modules/deepsec_anti_malware.py
index c9aa17d..3635907 100644
--- a/plugins/modules/deepsec_anti_malware.py
+++ b/plugins/modules/deepsec_anti_malware.py
@@ -10,16 +10,15 @@
DOCUMENTATION = """
----
module: deepsec_anti_malware
short_description: Create a new antimalware under TrendMicro Deep Security Policy
description:
- - This module creates a new antimalware under TrendMicro Deep Security
+- This module creates a new antimalware under TrendMicro Deep Security
version_added: 1.0.0
deprecated:
alternative: deepsec_anti_malwares
why: Newer and updated modules released with more functionality
- removed_at_date: '2023-12-08'
+ removed_at_date: '2023-12-01'
options:
name:
description: Name of the anti-malware configuration.
@@ -30,53 +29,61 @@
type: str
scan_type:
description: The type of malware scan configuration.
- choices: ["real-time", "on-demand"]
+ choices: [real-time, on-demand]
type: str
document_exploit_protection_enabled:
- description: Controls whether to scan for known critical vulnerabilities. Use true to enable scan.
+ description: Controls whether to scan for known critical vulnerabilities. Use
+ true to enable scan.
type: bool
document_exploit_protection:
description: Scan for exploits against known critical vulnerabilities only.
- choices: ["critical-only", "critical-and-heuristic"]
+ choices: [critical-only, critical-and-heuristic]
type: str
document_exploit_heuristic_level:
- description: Controls whether to scan for exploits of known critical vulnerabilites as well as
- aggessively detect suspicious behaviour that could be an unknown exploit.
- choices: ["default", "default-and-agressive"]
+ description: Controls whether to scan for exploits of known critical vulnerabilites
+ as well as aggessively detect suspicious behaviour that could be an unknown
+ exploit.
+ choices: [default, default-and-agressive]
type: str
machine_learning_enabled:
- description: Controls whether predictive machine learning is enabled. Set to true to enable.
+ description: Controls whether predictive machine learning is enabled. Set to true
+ to enable.
type: bool
behavior_monitoring_enabled:
description: Controls whether to detect suspicious activity and unauthorized changes
(including ransomware). Set to true to detect.
type: bool
document_recovery_enabled:
- description: Controls whether to back up ransomware-encrypted files. Set to true to back up.
+ description: Controls whether to back up ransomware-encrypted files. Set to true
+ to back up.
type: bool
intelli_trap_enabled:
description: Controls whether IntelliTrap is enabled. Set to true to enable.
type: bool
memory_scan_enabled:
- description: Controls whether to scan process memory for malware. Use true to enable scan.
+ description: Controls whether to scan process memory for malware. Use true to
+ enable scan.
type: bool
spyware_enabled:
- description: Controls whether to enable spyware/grayware protection. Set to true to enable.
+ description: Controls whether to enable spyware/grayware protection. Set to true
+ to enable.
type: bool
alert_enabled:
- description: Controls whether to create an alert when the Malware Scan Configuration logs an event.
- Set to true to enable the alert.
+ description: Controls whether to create an alert when the Malware Scan Configuration
+ logs an event. Set to true to enable the alert.
type: bool
directories_to_scan:
- description: Specify if the scan will be peformed on all the directories or on a subset.
- choices: ["all-directories", "directory-list"]
+ description: Specify if the scan will be peformed on all the directories or on
+ a subset.
+ choices: [all-directories, directory-list]
type: str
directory_list_id:
description: ID of the directory list to scan.
type: int
files_to_scan:
- description: Specify if scan will be performed on all files, a subset or by using IntelliScan.
- choices: ["all-files", "intelliscan-file-types", "file-extension-list"]
+ description: Specify if scan will be performed on all files, a subset or by using
+ IntelliScan.
+ choices: [all-files, intelliscan-file-types, file-extension-list]
type: str
file_extension_list_id:
description: ID of the file extension list to scan.
@@ -95,7 +102,7 @@
type: int
real_time_scan:
description: Specify when to perform the real-time scan.
- choices: ["read-only", "write-only", "read-write"]
+ choices: [read-only, write-only, read-write]
type: str
scan_compressed_enabled:
description: Controls whether to scan compressed files. Use true to enable scan.
@@ -110,60 +117,63 @@
description: Maximum number of files to extract.
type: int
microsoft_office_enabled:
- description: Controls whether to scan Embedded Microsoft Office Objects. Use true to enable scan.
+ description: Controls whether to scan Embedded Microsoft Office Objects. Use true
+ to enable scan.
type: bool
microsoft_office_layers:
- description: Number of Microsoft Object Linking and Embedding (OLE) Layers to scan.
+ description: Number of Microsoft Object Linking and Embedding (OLE) Layers to
+ scan.
type: int
network_directories_enabled:
description: Controls whether to scan network directories. Set to true to enable.
type: bool
custom_remediation_actions_enabled:
- description: Controls whether to use the action ActiveActions recommends when malware
- is detected. Set to true to use the action ActiveAction recommends.
+ description: Controls whether to use the action ActiveActions recommends when
+ malware is detected. Set to true to use the action ActiveAction recommends.
type: bool
custom_scan_actions_enabled:
- description: Controls whether to use custom actions. Use true to enable custom actions.
+ description: Controls whether to use custom actions. Use true to enable custom
+ actions.
type: bool
scan_action_for_virus:
description: The action to perform when a virus is detected.
- choices: ["pass", "delete", "quarantine", "clean", "deny-access"]
+ choices: [pass, delete, quarantine, clean, deny-access]
type: str
scan_action_for_trojans:
description: The action to perform when a trojan is detected.
- choices: ["pass", "delete", "quarantine", "deny-access"]
+ choices: [pass, delete, quarantine, deny-access]
type: str
scan_action_for_packer:
description: The action to perform when a packer is detected.
- choices: ["pass", "delete", "quarantine", "deny-access"]
+ choices: [pass, delete, quarantine, deny-access]
type: str
scan_action_for_spyware:
description: The action to perform when spyware is detected.
- choices: ["pass", "delete", "quarantine", "deny-access"]
+ choices: [pass, delete, quarantine, deny-access]
type: str
scan_action_for_other_threats:
description: The action to take when other threats are detected.
- choices: ["pass", "delete", "quarantine", "clean", "deny-access"]
+ choices: [pass, delete, quarantine, clean, deny-access]
type: str
scan_action_for_cookies:
description: The action to take when cookies are detected.
- choices: ["pass", "delete"]
+ choices: [pass, delete]
type: str
scan_action_for_cve:
description: The action to take when a CVE exploit is detected.
- choices: ["pass", "delete", "quarantine", "deny-access"]
+ choices: [pass, delete, quarantine, deny-access]
type: str
scan_action_for_heuristics:
description: The action to take when malware identified with heuristics are detected.
- choices: ["pass", "delete", "quarantine", "deny-access"]
+ choices: [pass, delete, quarantine, deny-access]
type: str
scan_action_for_possible_malware:
description: The action to take when possible malware is detected.
- choices: ["active-action", "pass", "delete", "quarantine", "deny-access"]
+ choices: [active-action, pass, delete, quarantine, deny-access]
type: str
cpu_usage:
description: CPU usage.
- choices: ["low", "medium", "high" ]
+ choices: [low, medium, high]
type: str
state:
description:
@@ -173,7 +183,6 @@
- present
- absent
default: present
-
author: Ansible Security Automation Team (@justjais) "
"""
@@ -188,7 +197,6 @@
real_time_scan: read-write
cpu_usage: low
state: present
-
- name: Delete/Remove the existing Anti Malware Config
trendmicro.deepsec.deepsec_anti_malware:
state: absent
diff --git a/plugins/modules/deepsec_anti_malwares.py b/plugins/modules/deepsec_anti_malwares.py
index fc9014f..2c6b7c4 100644
--- a/plugins/modules/deepsec_anti_malwares.py
+++ b/plugins/modules/deepsec_anti_malwares.py
@@ -10,7 +10,7 @@
module: deepsec_anti_malwares
short_description: Manages AntiMalware Rule resource module
description: Configure protection against malware, viruses, trojans and spyware.
-version_added: 2.0.0
+version_added: 1.2.0
options:
config:
description: A dictionary of AntiMalware Rule Rules options
@@ -300,334 +300,54 @@
trendmicro.deepsec.deepsec_anti_malwares:
state: merged
config:
- - name: test_malware_1
- description: test malware 1 description
- scan_action_for_virus: pass
- alert_enabled: true
- scan_type: on-demand
- real_time_scan: read-only
- cpu_usage: medium
- - name: test_malware_2
- description: test malware 2 description
- scan_action_for_virus: pass
- alert_enabled: true
- scan_type: real-time
- real_time_scan: read-write
- cpu_usage: low
-
-# Play Run:
-# =========
-#
-# "anti_malwares": {
-# "after": [
-# {
-# "alert_enabled": true,
-# "cpu_usage": "medium",
-# "custom_remediation_actions_enabled": false,
-# "description": "test malware 1 description",
-# "directories_to_scan": "all-directories",
-# "document_exploit_heuristic_level": "default",
-# "document_exploit_protection": "critical-only",
-# "document_exploit_protection_enabled": true,
-# "files_to_scan": "all-files",
-# "id": 20,
-# "microsoft_office_enabled": true,
-# "microsoft_office_layers": 3,
-# "name": "test_malware_1",
-# "scan_compressed_enabled": false,
-# "scan_type": "on-demand",
-# "spyware_enabled": true
-# },
-# {
-# "alert_enabled": true,
-# "amsiScanEnabled": true,
-# "behavior_monitoring_enabled": false,
-# "custom_remediation_actions_enabled": false,
-# "description": "test malware 2 description",
-# "directories_to_scan": "all-directories",
-# "document_exploit_heuristic_level": "default",
-# "document_exploit_protection": "critical-only",
-# "document_exploit_protection_enabled": true,
-# "files_to_scan": "all-files",
-# "id": 21,
-# "intelli_trap_enabled": false,
-# "machine_learning_enabled": true,
-# "memory_scan_enabled": false,
-# "microsoft_office_enabled": true,
-# "microsoft_office_layers": 3,
-# "name": "test_malware_2",
-# "network_directories_enabled": false,
-# "real_time_scan": "read-write",
-# "scanActionForMachineLearning": "pass",
-# "scan_compressed_enabled": false,
-# "scan_type": "real-time",
-# "spyware_enabled": true
-# }
-# ],
-# "before": []
-
+ - name: test_malware_1
+ description: test malware 1 description
+ scan_action_for_virus: pass
+ alert_enabled: true
+ scan_type: on-demand
+ real_time_scan: read-only
+ cpu_usage: medium
+ - name: test_malware_2
+ description: test malware 2 description
+ scan_action_for_virus: pass
+ alert_enabled: true
+ scan_type: real-time
+ real_time_scan: read-write
+ cpu_usage: low
- name: Modify existing AntiMalware Rules
trendmicro.deepsec.deepsec_anti_malwares:
state: merged
config:
- - name: test_malware_2
- description: Update test malware 2 description
- files_to_scan: intelliscan-file-types
-
-# Play Run:
-# =========
-#
-# "anti_malwares": {
-# "after": [
-# {
-# "alert_enabled": true,
-# "amsiScanEnabled": true,
-# "behavior_monitoring_enabled": false,
-# "custom_remediation_actions_enabled": false,
-# "description": "Update test malware 2 description",
-# "directories_to_scan": "all-directories",
-# "document_exploit_heuristic_level": "default",
-# "document_exploit_protection": "critical-only",
-# "document_exploit_protection_enabled": true,
-# "files_to_scan": "intelliscan-file-types",
-# "id": 21,
-# "intelli_trap_enabled": false,
-# "machine_learning_enabled": true,
-# "memory_scan_enabled": false,
-# "microsoft_office_enabled": true,
-# "microsoft_office_layers": 3,
-# "name": "test_malware_2",
-# "network_directories_enabled": false,
-# "real_time_scan": "read-write",
-# "scanActionForMachineLearning": "pass",
-# "scan_compressed_enabled": false,
-# "scan_type": "real-time",
-# "spyware_enabled": true
-# }
-# ],
-# "before": [
-# {
-# "alert_enabled": true,
-# "amsiScanEnabled": true,
-# "behavior_monitoring_enabled": false,
-# "custom_remediation_actions_enabled": false,
-# "description": "test malware 2 description",
-# "directories_to_scan": "all-directories",
-# "document_exploit_heuristic_level": "default",
-# "document_exploit_protection": "critical-only",
-# "document_exploit_protection_enabled": true,
-# "files_to_scan": "all-files",
-# "id": 21,
-# "intelli_trap_enabled": false,
-# "machine_learning_enabled": true,
-# "memory_scan_enabled": false,
-# "microsoft_office_enabled": true,
-# "microsoft_office_layers": 3,
-# "name": "test_malware_2",
-# "network_directories_enabled": false,
-# "real_time_scan": "read-write",
-# "scanActionForMachineLearning": "pass",
-# "scan_compressed_enabled": false,
-# "scan_type": "real-time",
-# "spyware_enabled": true
-# }
-# ]
-# }
-
-# Using REPLACED state
-# --------------------
-
+ - name: test_malware_2
+ description: Update test malware 2 description
+ files_to_scan: intelliscan-file-types
- name: Replaced AntiMalware Rules
trendmicro.deepsec.deepsec_anti_malwares:
state: replaced
config:
- - name: test_malware_2
- description: Replace test malware 2 description
- scan_action_for_virus: quarantine
- alert_enabled: true
- files_to_scan: intelliscan-file-types
- scan_type: real-time
- real_time_scan: read-only
- cpu_usage: medium
-
-# Play Run:
-# =========
-#
-# "anti_malwares": {
-# "after": [
-# {
-# "alert_enabled": true,
-# "amsiScanEnabled": true,
-# "behavior_monitoring_enabled": false,
-# "custom_remediation_actions_enabled": false,
-# "description": "Replace test malware 2 description",
-# "directories_to_scan": "all-directories",
-# "document_exploit_heuristic_level": "default",
-# "document_exploit_protection": "critical-only",
-# "document_exploit_protection_enabled": true,
-# "files_to_scan": "intelliscan-file-types",
-# "id": 23,
-# "intelli_trap_enabled": false,
-# "machine_learning_enabled": true,
-# "memory_scan_enabled": false,
-# "microsoft_office_enabled": true,
-# "microsoft_office_layers": 3,
-# "name": "test_malware_2",
-# "network_directories_enabled": false,
-# "real_time_scan": "read-only",
-# "scanActionForMachineLearning": "pass",
-# "scan_compressed_enabled": false,
-# "scan_type": "real-time",
-# "spyware_enabled": true
-# }
-# ],
-# "before": [
-# {
-# "alert_enabled": true,
-# "amsiScanEnabled": true,
-# "behavior_monitoring_enabled": false,
-# "custom_remediation_actions_enabled": false,
-# "description": "test malware 2 description",
-# "directories_to_scan": "all-directories",
-# "document_exploit_heuristic_level": "default",
-# "document_exploit_protection": "critical-only",
-# "document_exploit_protection_enabled": true,
-# "files_to_scan": "intelliscan-file-types",
-# "id": 22,
-# "intelli_trap_enabled": false,
-# "machine_learning_enabled": true,
-# "memory_scan_enabled": false,
-# "microsoft_office_enabled": true,
-# "microsoft_office_layers": 3,
-# "name": "test_malware_2",
-# "network_directories_enabled": false,
-# "real_time_scan": "read-only",
-# "scanActionForMachineLearning": "pass",
-# "scan_compressed_enabled": false,
-# "scan_type": "real-time",
-# "spyware_enabled": true
-# }
-# ]
-# }
-
-# Using GATHERED state
-# --------------------
-
+ - name: test_malware_2
+ description: Replace test malware 2 description
+ scan_action_for_virus: quarantine
+ alert_enabled: true
+ files_to_scan: intelliscan-file-types
+ scan_type: real-time
+ real_time_scan: read-only
+ cpu_usage: medium
- name: Gather AntiMalware Rules by AntiMalware names
trendmicro.deepsec.deepsec_anti_malwares:
state: gathered
config:
- - name: test_malware_1
- - name: test_malware_2
-
-# Play Run:
-# =========
-#
-# "gathered": [
-# {
-# "alert_enabled": true,
-# "cpu_usage": "medium",
-# "custom_remediation_actions_enabled": false,
-# "description": "test malware 1 description",
-# "directories_to_scan": "all-directories",
-# "document_exploit_heuristic_level": "default",
-# "document_exploit_protection": "critical-only",
-# "document_exploit_protection_enabled": true,
-# "files_to_scan": "all-files",
-# "id": 20,
-# "microsoft_office_enabled": true,
-# "microsoft_office_layers": 3,
-# "name": "test_malware_1",
-# "scan_compressed_enabled": false,
-# "scan_type": "on-demand",
-# "spyware_enabled": true
-# },
-# {
-# "alert_enabled": true,
-# "amsiScanEnabled": true,
-# "behavior_monitoring_enabled": false,
-# "custom_remediation_actions_enabled": false,
-# "description": "test malware 2 description",
-# "directories_to_scan": "all-directories",
-# "document_exploit_heuristic_level": "default",
-# "document_exploit_protection": "critical-only",
-# "document_exploit_protection_enabled": true,
-# "files_to_scan": "all-files",
-# "id": 21,
-# "intelli_trap_enabled": false,
-# "machine_learning_enabled": true,
-# "memory_scan_enabled": false,
-# "microsoft_office_enabled": true,
-# "microsoft_office_layers": 3,
-# "name": "test_malware_2",
-# "network_directories_enabled": false,
-# "real_time_scan": "read-write",
-# "scanActionForMachineLearning": "pass",
-# "scan_compressed_enabled": false,
-# "scan_type": "real-time",
-# "spyware_enabled": true
-# }
-# ]
-
+ - name: test_malware_1
+ - name: test_malware_2
- name: Gather ALL of the AntiMalware Rules
trendmicro.deepsec.deepsec_anti_malwares:
state: gathered
-
-# Using DELETED state
-# ------------------
-
- name: Delete AntiMalware Rules
trendmicro.deepsec.deepsec_anti_malwares:
state: deleted
config:
- - name: test_malware_1
- - name: test_malware_2
-
-# Play Run:
-# =========
-#
-# "anti_malwares": {
-# "after": [],
-# "before": [
-# {
-# "alert_enabled": true,
-# "cpu_usage": "medium",
-# "custom_remediation_actions_enabled": false,
-# "description": "test malware 1 description",
-# "directories_to_scan": "all-directories",
-# "document_exploit_heuristic_level": "default",
-# "document_exploit_protection": "critical-only",
-# "document_exploit_protection_enabled": true,
-# "files_to_scan": "all-files",
-# "id": 18,
-# "microsoft_office_enabled": true,
-# "microsoft_office_layers": 3,
-# "name": "test_malware_1",
-# "scan_compressed_enabled": false,
-# "scan_type": "on-demand",
-# "spyware_enabled": true
-# },
-# {
-# "alert_enabled": true,
-# "cpu_usage": "medium",
-# "custom_remediation_actions_enabled": false,
-# "description": "test malware 2 description",
-# "directories_to_scan": "all-directories",
-# "document_exploit_heuristic_level": "default",
-# "document_exploit_protection": "critical-only",
-# "document_exploit_protection_enabled": true,
-# "files_to_scan": "all-files",
-# "id": 19,
-# "microsoft_office_enabled": true,
-# "microsoft_office_layers": 3,
-# "name": "test_malware_2",
-# "scan_compressed_enabled": false,
-# "scan_type": "on-demand",
-# "spyware_enabled": true
-# }
-# ]
-# }
-
+ - name: test_malware_1
+ - name: test_malware_2
"""
RETURN = """
diff --git a/plugins/modules/deepsec_apikey.py b/plugins/modules/deepsec_apikey.py
index bc8b420..28a7769 100644
--- a/plugins/modules/deepsec_apikey.py
+++ b/plugins/modules/deepsec_apikey.py
@@ -9,12 +9,11 @@
__metaclass__ = type
DOCUMENTATION = """
----
module: deepsec_apikey
short_description: Create a new and manage API Keys.
description:
- - This module create and manages API key under TrendMicro Deep Security.
-version_added: "1.1.0"
+- This module create and manages API key under TrendMicro Deep Security.
+version_added: 1.0.0
options:
api_keys:
description: List of API keys that needs to be configured
@@ -33,7 +32,7 @@
type: str
locale:
description: Country and language for the APIKey.
- choices: ["en-US", "ja-JP"]
+ choices: [en-US, ja-JP]
type: str
role_id:
description: ID of the role assigned to the APIKey.
@@ -42,55 +41,57 @@
description: Display name of the APIKey's time zone, e.g. America/New_York.
type: str
active:
- description: If true, the APIKey can be used to authenticate. If false, the APIKey
- is locked out.
+ description: If true, the APIKey can be used to authenticate. If false, the
+ APIKey is locked out.
type: bool
created:
description: Timestamp of the APIKey's creation, in milliseconds since epoch.
type: int
last_sign_in:
- description: Timestamp of the APIKey's last successful authentication, in milliseconds
- since epoch.
+ description: Timestamp of the APIKey's last successful authentication, in
+ milliseconds since epoch.
type: int
unlock_time:
- description: Timestamp of when a locked out APIKey will be unlocked, in milliseconds since epoch.
+ description: Timestamp of when a locked out APIKey will be unlocked, in milliseconds
+ since epoch.
type: int
unsuccessful_sign_in_attempts:
- description: Number of unsuccessful authentication attempts made since the last successful
- authentication.
+ description: Number of unsuccessful authentication attempts made since the
+ last successful authentication.
type: int
expiry_date:
- description: Timestamp of the APIKey's expiry date, in milliseconds since epoch.
+ description: Timestamp of the APIKey's expiry date, in milliseconds since
+ epoch.
type: int
secret_key:
description:
- - Secret key used to authenticate API requests. Only returned when creating a new APIKey or
- regenerating the secret key.
- - With secret key generation as everytime request is fired it'll try to create a new secret key,
- so with secret key idempotency will not be maintained
+ - Secret key used to authenticate API requests. Only returned when creating
+ a new APIKey or regenerating the secret key.
+ - With secret key generation as everytime request is fired it'll try to create
+ a new secret key, so with secret key idempotency will not be maintained
type: str
service_account:
description:
- - If true, the APIKey was created by the primary tenant (T0) to authenticate API calls against
- other tenants' databases.
- - Valid param only with secret_key.
+ - If true, the APIKey was created by the primary tenant (T0) to authenticate
+ API calls against other tenants' databases.
+ - Valid param only with secret_key.
type: bool
current:
description:
- - If true, generates a new secret key for the current API key.
- - Valid param only with secret_key.
+ - If true, generates a new secret key for the current API key.
+ - Valid param only with secret_key.
type: bool
state:
description:
- - The state the configuration should be left in
- - The state I(gathered) will get the module API configuration from the device and
- transform it into structured data in the format as per the module argspec and
- the value is returned in the I(gathered) key within the result.
+ - The state the configuration should be left in
+ - The state I(gathered) will get the module API configuration from the device
+ and transform it into structured data in the format as per the module argspec
+ and the value is returned in the I(gathered) key within the result.
type: str
choices:
- - present
- - absent
- - gathered
+ - present
+ - absent
+ - gathered
default: present
author: Ansible Security Automation Team (@justjais) "
"""
@@ -100,87 +101,35 @@
trendmicro.deepsec.deepsec_apikey:
state: present
api_keys:
- - key_name: admin_apiKeys
- description: test API keys 1
- active: true
- role_id: 1
- locale: en-US
- - key_name: auditor_apiKeys
- description: test API keys 2
- active: true
- role_id: 2
- locale: en-US
-
+ - key_name: admin_apiKeys
+ description: test API keys 1
+ active: true
+ role_id: 1
+ locale: en-US
+ - key_name: auditor_apiKeys
+ description: test API keys 2
+ active: true
+ role_id: 2
+ locale: en-US
- name: Generate Secret key for current API key
trendmicro.deepsec.deepsec_apikey:
state: present
api_keys:
- - current: true
-
+ - current: true
- name: Generate Secret key for specified API key
trendmicro.deepsec.deepsec_apikey:
state: present
api_keys:
- - key_name: admin_apiKeys
- secret_key: test_secret
-
+ - key_name: admin_apiKeys
+ secret_key: test_secret
- name: Get the API keys by Name
trendmicro.deepsec.deepsec_apikey:
api_keys:
- - key_name: admin_apiKeys
+ - key_name: admin_apiKeys
state: gathered
-
-# Gathered output:
-# "gathered": {
-# "api_keys": [
-# {
-# "active": true,
-# "created": 1621845321503,
-# "description": "test API keys 1",
-# "id": 1,
-# "key_name": "admin_apiKeys",
-# "locale": "en-US",
-# "role_id": 1,
-# "service_account": false,
-# "time_zone": "UTC",
-# "unsuccessful_sign_in_attempts": 0
-# }
-# ]
-# },
-
- name: Get all the API keys
trendmicro.deepsec.deepsec_apikey:
state: gathered
-
-# "gathered": {
-# "api_keys": [
-# {
-# "active": true,
-# "created": 1621845321503,
-# "description": "test API keys 1",
-# "id": 1,
-# "key_name": "admin_apiKeys",
-# "locale": "en-US",
-# "role_id": 1,
-# "service_account": false,
-# "time_zone": "UTC",
-# "unsuccessful_sign_in_attempts": 0
-# },
-# {
-# "active": true,
-# "created": 1621845321503,
-# "description": "test API keys 2",
-# "id": 2,
-# "key_name": "auditor_apiKeys",
-# "locale": "en-US",
-# "role_id": 1,
-# "service_account": false,
-# "time_zone": "UTC",
-# "unsuccessful_sign_in_attempts": 0
-# }
-# ]
-# },
-
- name: Delete/Remove the API key by name
trendmicro.deepsec.deepsec_apikey:
state: absent
diff --git a/plugins/modules/deepsec_firewall_rules.py b/plugins/modules/deepsec_firewall_rules.py
index a65b31d..f2d5a56 100644
--- a/plugins/modules/deepsec_firewall_rules.py
+++ b/plugins/modules/deepsec_firewall_rules.py
@@ -10,7 +10,7 @@
module: deepsec_firewall_rules
short_description: Manages Firewall Rule resource module
description: Firewall rule details.
-version_added: 2.0.0
+version_added: 1.2.0
options:
config:
description: A dictionary of Firewall Rules options
@@ -325,408 +325,59 @@
trendmicro.deepsec.deepsec_firewall_rules:
state: merged
config:
- - name: test_firewallrule_1
- description: incoming firewall 1 rule description
- action: deny
- priority: 0
- source_iptype: any
- destination_iptype: any
- direction: incoming
- protocol: tcp
- log_disabled: true
- - name: test_firewallrule_2
- description: incoming firewall 2 rule description
- action: deny
- priority: 0
- source_iptype: any
- source_ipnot: false
- source_port_type: any
- destination_iptype: any
- direction: incoming
- protocol: tcp
-
-# Play Run:
-# =========
-#
-# "firewall_rules": {
-# "after": [
-# {
-# "action": "deny",
-# "alert_enabled": false,
-# "any_flags": true,
-# "description": "incoming firewall 1 rule description",
-# "destination_ipnot": false,
-# "destination_iptype": "any",
-# "destination_macnot": false,
-# "destination_mactype": "any",
-# "destination_port_not": false,
-# "destination_port_type": "any",
-# "direction": "incoming",
-# "frame_not": false,
-# "frame_number": 2048,
-# "frame_type": "ip",
-# "id": 132,
-# "include_packet_data": false,
-# "log_disabled": true,
-# "name": "test_firewallrule_1",
-# "priority": "0",
-# "protocol": "tcp",
-# "protocol_not": false,
-# "source_ipnot": false,
-# "source_iptype": "any",
-# "source_macnot": false,
-# "source_mactype": "any",
-# "source_port_not": false,
-# "source_port_type": "any"
-# },
-# {
-# "action": "deny",
-# "alert_enabled": false,
-# "any_flags": true,
-# "description": "incoming firewall 2 rule description",
-# "destination_ipnot": false,
-# "destination_iptype": "any",
-# "destination_macnot": false,
-# "destination_mactype": "any",
-# "destination_port_not": false,
-# "destination_port_type": "any",
-# "direction": "incoming",
-# "frame_not": false,
-# "frame_number": 2048,
-# "frame_type": "ip",
-# "id": 133,
-# "include_packet_data": false,
-# "log_disabled": false,
-# "name": "test_firewallrule_2",
-# "priority": "0",
-# "protocol": "tcp",
-# "protocol_not": false,
-# "source_ipnot": false,
-# "source_iptype": "any",
-# "source_macnot": false,
-# "source_mactype": "any",
-# "source_port_not": false,
-# "source_port_type": "any"
-# }
-# ],
-# "before": []
-# }
-
+ - name: test_firewallrule_1
+ description: incoming firewall 1 rule description
+ action: deny
+ priority: 0
+ source_iptype: any
+ destination_iptype: any
+ direction: incoming
+ protocol: tcp
+ log_disabled: true
+ - name: test_firewallrule_2
+ description: incoming firewall 2 rule description
+ action: deny
+ priority: 0
+ source_iptype: any
+ source_ipnot: false
+ source_port_type: any
+ destination_iptype: any
+ direction: incoming
+ protocol: tcp
- name: Modify the severity of Firewall Rule by name
trendmicro.deepsec.deepsec_firewall_rules:
state: merged
config:
- - name: test_firewallrule_1
- action: allow
-
-# Play Run:
-# =========
-#
-# "firewall_rules": {
-# "after": [
-# {
-# "action": "allow",
-# "alert_enabled": false,
-# "any_flags": true,
-# "description": "incoming firewall 1 rule description",
-# "destination_ipnot": false,
-# "destination_iptype": "any",
-# "destination_macnot": false,
-# "destination_mactype": "any",
-# "destination_port_not": false,
-# "destination_port_type": "any",
-# "direction": "incoming",
-# "frame_not": false,
-# "frame_number": 2048,
-# "frame_type": "ip",
-# "id": 132,
-# "include_packet_data": false,
-# "log_disabled": true,
-# "name": "test_firewallrule_1",
-# "priority": "0",
-# "protocol": "tcp",
-# "protocol_not": false,
-# "source_ipnot": false,
-# "source_iptype": "any",
-# "source_macnot": false,
-# "source_mactype": "any",
-# "source_port_not": false,
-# "source_port_type": "any"
-# }
-# ],
-# "before": [
-# {
-# "action": "deny",
-# "alert_enabled": false,
-# "any_flags": true,
-# "description": "incoming firewall 1 rule description",
-# "destination_ipnot": false,
-# "destination_iptype": "any",
-# "destination_macnot": false,
-# "destination_mactype": "any",
-# "destination_port_not": false,
-# "destination_port_type": "any",
-# "direction": "incoming",
-# "frame_not": false,
-# "frame_number": 2048,
-# "frame_type": "ip",
-# "id": 132,
-# "include_packet_data": false,
-# "log_disabled": true,
-# "name": "test_firewallrule_1",
-# "priority": "0",
-# "protocol": "tcp",
-# "protocol_not": false,
-# "source_ipnot": false,
-# "source_iptype": "any",
-# "source_macnot": false,
-# "source_mactype": "any",
-# "source_port_not": false,
-# "source_port_type": "any"
-# }
-# ]
-# }
-
-# Using REPLACED state
-# --------------------
-
+ - name: test_firewallrule_1
+ action: allow
- name: Replace existing Firewall Rules
trendmicro.deepsec.deepsec_intrusion_prevention_rules:
state: replaced
config:
- - name: test_firewallrule_1
- description: outgoing firewall 1 replaced rule
- action: deny
- priority: 0
- source_iptype: any
- destination_iptype: any
- direction: outgoing
- protocol: any
- log_disabled: true
-
-# Play Run:
-# =========
-#
-# "firewall_rules": {
-# "after": [
-# {
-# "action": "deny",
-# "alert_enabled": false,
-# "any_flags": true,
-# "description": "outgoing firewall 1 replaced rule",
-# "destination_ipnot": false,
-# "destination_iptype": "any",
-# "destination_macnot": false,
-# "destination_mactype": "any",
-# "destination_port_not": false,
-# "destination_port_type": "any",
-# "direction": "outgoing",
-# "frame_not": false,
-# "frame_number": 2048,
-# "frame_type": "ip",
-# "id": 134,
-# "include_packet_data": false,
-# "log_disabled": true,
-# "name": "test_firewallrule_1",
-# "priority": "0",
-# "protocol": "any",
-# "protocol_not": false,
-# "source_ipnot": false,
-# "source_iptype": "any",
-# "source_macnot": false,
-# "source_mactype": "any",
-# "source_port_not": false,
-# "source_port_type": "any"
-# }
-# ],
-# "before": [
-# {
-# "action": "deny",
-# "alert_enabled": false,
-# "any_flags": true,
-# "description": "incoming firewall 1 rule description",
-# "destination_ipnot": false,
-# "destination_iptype": "any",
-# "destination_macnot": false,
-# "destination_mactype": "any",
-# "destination_port_not": false,
-# "destination_port_type": "any",
-# "direction": "incoming",
-# "frame_not": false,
-# "frame_number": 2048,
-# "frame_type": "ip",
-# "id": 132,
-# "include_packet_data": false,
-# "log_disabled": true,
-# "name": "test_firewallrule_1",
-# "priority": "0",
-# "protocol": "tcp",
-# "protocol_not": false,
-# "source_ipnot": false,
-# "source_iptype": "any",
-# "source_macnot": false,
-# "source_mactype": "any",
-# "source_port_not": false,
-# "source_port_type": "any"
-# }
-# ]
-# }
-
-# Using GATHERED state
-# --------------------
-
+ - name: test_firewallrule_1
+ description: outgoing firewall 1 replaced rule
+ action: deny
+ priority: 0
+ source_iptype: any
+ destination_iptype: any
+ direction: outgoing
+ protocol: any
+ log_disabled: true
- name: Gather Firewall Rules by FW names
trendmicro.deepsec.deepsec_firewall_rules:
state: gathered
config:
- - name: test_firewallrule_1
- - name: test_firewallrule_2
-
-# Play Run:
-# =========
-#
-# "gathered": [
-# {
-# "action": "deny",
-# "alert_enabled": false,
-# "any_flags": true,
-# "description": "incoming firewall 1 rule description",
-# "destination_ipnot": false,
-# "destination_iptype": "any",
-# "destination_macnot": false,
-# "destination_mactype": "any",
-# "destination_port_not": false,
-# "destination_port_type": "any",
-# "direction": "incoming",
-# "frame_not": false,
-# "frame_number": 2048,
-# "frame_type": "ip",
-# "id": 132,
-# "include_packet_data": false,
-# "log_disabled": true,
-# "name": "test_firewallrule_1",
-# "priority": "0",
-# "protocol": "tcp",
-# "protocol_not": false,
-# "source_ipnot": false,
-# "source_iptype": "any",
-# "source_macnot": false,
-# "source_mactype": "any",
-# "source_port_not": false,
-# "source_port_type": "any"
-# },
-# {
-# "action": "deny",
-# "alert_enabled": false,
-# "any_flags": true,
-# "description": "incoming firewall 2 rule description",
-# "destination_ipnot": false,
-# "destination_iptype": "any",
-# "destination_macnot": false,
-# "destination_mactype": "any",
-# "destination_port_not": false,
-# "destination_port_type": "any",
-# "direction": "incoming",
-# "frame_not": false,
-# "frame_number": 2048,
-# "frame_type": "ip",
-# "id": 133,
-# "include_packet_data": false,
-# "log_disabled": false,
-# "name": "test_firewallrule_2",
-# "priority": "0",
-# "protocol": "tcp",
-# "protocol_not": false,
-# "source_ipnot": false,
-# "source_iptype": "any",
-# "source_macnot": false,
-# "source_mactype": "any",
-# "source_port_not": false,
-# "source_port_type": "any"
-# }
-# ]
-
+ - name: test_firewallrule_1
+ - name: test_firewallrule_2
- name: Gather ALL of the Firewall Rules
trendmicro.deepsec.deepsec_firewall_rules:
state: gathered
-
-# Using DELETED state
-# ------------------
-
- name: Delete Firewall Rules
trendmicro.deepsec.deepsec_firewall_rules:
state: deleted
config:
- - name: test_firewallrule_1
- - name: test_firewallrule_2
-
-# Play Run:
-# =========
-#
-# "firewall_rules": {
-# "after": [],
-# "before": [
-# {
-# "action": "deny",
-# "alert_enabled": false,
-# "any_flags": true,
-# "description": "incoming firewall 1 rule description",
-# "destination_ipnot": false,
-# "destination_iptype": "any",
-# "destination_macnot": false,
-# "destination_mactype": "any",
-# "destination_port_not": false,
-# "destination_port_type": "any",
-# "direction": "incoming",
-# "frame_not": false,
-# "frame_number": 2048,
-# "frame_type": "ip",
-# "id": 134,
-# "include_packet_data": false,
-# "log_disabled": true,
-# "name": "test_firewallrule_1",
-# "priority": "0",
-# "protocol": "tcp",
-# "protocol_not": false,
-# "source_ipnot": false,
-# "source_iptype": "any",
-# "source_macnot": false,
-# "source_mactype": "any",
-# "source_port_not": false,
-# "source_port_type": "any"
-# },
-# {
-# "action": "deny",
-# "alert_enabled": false,
-# "any_flags": true,
-# "description": "incoming firewall 2 rule description",
-# "destination_ipnot": false,
-# "destination_iptype": "any",
-# "destination_macnot": false,
-# "destination_mactype": "any",
-# "destination_port_not": false,
-# "destination_port_type": "any",
-# "direction": "incoming",
-# "frame_not": false,
-# "frame_number": 2048,
-# "frame_type": "ip",
-# "id": 133,
-# "include_packet_data": false,
-# "log_disabled": false,
-# "name": "test_firewallrule_2",
-# "priority": "0",
-# "protocol": "tcp",
-# "protocol_not": false,
-# "source_ipnot": false,
-# "source_iptype": "any",
-# "source_macnot": false,
-# "source_mactype": "any",
-# "source_port_not": false,
-# "source_port_type": "any"
-# }
-# ]
-# }
-
+ - name: test_firewallrule_1
+ - name: test_firewallrule_2
"""
RETURN = """
diff --git a/plugins/modules/deepsec_firewallrules.py b/plugins/modules/deepsec_firewallrules.py
index da24080..888fd2f 100644
--- a/plugins/modules/deepsec_firewallrules.py
+++ b/plugins/modules/deepsec_firewallrules.py
@@ -17,8 +17,8 @@
deprecated:
alternative: deepsec_firewall_rules
why: Newer and updated modules released with more functionality
- removed_at_date: '2023-12-08'
-author: "Ansible Security Automation Team (@justjais) "
+ removed_at_date: '2023-12-01'
+author: Ansible Security Automation Team (@justjais)
options:
name:
description: Name of the firewall rule
@@ -31,42 +31,45 @@
description: Action of the packet filter.
type: str
choices:
- - 'log-only'
- - 'allow'
- - 'deny'
- - 'force-allow'
- - 'bypass'
+ - log-only
+ - allow
+ - deny
+ - force-allow
+ - bypass
priority:
description: Priority of the packet filter.
choices: ['0', '1', '2', '3', '4']
type: str
direction:
description: Packet direction.
- choices: ['incoming', 'outgoing']
+ choices: [incoming, outgoing]
type: str
frame_type:
description: Supported frame types.
- choices: ['any', 'ip', 'arp', 'revarp', 'ipv4', 'ipv6', 'other']
+ choices: [any, ip, arp, revarp, ipv4, ipv6, other]
type: str
frame_number:
description: Ethernet frame number. Only required for FrameType 'other'.
type: int
frame_not:
- description: Controls if the frame setting should be inverted. Set to true to invert.
+ description: Controls if the frame setting should be inverted. Set to true to
+ invert.
type: bool
protocol:
description: Protocol.
- choices: ['any', 'icmp', 'igmp', 'ggp', 'tcp', 'pup', 'udp', 'idp', 'nd', 'raw', 'tcp-udp', 'icmpv6', 'other']
+ choices: [any, icmp, igmp, ggp, tcp, pup, udp, idp, nd, raw, tcp-udp, icmpv6,
+ other]
type: str
protocol_number:
description: Two-byte protocol number.
type: int
protocol_not:
- description: Controls if the protocol setting should be inverted. Set to true to invert.
+ description: Controls if the protocol setting should be inverted. Set to true
+ to invert.
type: bool
source_iptype:
description: Source IP type.
- choices: ['any', 'masked-ip', 'range', 'ip-list', 'single', 'multiple']
+ choices: [any, masked-ip, range, ip-list, single, multiple]
type: str
source_ipvalue:
description: Source IP. Only applies to source IP type 'masked-ip' or 'single'.
@@ -75,10 +78,12 @@
description: Source IP mask. Only applies to source IP type 'masked-ip'.
type: str
source_iprange_from:
- description: The first value for a range of source IP addresses. Only applies to source IP type 'range'.
+ description: The first value for a range of source IP addresses. Only applies
+ to source IP type 'range'.
type: str
source_iprange_to:
- description: The last value for a range of source IP addresses. Only applies to source IP type 'range'.
+ description: The last value for a range of source IP addresses. Only applies to
+ source IP type 'range'.
type: str
source_ipmultiple:
description: List of source IP addresses. Only applies to source IP type 'multiple'.
@@ -88,11 +93,12 @@
description: ID of source IP list. Only applies to source IP type 'ip-list'.
type: int
source_ipnot:
- description: Controls if the source IP setting should be inverted. Set to true to invert.
+ description: Controls if the source IP setting should be inverted. Set to true
+ to invert.
type: bool
source_mactype:
description: Source MAC type.
- choices: ['any', 'single', 'mac-list', 'multiple']
+ choices: [any, single, mac-list, multiple]
type: str
source_macvalue:
description: Source MAC address. Only applies to MAC type 'single'.
@@ -105,54 +111,59 @@
description: ID of MAC address list. Only applies to MAC type 'mac-list'.
type: int
source_macnot:
- description: Controls if the source MAC setting should be inverted. Set to true to invert.
+ description: Controls if the source MAC setting should be inverted. Set to true
+ to invert.
type: bool
source_port_type:
description: The type of source port.
- choices: ['any', 'multiple', 'port-list']
+ choices: [any, multiple, port-list]
type: str
source_port_multiple:
- description: List of comma-delimited source ports. Only applies to source type 'multiple'.
+ description: List of comma-delimited source ports. Only applies to source type
+ 'multiple'.
type: list
elements: str
source_port_list_id:
description: ID of source port list. Only applies to source type 'port-list'.
type: int
source_port_not:
- description: Controls if the source MAC setting should be inverted. Set to true to invert.
+ description: Controls if the source MAC setting should be inverted. Set to true
+ to invert.
type: bool
destination_iptype:
description: Destination IP type.
- choices: ['any', 'masked-ip', 'range', 'ip-list', 'single', 'multiple']
+ choices: [any, masked-ip, range, ip-list, single, multiple]
type: str
destination_ipvalue:
- description: Destination IP. Only applies to destination IP type 'masked-ip' or 'single'.
+ description: Destination IP. Only applies to destination IP type 'masked-ip' or
+ 'single'.
type: str
destination_ipmask:
description: Destination IP mask. Only applies to destination IP type 'masked-ip'.
type: str
destination_iprange_from:
- description: The first value for a range of destination IP addresses. Only applies to estination IP
- type 'range'.
+ description: The first value for a range of destination IP addresses. Only applies
+ to estination IP type 'range'.
type: str
destination_iprange_to:
- description: The last value for a range of destination IP addresses. Only applies to destination IP
- type 'range'.
+ description: The last value for a range of destination IP addresses. Only applies
+ to destination IP type 'range'.
type: str
destination_ipmultiple:
- description: List of comma-delimited destination IP addresses. Only applies to destination IP
- type 'multiple'.
+ description: List of comma-delimited destination IP addresses. Only applies to
+ destination IP type 'multiple'.
type: list
elements: str
destination_iplist_id:
description: ID of destination IP list. Only applies to destination IP type 'ip-list'.
type: int
destination_ipnot:
- description: Controls if the destination IP setting should be inverted. Set to true to invert.
+ description: Controls if the destination IP setting should be inverted. Set to
+ true to invert.
type: bool
destination_mactype:
description: Destination MAC type.
- choices: ['any', 'single', 'mac-list', 'multiple']
+ choices: [any, single, mac-list, multiple]
type: str
destination_macvalue:
description: Destination MAC address. Only applies to MAC type 'single'.
@@ -165,28 +176,31 @@
description: ID of MAC address list. Only applies to MAC type 'mac-list'.
type: int
destination_macnot:
- description: Controls if the destination MAC setting should be inverted. Set to true to invert.
+ description: Controls if the destination MAC setting should be inverted. Set to
+ true to invert.
type: bool
destination_port_type:
description: The type of destination port.
- choices: ['any', 'multiple', 'port-list']
+ choices: [any, multiple, port-list]
type: str
destination_port_multiple:
- description: List of comma-delimited destination ports. Only applies to destination type 'multiple'.
+ description: List of comma-delimited destination ports. Only applies to destination
+ type 'multiple'.
type: list
elements: str
destination_port_list_id:
description: ID of destination port list. Only applies to destination type 'port-list'.
type: int
destination_port_not:
- description: Controls if the destination port setting should be inverted. Set to true to invert.
+ description: Controls if the destination port setting should be inverted. Set
+ to true to invert.
type: bool
any_flags:
description: True if any flags are used.
type: bool
log_disabled:
- description: Controls if logging for this filter is disabled. Only applies to filter
- action 'log-only' or 'deny'.
+ description: Controls if logging for this filter is disabled. Only applies to
+ filter action 'log-only' or 'deny'.
type: bool
include_packet_data:
description: Controls if this filter should capture data for every log.
@@ -199,7 +213,7 @@
type: int
tcpflags:
description: TCP flags
- choices: ['fin', 'syn', 'rst', 'psh', 'ack', 'urg']
+ choices: [fin, syn, rst, psh, ack, urg]
type: list
elements: str
tcpnot:
@@ -216,11 +230,11 @@
type: bool
state:
description:
- - The state the configuration should be left in
+ - The state the configuration should be left in
type: str
choices:
- - present
- - absent
+ - present
+ - absent
default: present
"""
@@ -237,7 +251,7 @@
direction: incoming
protocol: tcp
tcpflags:
- - syn
+ - syn
- name: Delete/Remove the existing Firewall rule Config
trendmicro.deepsec.deepsec_firewallrules:
diff --git a/plugins/modules/deepsec_hosts_info.py b/plugins/modules/deepsec_hosts_info.py
index af08bd9..8557db5 100644
--- a/plugins/modules/deepsec_hosts_info.py
+++ b/plugins/modules/deepsec_hosts_info.py
@@ -11,15 +11,16 @@
DOCUMENTATION = """
module: deepsec_hosts_info
-short_description: Obtain information about one or many Hosts defined by TrendMicro Deep Security
+short_description: Obtain information about one or many Hosts defined by TrendMicro
+ Deep Security
description:
- - This module obtains information about Hosts defined by TrendMicro Deep Security
+- This module obtains information about Hosts defined by TrendMicro Deep Security
version_added: 1.0.0
-author: "Ansible Security Automation Team (@maxamillion) "
+author: Ansible Security Automation Team (@maxamillion)
options:
id:
description:
- - Obtain only information of the Rule with provided ID
+ - Obtain only information of the Rule with provided ID
required: false
type: int
"""
diff --git a/plugins/modules/deepsec_integrity_monitoring_rules.py b/plugins/modules/deepsec_integrity_monitoring_rules.py
index fa5f3ed..b897fbb 100644
--- a/plugins/modules/deepsec_integrity_monitoring_rules.py
+++ b/plugins/modules/deepsec_integrity_monitoring_rules.py
@@ -6,7 +6,7 @@
__metaclass__ = type
-DOCUMENTATION = r"""
+DOCUMENTATION = """
module: deepsec_integrity_monitoring_rules
short_description: Manages Integrity Monitoring Rule resource module
description: Integrity monitoring rules describe how Deep Security Agents should scan
@@ -14,7 +14,7 @@
values as well as changes in installed software, processes, listening ports and
running services. Integrity monitoring rules can be assigned directly to computers
or can be made part of a policy.
-version_added: 2.0.0
+version_added: 1.2.0
options:
config:
description: A dictionary of Integrity Monitoring Rules options
@@ -90,8 +90,8 @@
type: bool
registry_included_values:
description: Registry key values to be monitored by the IntegrityMonitoringRule.
- JSON array or delimited by '\n'. '?' matches a single character, while '*'
- matches zero or more characters. Ignored if the IntegrityMonitoringRule
+ JSON array or delimited by new line. Question mark matches a single character,
+ while '*' matches zero or more characters. Ignored if the IntegrityMonitoringRule
does not monitor a registry key.
type: list
elements: str
@@ -102,14 +102,14 @@
type: bool
registry_excluded_values:
description: Registry key values to be ignored by the IntegrityMonitoringRule.
- JSON array or delimited by '\n'. '?' matches a single character, while '*'
- matches zero or more characters. Ignored if the IntegrityMonitoringRule
+ JSON array or delimited by new line. Question mark matches a single character,
+ while '*' matches zero or more characters. Ignored if the IntegrityMonitoringRule
does not monitor a registry key.
type: list
elements: str
registry_attributes:
description: Registry key attributes to be monitored by the IntegrityMonitoringRule.
- JSON array or delimited by '\n'. Defaults to 'STANDARD' which will monitor
+ JSON array or delimited by new line. Defaults to 'STANDARD' which will monitor
changes in registry size, content and type. Ignored if the IntegrityMonitoringRule
does not monitor a registry key.
type: list
@@ -126,24 +126,24 @@
type: bool
file_included_values:
description: File name values to be monitored by the IntegrityMonitoringRule.
- JSON array or delimited by '\n'. '?' matches a single character, while '*'
- matches zero or more characters. Leaving this field blank when monitoring
- file directories will cause the IntegrityMonitoringRule to monitor all files
- in a directory. This can use significant system resources if the base directory
- contains numerous or large files. Ignored if the IntegrityMonitoringRule
+ JSON array or delimited by new line. Question mark matches a single character,
+ while '*' matches zero or more characters. Leaving this field blank when
+ monitoring file directories will cause the IntegrityMonitoringRule to monitor
+ all files in a directory. This can use significant system resources if the
+ base directory contains numerous or large files. Ignored if the IntegrityMonitoringRule
does not monitor a file directory.
type: list
elements: str
file_excluded_values:
description: File name values to be ignored by the IntegrityMonitoringRule.
- JSON array or delimited by '\n'. '?' matches a single character, while '*'
- matches zero or more characters. Ignored if the IntegrityMonitoringRule
+ JSON array or delimited by new line. Question mark matches a single character,
+ while '*' matches zero or more characters. Ignored if the IntegrityMonitoringRule
does not monitor a file directory.
type: list
elements: str
file_attributes:
description: File attributes to be monitored by the IntegrityMonitoringRule.
- JSON array or delimited by '\n'. Defaults to 'STANDARD' which will monitor
+ JSON array or delimited by new line. Defaults to 'STANDARD' which will monitor
changes in file creation date, last modified date, permissions, owner, group,
size, content, flags (Windows) and SymLinkPath (Linux). Ignored if the IntegrityMonitoringRule
does not monitor a file directory.
@@ -195,7 +195,7 @@
author: Ansible Security Automation Team (@justjais)
"""
-EXAMPLES = r"""
+EXAMPLES = """
# Using MERGED state
# -------------------
@@ -204,362 +204,57 @@
trendmicro.deepsec.deepsec_integrity_monitoring_rules:
state: merged
config:
- - name: THIS IS TEST IMR - 1
- alert_enabled: false
- description: THIS IS TEST IMR DESCRIPTION - 1
- real_time_monitoring_enabled: true
- registry_included_values:
- - test_1
- - test_2
- severity: medium
- template: registry
- - name: THIS IS TEST IMR - 2
- alert_enabled: false
- description: THIS IS TEST IMR DESCRIPTION - 2
- real_time_monitoring_enabled: true
- registry_attributes:
- - test
- severity: low
- template: registry
-
-# Play Run:
-# =========
-#
-# "integrity_monitoring_rules": {
-# "after": [
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 1",
-# "id": 321,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 1",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "STANDARD"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_sub_keys": false,
-# "registry_included_values": [
-# "test_1",
-# "test_2"
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "medium",
-# "template": "registry"
-# },
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 2",
-# "id": 322,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 2",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "test"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_sub_keys": false,
-# "registry_included_values": [
-# ""
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "low",
-# "template": "registry"
-# }
-# ],
-# "before": []
-# }
-
+ - name: THIS IS TEST IMR - 1
+ alert_enabled: false
+ description: THIS IS TEST IMR DESCRIPTION - 1
+ real_time_monitoring_enabled: true
+ registry_included_values:
+ - test_1
+ - test_2
+ severity: medium
+ template: registry
+ - name: THIS IS TEST IMR - 2
+ alert_enabled: false
+ description: THIS IS TEST IMR DESCRIPTION - 2
+ real_time_monitoring_enabled: true
+ registry_attributes:
+ - test
+ severity: low
+ template: registry
- name: Modify the severity of Integrity Monitoring Rule by name
trendmicro.deepsec.deepsec_integrity_monitoring_rules:
state: merged
config:
- - name: THIS IS TEST IMR - 2
- severity: medium
-
-# Play Run:
-# =========
-#
-# "integrity_monitoring_rules": {
-# "after": [
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 2",
-# "id": 322,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 2",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "test"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_sub_keys": false,
-# "registry_included_values": [
-# ""
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "medium",
-# "template": "registry"
-# }
-# ],
-# "before": [
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 2",
-# "id": 322,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 2",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "test"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_sub_keys": false,
-# "registry_included_values": [
-# ""
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "low",
-# "template": "registry"
-# }
-# ]
-# }
-
-# Using REPLACED state
-# --------------------
-
+ - name: THIS IS TEST IMR - 2
+ severity: medium
- name: Replace existing Integrity Monitoring Rule
trendmicro.deepsec.deepsec_integrity_monitoring_rules:
state: replaced
config:
- - name: THIS IS TEST IMR - 1
- alert_enabled: false
- description: THIS IS REPLACED TEST IMR DESCRIPTION - 1
- real_time_monitoring_enabled: true
- registry_included_values:
- - test_3
- - test_4
- severity: low
- template: registry
-
-
-# Play Run:
-# =========
-#
-# "integrity_monitoring_rules": {
-# "after": [
-# {
-# "alert_enabled": false,
-# "description": "THIS IS REPLACED TEST IMR DESCRIPTION - 1",
-# "id": 325,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 1",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "STANDARD"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_sub_keys": false,
-# "registry_included_values": [
-# "test_3",
-# "test_4"
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "low",
-# "template": "registry"
-# }
-# ],
-# "before": [
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 1",
-# "id": 323,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 1",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "STANDARD"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_sub_keys": false,
-# "registry_included_values": [
-# "test_1",
-# "test_2"
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "medium",
-# "template": "registry"
-# }
-# ]
-# }
-
-# Using GATHERED state
-# --------------------
-
+ - name: THIS IS TEST IMR - 1
+ alert_enabled: false
+ description: THIS IS REPLACED TEST IMR DESCRIPTION - 1
+ real_time_monitoring_enabled: true
+ registry_included_values:
+ - test_3
+ - test_4
+ severity: low
+ template: registry
- name: Gather Integrity Monitoring Rule by IMR names
trendmicro.deepsec.deepsec_integrity_monitoring_rules:
state: gathered
config:
- - name: THIS IS TEST IMR - 1
- - name: THIS IS TEST IMR - 2
-
-# Play Run:
-# =========
-#
-# "gathered": [
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 1",
-# "id": 326,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 1",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "STANDARD"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_subkeys": false,
-# "registry_included_values": [
-# "test_1",
-# "test_2"
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "medium",
-# "template": "registry"
-# },
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 2",
-# "id": 327,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 2",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "test"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_subkeys": false,
-# "registry_included_values": [
-# ""
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "low",
-# "template": "registry"
-# }
-# ]
-
+ - name: THIS IS TEST IMR - 1
+ - name: THIS IS TEST IMR - 2
- name: Gather ALL of the Integrity Monitoring Rule
trendmicro.deepsec.deepsec_integrity_monitoring_rules:
state: gathered
-
-# Using DELETED state
-# ------------------
-
- name: Delete Integrity Monitoring Rule
trendmicro.deepsec.deepsec_integrity_monitoring_rules:
state: deleted
config:
- - name: THIS IS TEST IMR - 1
- - name: THIS IS TEST IMR - 2
-
-# Play Run:
-# =========
-#
-# "integrity_monitoring_rules": {
-# "after": [],
-# "before": [
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 1",
-# "id": 326,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 1",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "STANDARD"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_sub_keys": false,
-# "registry_included_values": [
-# "test_1",
-# "test_2"
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "medium",
-# "template": "registry"
-# },
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 2",
-# "id": 327,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 2",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "test"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_sub_keys": false,
-# "registry_included_values": [
-# ""
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "low",
-# "template": "registry"
-# }
-# ]
-# }
-
+ - name: THIS IS TEST IMR - 1
+ - name: THIS IS TEST IMR - 2
"""
RETURN = r"""
diff --git a/plugins/modules/deepsec_integrity_monitoringrules.py b/plugins/modules/deepsec_integrity_monitoringrules.py
index 93a2ebb..33a9c29 100644
--- a/plugins/modules/deepsec_integrity_monitoringrules.py
+++ b/plugins/modules/deepsec_integrity_monitoringrules.py
@@ -9,22 +9,17 @@
__metaclass__ = type
-ANSIBLE_METADATA = {
- "metadata_version": "1.1",
- "status": ["preview"],
- "supported_by": "community",
-}
-
DOCUMENTATION = """
module: deepsec_integrity_monitoringrules
short_description: Create/Configure Integrity Monitoring Rules.
description:
- - This module creates and configure Integrity Monitoring Rules under TrendMicro Deep Security.
-version_added: "1.2.0"
+- This module creates and configure Integrity Monitoring Rules under TrendMicro Deep
+ Security.
+version_added: 1.0.0
deprecated:
alternative: deepsec_integrity_monitoring_rules
why: Newer and updated modules released with more functionality
- removed_at_date: '2023-12-08'
+ removed_at_date: '2023-12-01'
options:
config:
description: Integrity Monitoring Rules config
@@ -35,16 +30,17 @@
description: Name of the IntegrityMonitoringRule.
type: str
description:
- description: Description of the IntegrityMonitoringRule.
+ description: Description of the IntegrityMonitoringRule.
type: str
severity:
- description: Severity level of the event is multiplied by the computer's asset value to
- determine ranking. Ranking can be used to sort events with more business impact.
- choices: ["low", "medium", "high", "critical"]
+ description: Severity level of the event is multiplied by the computer's asset
+ value to determine ranking. Ranking can be used to sort events with more
+ business impact.
+ choices: [low, medium, high, critical]
type: str
template:
description: Template which the IntegrityMonitoringRule follows.
- choices: ["registry", "file", "custom"]
+ choices: [registry, file, custom]
type: str
registry_key_root:
description: Registry hive which is monitored by the IntegrityMonitoringRule.
@@ -56,9 +52,9 @@
if the IntegrityMonitoringRule does not monitor a registry key.
type: str
registry_include_subkeys:
- description: Controls whether the IntegrityMonitoringRule should also include subkeys
- of the registry key it monitors. Ignored if the IntegrityMonitoringRule does not monitor
- a registry key.
+ description: Controls whether the IntegrityMonitoringRule should also include
+ subkeys of the registry key it monitors. Ignored if the IntegrityMonitoringRule
+ does not monitor a registry key.
type: bool
registry_included_values:
description: Registry key values to be monitored by the IntegrityMonitoringRule.
@@ -66,8 +62,9 @@
type: list
elements: str
registry_include_default_value:
- description: Controls whether the rule should monitor default registry key values.
- Ignored if the IntegrityMonitoringRule does not monitor a registry key.
+ description: Controls whether the rule should monitor default registry key
+ values. Ignored if the IntegrityMonitoringRule does not monitor a registry
+ key.
type: bool
registry_excluded_values:
description: Registry key values to be ignored by the IntegrityMonitoringRule.
@@ -84,71 +81,75 @@
Ignored if the IntegrityMonitoringRule does not monitor a file directory.
type: str
fileinclude_subdirectories:
- description: Controls whether the IntegrityMonitoringRule should also monitor sub-directories of
- the base file directory that is associated with it. Ignored if the IntegrityMonitoringRule
- does not monitor a file directory.
+ description: Controls whether the IntegrityMonitoringRule should also monitor
+ sub-directories of the base file directory that is associated with it. Ignored
+ if the IntegrityMonitoringRule does not monitor a file directory.
type: bool
file_included_values:
- description: File name values to be monitored by the IntegrityMonitoringRule. Leaving this
- field blank when monitoring file directories will cause the IntegrityMonitoringRule to
- monitor all files in a directory. This can use significant system resources if the
- base directory contains numerous or large files. Ignored if the IntegrityMonitoringRule
- does not monitor a file directory.
+ description: File name values to be monitored by the IntegrityMonitoringRule.
+ Leaving this field blank when monitoring file directories will cause the
+ IntegrityMonitoringRule to monitor all files in a directory. This can use
+ significant system resources if the base directory contains numerous or
+ large files. Ignored if the IntegrityMonitoringRule does not monitor a file
+ directory.
type: list
elements: str
file_excluded_values:
- description: File name values to be ignored by the IntegrityMonitoringRule. Ignored if
- the IntegrityMonitoringRule does not monitor a file directory.
+ description: File name values to be ignored by the IntegrityMonitoringRule.
+ Ignored if the IntegrityMonitoringRule does not monitor a file directory.
type: list
elements: str
file_attributes:
- description: File attributes to be monitored by the IntegrityMonitoringRule. Defaults
- to STANDARD which will monitor changes in file creation date, last modified date,
- permissions, owner, group, size, content, flags (Windows) and SymLinkPath (Linux).
- Ignored if the IntegrityMonitoringRule does not monitor a file directory.
+ description: File attributes to be monitored by the IntegrityMonitoringRule.
+ Defaults to STANDARD which will monitor changes in file creation date, last
+ modified date, permissions, owner, group, size, content, flags (Windows)
+ and SymLinkPath (Linux). Ignored if the IntegrityMonitoringRule does not
+ monitor a file directory.
type: list
elements: str
custom_xml:
description: Custom XML rules to be used by the IntegrityMonitoringRule. Custom
- XML rules must be encoded in the Base64 format. Ignored if the
- IntegrityMonitoringRule does not follow the custom template.
+ XML rules must be encoded in the Base64 format. Ignored if the IntegrityMonitoringRule
+ does not follow the custom template.
type: str
alert_enabled:
- description: Controls whether an alert should be made if an event related to the
- IntegrityMonitoringRule is logged. Defaults to false.
+ description: Controls whether an alert should be made if an event related
+ to the IntegrityMonitoringRule is logged. Defaults to false.
type: bool
real_time_monitoring_enabled:
- description: Controls whether the IntegrityMonitoringRule is monitored in real
- time or during every scan. Defaults to true which indicates that it is monitored
- in real time. A value of false indicates that it will only be checked during scans.
+ description: Controls whether the IntegrityMonitoringRule is monitored in
+ real time or during every scan. Defaults to true which indicates that it
+ is monitored in real time. A value of false indicates that it will only
+ be checked during scans.
type: bool
recommendations_mode:
description: Indicates whether recommendation scans consider the IntegrityMonitoringRule.
Can be set to enabled or ignored. Custom rules cannot be recommended.
- choices: ["enabled", "ignored", "unknown", "disabled"]
+ choices: [enabled, ignored, unknown, disabled]
type: str
minimum_agent_version:
description: Minimum Deep Security Agent version that supports the IntegrityMonitoringRule.
- This value is provided in the X.X.X.X format. Defaults to 6.0.0.0. If an agent is not
- the minimum required version, the manager does not send the rule to the agent, and generates
- an alert. APPLICABLE ONLY with GET call. NOT APPLICABLE param with Create/Modify POST call.
+ This value is provided in the X.X.X.X format. Defaults to 6.0.0.0. If an
+ agent is not the minimum required version, the manager does not send the
+ rule to the agent, and generates an alert. APPLICABLE ONLY with GET call.
+ NOT APPLICABLE param with Create/Modify POST call.
type: str
minimum_manager_version:
description: Minimum Deep Security Manager version that supports the IntegrityMonitoringRule.
- This value is provided in the X.X.X format. Defaults to 6.0.0. An alert will be raised
- if a manager that fails to meet the minimum manager version value tries to assign this
- rule to a host or profile. APPLICABLE ONLY with GET call. NOT APPLICABLE param with
- Create/Modify POST call.
+ This value is provided in the X.X.X format. Defaults to 6.0.0. An alert
+ will be raised if a manager that fails to meet the minimum manager version
+ value tries to assign this rule to a host or profile. APPLICABLE ONLY with
+ GET call. NOT APPLICABLE param with Create/Modify POST call.
type: str
identifier:
- description: Identifier of the IntegrityMonitoringRule from Trend Micro.
- Empty if the IntegrityMonitoringRule is user created. APPLICABLE ONLY with GET call.
- NOT APPLICABLE param with Create/Modify POST call.
+ description: Identifier of the IntegrityMonitoringRule from Trend Micro. Empty
+ if the IntegrityMonitoringRule is user created. APPLICABLE ONLY with GET
+ call. NOT APPLICABLE param with Create/Modify POST call.
type: str
type:
description: Type of the IntegrityMonitoringRule. If the rule is predefined
- by Trend Micro, it is set to 2. If it is user created, it is set to 1.
- APPLICABLE ONLY with GET call. NOT APPLICABLE param with Create/Modify POST call.
+ by Trend Micro, it is set to 2. If it is user created, it is set to 1. APPLICABLE
+ ONLY with GET call. NOT APPLICABLE param with Create/Modify POST call.
type: str
original_issue:
description: Timestamp when the IntegrityMonitoringRule was originally issued
@@ -158,8 +159,8 @@
type: int
last_updated:
description: Timestamp when the IntegrityMonitoringRule was last updated,
- in milliseconds since epoch. APPLICABLE ONLY with GET call.
- NOT APPLICABLE param with Create/Modify POST call.
+ in milliseconds since epoch. APPLICABLE ONLY with GET call. NOT APPLICABLE
+ param with Create/Modify POST call.
type: int
id:
description: ID of the IntegrityMonitoringRule. APPLICABLE ONLY with GET call.
@@ -167,17 +168,16 @@
type: int
state:
description:
- - The state the configuration should be left in
- - The state I(gathered) will get the module API configuration from the device and
- transform it into structured data in the format as per the module argspec and
- the value is returned in the I(gathered) key within the result.
+ - The state the configuration should be left in
+ - The state I(gathered) will get the module API configuration from the device
+ and transform it into structured data in the format as per the module argspec
+ and the value is returned in the I(gathered) key within the result.
type: str
choices:
- - present
- - absent
- - gathered
+ - present
+ - absent
+ - gathered
default: present
-
author: Ansible Security Automation Team (@justjais) "
"""
@@ -190,284 +190,44 @@
trendmicro.deepsec.deepsec_integrity_monitoringrules:
state: present
config:
- - name: THIS IS TEST IMR - 1
- alert_enabled: false
- description: THIS IS TEST IMR DESCRIPTION - 1
- real_time_monitoring_enabled: true
- registry_included_values:
- - test_1
- - test_2
- severity: medium
- template: registry
- - name: THIS IS TEST IMR - 2
- alert_enabled: false
- description: THIS IS TEST IMR DESCRIPTION - 2
- real_time_monitoring_enabled: true
- registry_attributes:
- - test
- severity: low
- template: registry
-
-# Play Run:
-# =========
-#
-# "integrity_monitoringrules": {
-# "after": [
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 1",
-# "id": 213,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 1",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "STANDARD"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_subkeys": false,
-# "registry_included_values": [
-# "test_1",
-# "test_2"
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "medium",
-# "template": "registry"
-# },
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 2",
-# "id": 214,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 2",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "test"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_subkeys": false,
-# "registry_included_values": [
-# ""
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "low",
-# "template": "registry"
-# }
-# ],
-# "before": []
-# }
-
+ - name: THIS IS TEST IMR - 1
+ alert_enabled: false
+ description: THIS IS TEST IMR DESCRIPTION - 1
+ real_time_monitoring_enabled: true
+ registry_included_values:
+ - test_1
+ - test_2
+ severity: medium
+ template: registry
+ - name: THIS IS TEST IMR - 2
+ alert_enabled: false
+ description: THIS IS TEST IMR DESCRIPTION - 2
+ real_time_monitoring_enabled: true
+ registry_attributes:
+ - test
+ severity: low
+ template: registry
- name: Modify the severity of Integrity Monitoring Rule by name
trendmicro.deepsec.deepsec_integrity_monitoringrules:
state: present
config:
- - name: THIS IS TEST IMR - 2
- severity: medium
-
-# Play Run:
-# =========
-#
-# "integrity_monitoringrules": {
-# "after": [
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 2",
-# "id": 216,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 2",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "test"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_subkeys": false,
-# "registry_included_values": [
-# ""
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "medium",
-# "template": "registry"
-# }
-# ],
-# "before": [
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 2",
-# "id": 216,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 2",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "test"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_subkeys": false,
-# "registry_included_values": [
-# ""
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "low",
-# "template": "registry"
-# }
-# ]
-# }
-
-# Using GATHERED state
-# --------------------
-
+ - name: THIS IS TEST IMR - 2
+ severity: medium
- name: Gather Integrity Monitoring Rules by IMR names
trendmicro.deepsec.deepsec_integrity_monitoringrules:
state: gathered
config:
- - name: THIS IS TEST IMR - 1
- - name: THIS IS TEST IMR - 2
-
-# Play Run:
-# =========
-#
-# "gathered": [
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 1",
-# "id": 215,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 1",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "STANDARD"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_subkeys": false,
-# "registry_included_values": [
-# "test_1",
-# "test_2"
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "medium",
-# "template": "registry"
-# },
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 2",
-# "id": 216,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 2",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "test"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_subkeys": false,
-# "registry_included_values": [
-# ""
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "low",
-# "template": "registry"
-# }
-# ]
-
+ - name: THIS IS TEST IMR - 1
+ - name: THIS IS TEST IMR - 2
- name: Gather ALL of the Integrity Monitoring Rules
trendmicro.deepsec.deepsec_integrity_monitoringrules:
state: gathered
-
-# Using ABSENT state
-# ------------------
-
- name: Delete existing Integrity Monitoring Rules
trendmicro.deepsec.deepsec_integrity_monitoringrules:
state: absent
config:
- - name: THIS IS TEST IMR - 1
- - name: THIS IS TEST IMR - 2
-
-# Play Run:
-# =========
-#
-# "integrity_monitoringrules": {
-# "after": [],
-# "before": [
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 1",
-# "id": 213,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 1",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "STANDARD"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_subkeys": false,
-# "registry_included_values": [
-# "test_1",
-# "test_2"
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "medium",
-# "template": "registry"
-# },
-# {
-# "alert_enabled": false,
-# "description": "THIS IS TEST IMR DESCRIPTION - 2",
-# "id": 214,
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "THIS IS TEST IMR - 2",
-# "real_time_monitoring_enabled": true,
-# "registry_attributes": [
-# "test"
-# ],
-# "registry_excluded_values": [
-# ""
-# ],
-# "registry_include_default_value": true,
-# "registry_include_subkeys": false,
-# "registry_included_values": [
-# ""
-# ],
-# "registry_key_root": "HKEY_CLASSES_ROOT",
-# "registry_key_value": "\\",
-# "severity": "low",
-# "template": "registry"
-# }
-# ]
-# }
-
+ - name: THIS IS TEST IMR - 1
+ - name: THIS IS TEST IMR - 2
"""
import copy
diff --git a/plugins/modules/deepsec_intrusion_prevention_rules.py b/plugins/modules/deepsec_intrusion_prevention_rules.py
index cc74066..57c6582 100644
--- a/plugins/modules/deepsec_intrusion_prevention_rules.py
+++ b/plugins/modules/deepsec_intrusion_prevention_rules.py
@@ -10,8 +10,8 @@
module: deepsec_intrusion_prevention_rules
short_description: Intrusion Prevention Rule resource module.
description:
- - This module creates a new intrusion preventin rul under TrendMicro Deep Security.
-version_added: "2.0.0"
+- This module creates a new intrusion preventin rul under TrendMicro Deep Security.
+version_added: 1.2.0
options:
config:
description: Intrusion prevention rules config
@@ -25,91 +25,101 @@
description: Description of the IntrusionPreventionRule.
type: str
minimum_agent_version:
- description: Version of the Deep Security agent or appliance required to support the rule.
+ description: Version of the Deep Security agent or appliance required to support
+ the rule.
type: str
application_type_id:
description: ID of the application type for the IntrusionPreventionRule.
type: int
priority:
- description: Priority level of the rule. Higher priority rules are applied before
- lower priority rules.
- choices: ["lowest", "low", "normal", "high", "highest"]
+ description: Priority level of the rule. Higher priority rules are applied
+ before lower priority rules.
+ choices: [lowest, low, normal, high, highest]
type: str
severity:
- description: Severity level of the rule. Severity levels can be used as sorting criteria
- and affect event rankings.
- choices: ["low", "medium", "high", "critical"]
+ description: Severity level of the rule. Severity levels can be used as sorting
+ criteria and affect event rankings.
+ choices: [low, medium, high, critical]
type: str
detect_only:
- description: In detect mode, the rule creates an event log and does not interfere with traffic.
+ description: In detect mode, the rule creates an event log and does not interfere
+ with traffic.
type: bool
event_logging_disabled:
- description: Enable to prevent event logs from being created when the rule is triggered.
- Not available if detect only is true.
+ description: Enable to prevent event logs from being created when the rule
+ is triggered. Not available if detect only is true.
type: bool
generate_event_on_packet_drop:
description: Generate an event every time a packet is dropped for the rule.
Not available if event logging disabled is true.
type: bool
always_include_packet_data:
- description: Enabled to include package data in the event logs.
- Not available if event logging disabled is true.
+ description: Enabled to include package data in the event logs. Not available
+ if event logging disabled is true.
type: bool
debug_mode_enabled:
- description: Enable to log additional packets preceeding and following the packet
- that the rule detected. Not available if event logging disabled is true.
+ description: Enable to log additional packets preceeding and following the
+ packet that the rule detected. Not available if event logging disabled is
+ true.
type: bool
type:
description: Type of IntrusionPreventionRule.
- choices: ["custom", "smart", "vulnerability", "exploit", "hidden", "policy", "info"]
+ choices: [custom, smart, vulnerability, exploit, hidden, policy, info]
type: str
original_issue:
- description: Timestamp of the date the rule was released, in milliseconds since epoch.
+ description: Timestamp of the date the rule was released, in milliseconds
+ since epoch.
type: int
last_updated:
- description: Timestamp of the last rule modification, in milliseconds since epoch.
+ description: Timestamp of the last rule modification, in milliseconds since
+ epoch.
type: int
template:
- description: Type of template for the IntrusionPreventionRule. Applicable only to custom rules.
- choices: ["signature", "start-end-patterns", "custom"]
+ description: Type of template for the IntrusionPreventionRule. Applicable
+ only to custom rules.
+ choices: [signature, start-end-patterns, custom]
type: str
signature:
- description: Signature of the rule. Applicable to custom rules with template type signature.
+ description: Signature of the rule. Applicable to custom rules with template
+ type signature.
type: str
start:
- description: Start pattern of the rule. Applicable to custom rules with template type start-end-patterns.
+ description: Start pattern of the rule. Applicable to custom rules with template
+ type start-end-patterns.
type: str
patterns:
- description: Body patterns of the rule, which must be found between start and end patterns.
- Applicable to custom rules with template type start-end-patterns.
+ description: Body patterns of the rule, which must be found between start
+ and end patterns. Applicable to custom rules with template type start-end-patterns.
type: list
elements: str
end:
- description: End pattern of the rule. Applicable to custom rules with template type start-end-patterns.
+ description: End pattern of the rule. Applicable to custom rules with template
+ type start-end-patterns.
type: str
case_sensitive:
- description: Enable to make signatures and patterns case sensitive.
- Applicable to custom rules with template type signature or start-end-patterns.
+ description: Enable to make signatures and patterns case sensitive. Applicable
+ to custom rules with template type signature or start-end-patterns.
type: bool
condition:
- description: Condition to determine if the rule is triggered.
- Applicable to custom rules with template type start-end-patterns.
- choices: ["all", "any", "none"]
+ description: Condition to determine if the rule is triggered. Applicable to
+ custom rules with template type start-end-patterns.
+ choices: [all, any, none]
type: str
action:
- description: Action to apply if the rule is triggered.
- Applicable to custom rules with template type signature or start-end-patterns.
- choices: ["drop", "log-only"]
+ description: Action to apply if the rule is triggered. Applicable to custom
+ rules with template type signature or start-end-patterns.
+ choices: [drop, log-only]
type: str
custom_xml:
- description: The custom XML used to define the rule.
- Applicable to custom rules with template type custom.
+ description: The custom XML used to define the rule. Applicable to custom
+ rules with template type custom.
type: str
alert_enabled:
description: Enable to raise an alert when the rule logs an event.
type: bool
schedule_id:
- description: ID of the schedule which defines times during which the rule is active.
+ description: ID of the schedule which defines times during which the rule
+ is active.
type: int
context_id:
description: ID of the context in which the rule is applied.
@@ -117,11 +127,11 @@
recommendations_mode:
description: Indicates whether recommendation scans consider the IntrusionPreventionRule.
Can be set to enabled or ignored. Custom rules cannot be recommended.
- choices: ["enabled", "ignored", "unknown", "disabled"]
+ choices: [enabled, ignored, unknown, disabled]
type: str
depends_on_rule_ids:
- description: IDs of intrusion prevention rules the rule depends on,
- which will be automatically assigned if this rule is assigned.
+ description: IDs of intrusion prevention rules the rule depends on, which
+ will be automatically assigned if this rule is assigned.
type: list
elements: int
cvss_score:
@@ -133,31 +143,30 @@
type: list
elements: str
id:
- description: ID for the Intrusion prevention rule. Applicaple only with GET call
- Not applicaple param with Create/Modify POST call
+ description: ID for the Intrusion prevention rule. Applicaple only with GET
+ call Not applicaple param with Create/Modify POST call
type: int
identifier:
- description: Identifier for the Intrusion prevention rule.
- Applicaple only with GET call. Not applicaple param with Create/Modify POST call
+ description: Identifier for the Intrusion prevention rule. Applicaple only
+ with GET call. Not applicaple param with Create/Modify POST call
type: str
can_be_assigned_alone:
- description: Intrusion prevention rule can be assigned by self.
- Applicaple only with GET call. Not applicaple param with Create/Modify POST call
+ description: Intrusion prevention rule can be assigned by self. Applicaple
+ only with GET call. Not applicaple param with Create/Modify POST call
type: bool
state:
description:
- - The state the configuration should be left in
- - The state I(gathered) will get the module API configuration from the device and
- transform it into structured data in the format as per the module argspec and
- the value is returned in the I(gathered) key within the result.
+ - The state the configuration should be left in
+ - The state I(gathered) will get the module API configuration from the device
+ and transform it into structured data in the format as per the module argspec
+ and the value is returned in the I(gathered) key within the result.
type: str
choices:
- - merged
- - replaced
- - deleted
- - gathered
+ - merged
+ - replaced
+ - deleted
+ - gathered
default: present
-
author: Ansible Security Automation Team (@justjais) "
"""
@@ -170,357 +179,83 @@
trendmicro.deepsec.deepsec_intrusion_prevention_rules:
state: merged
config:
- - alert_enabled: false
- always_include_packet_data: false
- application_type_id: 300
- template: signature
- signature: test_new_signature_1
- debug_mode_enabled: false
- description: TEST IPR 2 DESCRIPTION
- detect_only: false
- event_logging_disabled: false
- generate_event_on_packet_drop: true
- name: TEST IPR 1
- priority: normal
- severity: medium
- - alert_enabled: false
- always_include_packet_data: false
- application_type_id: 300
- template: signature
- signature: test_new_signature_2
- debug_mode_enabled: false
- description: TEST IPR 2 DESCRIPTION
- detect_only: false
- event_logging_disabled: false
- generate_event_on_packet_drop: true
- name: TEST IPR 2
- priority: normal
- severity: medium
-
-# Play Run:
-# =========
-#
-# "intrusion_prevention_rules": {
-# "after": [
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7887,
-# "name": "TEST IPR 1",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_1",
-# "template": "signature"
-# },
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7888,
-# "name": "TEST IPR 2",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_2",
-# "template": "signature"
-# }
-# ],
-# "before": []
-# }
-
+ - alert_enabled: false
+ always_include_packet_data: false
+ application_type_id: 300
+ template: signature
+ signature: test_new_signature_1
+ debug_mode_enabled: false
+ description: TEST IPR 2 DESCRIPTION
+ detect_only: false
+ event_logging_disabled: false
+ generate_event_on_packet_drop: true
+ name: TEST IPR 1
+ priority: normal
+ severity: medium
+ - alert_enabled: false
+ always_include_packet_data: false
+ application_type_id: 300
+ template: signature
+ signature: test_new_signature_2
+ debug_mode_enabled: false
+ description: TEST IPR 2 DESCRIPTION
+ detect_only: false
+ event_logging_disabled: false
+ generate_event_on_packet_drop: true
+ name: TEST IPR 2
+ priority: normal
+ severity: medium
- name: Modify the severity of Integrity Monitoring Rule by name
trendmicro.deepsec.deepsec_intrusion_prevention_rules:
state: merged
config:
- - name: TEST IPR 2
- severity: low
-
-# Play Run:
-# =========
-#
-# "intrusion_prevention_rules": {
-# "after": [
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7902,
-# "name": "TEST IPR 2",
-# "priority": "normal",
-# "severity": "low",
-# "signature": "test_new_signature",
-# "template": "signature"
-# }
-# ],
-# "before": [
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7902,
-# "name": "TEST IPR 2",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature",
-# "template": "signature"
-# }
-# ]
-# }
-
-# Using REPLACED state
-# --------------------
-
+ - name: TEST IPR 2
+ severity: low
- name: Replace existing Intrusion Prevention Rules
trendmicro.deepsec.deepsec_intrusion_prevention_rules:
state: replaced
config:
- - alert_enabled: false
- always_include_packet_data: false
- application_type_id: 300
- template: signature
- signature: test_new_signature_1
- debug_mode_enabled: false
- description: TEST IPR 1 REPLACE DESCRIPTION
- detect_only: false
- event_logging_disabled: false
- generate_event_on_packet_drop: true
- name: TEST IPR 1
- priority: normal
- severity: low
- - alert_enabled: false
- always_include_packet_data: false
- application_type_id: 300
- template: signature
- signature: test_new_signature_1
- debug_mode_enabled: false
- description: TEST IPR 2 REPLACE DESCRIPTION
- detect_only: false
- event_logging_disabled: false
- generate_event_on_packet_drop: true
- name: TEST IPR 2
- priority: normal
- severity: low
-
-# Play Run:
-# =========
-#
-# "intrusion_prevention_rules": {
-# "after": [
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 1 REPLACE DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 8151,
-# "name": "TEST IPR 1",
-# "priority": "normal",
-# "severity": "low",
-# "signature": "test_new_signature_1",
-# "template": "signature"
-# },
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 REPLACE DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 8152,
-# "name": "TEST IPR 2",
-# "priority": "normal",
-# "severity": "low",
-# "signature": "test_new_signature_1",
-# "template": "signature"
-# }
-# ],
-# "before": [
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 1 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 8149,
-# "name": "TEST IPR 1",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_1",
-# "template": "signature"
-# },
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 8150,
-# "name": "TEST IPR 2",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_2",
-# "template": "signature"
-# }
-# ]
-
-# Using GATHERED state
-# --------------------
-
+ - alert_enabled: false
+ always_include_packet_data: false
+ application_type_id: 300
+ template: signature
+ signature: test_new_signature_1
+ debug_mode_enabled: false
+ description: TEST IPR 1 REPLACE DESCRIPTION
+ detect_only: false
+ event_logging_disabled: false
+ generate_event_on_packet_drop: true
+ name: TEST IPR 1
+ priority: normal
+ severity: low
+ - alert_enabled: false
+ always_include_packet_data: false
+ application_type_id: 300
+ template: signature
+ signature: test_new_signature_1
+ debug_mode_enabled: false
+ description: TEST IPR 2 REPLACE DESCRIPTION
+ detect_only: false
+ event_logging_disabled: false
+ generate_event_on_packet_drop: true
+ name: TEST IPR 2
+ priority: normal
+ severity: low
- name: Gather Intrusion Prevention Rules by IPR names
trendmicro.deepsec.deepsec_intrusion_prevention_rules:
state: gathered
config:
- - name: TEST IPR 1
- - name: TEST IPR 2
-
-# Play Run:
-# =========
-#
-# "gathered": [
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7887,
-# "name": "TEST IPR 1",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_1",
-# "template": "signature"
-# },
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7888,
-# "name": "TEST IPR 2",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_2",
-# "template": "signature"
-# }
-# ]
-
+ - name: TEST IPR 1
+ - name: TEST IPR 2
- name: Gather ALL of the Intrusion Prevention Rules
trendmicro.deepsec.deepsec_intrusion_prevention_rules:
state: gathered
-
-# Using DELETED state
-# ------------------
-
- name: Delete Intrusion Prevention Rules
trendmicro.deepsec.deepsec_intrusion_prevention_rules:
state: deleted
config:
- - name: TEST IPR 1
- - name: TEST IPR 2
-
-# Play Run:
-# =========
-#
-# "intrusion_prevention_rules": {
-# "after": [],
-# "before": [
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7887,
-# "name": "TEST IPR 1",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_1",
-# "template": "signature"
-# },
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7888,
-# "name": "TEST IPR 2",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_2",
-# "template": "signature"
-# }
-# ]
-# }
-
+ - name: TEST IPR 1
+ - name: TEST IPR 2
"""
diff --git a/plugins/modules/deepsec_intrusion_preventionrules.py b/plugins/modules/deepsec_intrusion_preventionrules.py
index cea72dd..df84779 100644
--- a/plugins/modules/deepsec_intrusion_preventionrules.py
+++ b/plugins/modules/deepsec_intrusion_preventionrules.py
@@ -9,22 +9,16 @@
__metaclass__ = type
-ANSIBLE_METADATA = {
- "metadata_version": "1.1",
- "status": ["preview"],
- "supported_by": "community",
-}
-
DOCUMENTATION = """
module: deepsec_intrusion_preventionrules
short_description: Create a new intrusion prevention rule.
description:
- - This module creates a new intrusion preventin rul under TrendMicro Deep Security.
-version_added: "1.2.0"
+- This module creates a new intrusion preventin rul under TrendMicro Deep Security.
+version_added: 1.0.0
deprecated:
alternative: deepsec_intrusion_prevention_rules
why: Newer and updated modules released with more functionality
- removed_at_date: '2023-12-08'
+ removed_at_date: '2023-12-01'
options:
config:
description: Intrusion prevention rules config
@@ -33,189 +27,199 @@
suboptions:
name:
description:
- - Name of the IntrusionPreventionRule.
- - Searchable as String.
+ - Name of the IntrusionPreventionRule.
+ - Searchable as String.
type: str
description:
description:
- - Description of the IntrusionPreventionRule.
- - Searchable as String.
+ - Description of the IntrusionPreventionRule.
+ - Searchable as String.
type: str
minimum_agent_version:
description:
- - Version of the Deep Security agent or appliance required to support the rule.
- - Searchable as String.
+ - Version of the Deep Security agent or appliance required to support the
+ rule.
+ - Searchable as String.
type: str
application_type_id:
description:
- - ID of the application type for the IntrusionPreventionRule.
- - Searchable as Numeric.
+ - ID of the application type for the IntrusionPreventionRule.
+ - Searchable as Numeric.
type: int
priority:
description:
- - Priority level of the rule. Higher priority rules are applied before lower priority rules.
- - Searchable as Choice.
- choices: ["lowest", "low", "normal", "high", "highest"]
+ - Priority level of the rule. Higher priority rules are applied before lower
+ priority rules.
+ - Searchable as Choice.
+ choices: [lowest, low, normal, high, highest]
type: str
severity:
description:
- - Severity level of the rule. Severity levels can be used as sorting criteria and affect event rankings.
- - Searchable as Choice.
- choices: ["low", "medium", "high", "critical"]
+ - Severity level of the rule. Severity levels can be used as sorting criteria
+ and affect event rankings.
+ - Searchable as Choice.
+ choices: [low, medium, high, critical]
type: str
detect_only:
- description: In detect mode, the rule creates an event log and does not interfere with traffic.
+ description: In detect mode, the rule creates an event log and does not interfere
+ with traffic.
type: bool
event_logging_disabled:
description:
- - Enable to prevent event logs from being created when the rule is triggered.
- - Not available if detect only is true.
- - Searchable as Boolean.
+ - Enable to prevent event logs from being created when the rule is triggered.
+ - Not available if detect only is true.
+ - Searchable as Boolean.
type: bool
generate_event_on_packet_drop:
description:
- - Generate an event every time a packet is dropped for the rule.
- - Not available if event logging disabled is true.
- - Searchable as Boolean.
+ - Generate an event every time a packet is dropped for the rule.
+ - Not available if event logging disabled is true.
+ - Searchable as Boolean.
type: bool
always_include_packet_data:
description:
- - Enabled to include package data in the event logs.
- - Not available if event logging disabled is true.
- - Searchable as Boolean.
+ - Enabled to include package data in the event logs.
+ - Not available if event logging disabled is true.
+ - Searchable as Boolean.
type: bool
debug_mode_enabled:
description:
- - Enable to log additional packets preceeding and following the packet that the rule detected.
- - Not available if event logging disabled is true.
- - Searchable as Boolean.
+ - Enable to log additional packets preceeding and following the packet that
+ the rule detected.
+ - Not available if event logging disabled is true.
+ - Searchable as Boolean.
type: bool
type:
description:
- - Type of IntrusionPreventionRule.
- - Searchable as Choice.
- choices: ["custom", "smart", "vulnerability", "exploit", "hidden", "policy", "info"]
+ - Type of IntrusionPreventionRule.
+ - Searchable as Choice.
+ choices: [custom, smart, vulnerability, exploit, hidden, policy, info]
type: str
original_issue:
description:
- - Timestamp of the date the rule was released, in milliseconds since epoch.
- - Searchable as Date.
+ - Timestamp of the date the rule was released, in milliseconds since epoch.
+ - Searchable as Date.
type: int
last_updated:
description:
- - Timestamp of the last rule modification, in milliseconds since epoch.
- - Searchable as Date.
+ - Timestamp of the last rule modification, in milliseconds since epoch.
+ - Searchable as Date.
type: int
template:
- description: Type of template for the IntrusionPreventionRule. Applicable only to custom rules.
- choices: ["signature", "start-end-patterns", "custom"]
+ description: Type of template for the IntrusionPreventionRule. Applicable
+ only to custom rules.
+ choices: [signature, start-end-patterns, custom]
type: str
signature:
- description: Signature of the rule. Applicable to custom rules with template type signature.
+ description: Signature of the rule. Applicable to custom rules with template
+ type signature.
type: str
start:
- description: Start pattern of the rule. Applicable to custom rules with template type start-end-patterns.
+ description: Start pattern of the rule. Applicable to custom rules with template
+ type start-end-patterns.
type: str
patterns:
description:
- - Body patterns of the rule, which must be found between start and end patterns.
- - Applicable to custom rules with template type start-end-patterns.
+ - Body patterns of the rule, which must be found between start and end patterns.
+ - Applicable to custom rules with template type start-end-patterns.
type: list
elements: str
end:
- description: End pattern of the rule. Applicable to custom rules with template type start-end-patterns.
+ description: End pattern of the rule. Applicable to custom rules with template
+ type start-end-patterns.
type: str
case_sensitive:
description:
- - Enable to make signatures and patterns case sensitive.
- - Applicable to custom rules with template type signature or start-end-patterns.
+ - Enable to make signatures and patterns case sensitive.
+ - Applicable to custom rules with template type signature or start-end-patterns.
type: bool
condition:
description:
- - Condition to determine if the rule is triggered.
- - Applicable to custom rules with template type start-end-patterns.
- choices: ["all", "any", "none"]
+ - Condition to determine if the rule is triggered.
+ - Applicable to custom rules with template type start-end-patterns.
+ choices: [all, any, none]
type: str
action:
description:
- - Action to apply if the rule is triggered.
- - Applicable to custom rules with template type signature or start-end-patterns.
- choices: ["drop", "log-only"]
+ - Action to apply if the rule is triggered.
+ - Applicable to custom rules with template type signature or start-end-patterns.
+ choices: [drop, log-only]
type: str
custom_xml:
description:
- - The custom XML used to define the rule.
- - Applicable to custom rules with template type custom.
+ - The custom XML used to define the rule.
+ - Applicable to custom rules with template type custom.
type: str
alert_enabled:
description:
- - Enable to raise an alert when the rule logs an event.
- - Searchable as Boolean.
+ - Enable to raise an alert when the rule logs an event.
+ - Searchable as Boolean.
type: bool
schedule_id:
description:
- - ID of the schedule which defines times during which the rule is active.
- - Searchable as Numeric.
+ - ID of the schedule which defines times during which the rule is active.
+ - Searchable as Numeric.
type: int
context_id:
description:
- - ID of the context in which the rule is applied.
- - Searchable as Numeric.
+ - ID of the context in which the rule is applied.
+ - Searchable as Numeric.
type: int
recommendations_mode:
description:
- - Indicates whether recommendation scans consider the IntrusionPreventionRule.
- - Can be set to enabled or ignored. Custom rules cannot be recommended.
- - Searchable as Choice.
- choices: ["enabled", "ignored", "unknown", "disabled"]
+ - Indicates whether recommendation scans consider the IntrusionPreventionRule.
+ - Can be set to enabled or ignored. Custom rules cannot be recommended.
+ - Searchable as Choice.
+ choices: [enabled, ignored, unknown, disabled]
type: str
depends_on_rule_ids:
description:
- - IDs of intrusion prevention rules the rule depends on, which will be automatically assigned if this rule is assigned.
+ - IDs of intrusion prevention rules the rule depends on, which will be automatically
+ assigned if this rule is assigned.
type: list
elements: int
cvss_score:
description:
- - A measure of the severity of the vulnerability according the National Vulnerability Database.
- - Searchable as String or as Numeric.
+ - A measure of the severity of the vulnerability according the National Vulnerability
+ Database.
+ - Searchable as String or as Numeric.
type: str
cve:
description:
- - List of CVEs associated with the IntrusionPreventionRule.
- - Searchable as String.
+ - List of CVEs associated with the IntrusionPreventionRule.
+ - Searchable as String.
type: list
elements: str
id:
description:
- - ID for the Intrusion prevention rule.
- - Applicaple only with GET call
- - Not applicaple param with Create/Modify POST call
+ - ID for the Intrusion prevention rule.
+ - Applicaple only with GET call
+ - Not applicaple param with Create/Modify POST call
type: int
identifier:
description:
- - Identifier for the Intrusion prevention rule.
- - Applicaple only with GET call
- - Not applicaple param with Create/Modify POST call
+ - Identifier for the Intrusion prevention rule.
+ - Applicaple only with GET call
+ - Not applicaple param with Create/Modify POST call
type: str
can_be_assigned_alone:
description:
- - Intrusion prevention rule can be assigned by self.
- - Applicaple only with GET call
- - Not applicaple param with Create/Modify POST call
+ - Intrusion prevention rule can be assigned by self.
+ - Applicaple only with GET call
+ - Not applicaple param with Create/Modify POST call
type: bool
state:
description:
- - The state the configuration should be left in
- - The state I(gathered) will get the module API configuration from the device and
- transform it into structured data in the format as per the module argspec and
- the value is returned in the I(gathered) key within the result.
+ - The state the configuration should be left in
+ - The state I(gathered) will get the module API configuration from the device
+ and transform it into structured data in the format as per the module argspec
+ and the value is returned in the I(gathered) key within the result.
type: str
choices:
- - present
- - absent
- - gathered
+ - present
+ - absent
+ - gathered
default: present
-
author: Ansible Security Automation Team (@justjais) "
"""
@@ -228,242 +232,53 @@
trendmicro.deepsec.deepsec_intrusion_preventionrules:
state: present
config:
- - alert_enabled: false
- always_include_packet_data: false
- application_type_id: 300
- template: signature
- signature: test_new_signature_1
- debug_mode_enabled: false
- description: TEST IPR 2 DESCRIPTION
- detect_only: false
- event_logging_disabled: false
- generate_event_on_packet_drop: true
- name: TEST IPR 1
- priority: normal
- severity: medium
- - alert_enabled: false
- always_include_packet_data: false
- application_type_id: 300
- template: signature
- signature: test_new_signature_2
- debug_mode_enabled: false
- description: TEST IPR 2 DESCRIPTION
- detect_only: false
- event_logging_disabled: false
- generate_event_on_packet_drop: true
- name: TEST IPR 2
- priority: normal
- severity: medium
-
-# Play Run:
-# =========
-#
-# "intrusion_preventionrules": {
-# "after": [
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7887,
-# "name": "TEST IPR 1",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_1",
-# "template": "signature"
-# },
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7888,
-# "name": "TEST IPR 2",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_2",
-# "template": "signature"
-# }
-# ],
-# "before": []
-# }
-
+ - alert_enabled: false
+ always_include_packet_data: false
+ application_type_id: 300
+ template: signature
+ signature: test_new_signature_1
+ debug_mode_enabled: false
+ description: TEST IPR 2 DESCRIPTION
+ detect_only: false
+ event_logging_disabled: false
+ generate_event_on_packet_drop: true
+ name: TEST IPR 1
+ priority: normal
+ severity: medium
+ - alert_enabled: false
+ always_include_packet_data: false
+ application_type_id: 300
+ template: signature
+ signature: test_new_signature_2
+ debug_mode_enabled: false
+ description: TEST IPR 2 DESCRIPTION
+ detect_only: false
+ event_logging_disabled: false
+ generate_event_on_packet_drop: true
+ name: TEST IPR 2
+ priority: normal
+ severity: medium
- name: Modify the severity of Integrity Monitoring Rule by name
trendmicro.deepsec.deepsec_intrusion_preventionrules:
state: present
config:
- - name: TEST IPR 2
- severity: low
-
-# Play Run:
-# =========
-#
-# "intrusion_preventionrules": {
-# "after": [
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7902,
-# "name": "TEST IPR 2",
-# "priority": "normal",
-# "severity": "low",
-# "signature": "test_new_signature",
-# "template": "signature"
-# }
-# ],
-# "before": [
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7902,
-# "name": "TEST IPR 2",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature",
-# "template": "signature"
-# }
-# ]
-# }
-
-# Using GATHERED state
-# --------------------
-
+ - name: TEST IPR 2
+ severity: low
- name: Gather Intrusion Prevention Rules by IPR names
trendmicro.deepsec.deepsec_intrusion_preventionrules:
state: gathered
config:
- - name: TEST IPR 1
- - name: TEST IPR 2
-
-# Play Run:
-# =========
-#
-# "gathered": [
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7887,
-# "name": "TEST IPR 1",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_1",
-# "template": "signature"
-# },
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7888,
-# "name": "TEST IPR 2",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_2",
-# "template": "signature"
-# }
-# ]
-
+ - name: TEST IPR 1
+ - name: TEST IPR 2
- name: Gather ALL of the Intrusion Prevention Rules
trendmicro.deepsec.deepsec_intrusion_preventionrules:
state: gathered
-
-# Using ABSENT state
-# ------------------
-
- name: Delete Intrusion Prevention Rules
trendmicro.deepsec.deepsec_intrusion_preventionrules:
state: absent
config:
- - name: TEST IPR 1
- - name: TEST IPR 2
-
-# Play Run:
-# =========
-#
-# "intrusion_preventionrules": {
-# "after": [],
-# "before": [
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7887,
-# "name": "TEST IPR 1",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_1",
-# "template": "signature"
-# },
-# {
-# "action": "drop",
-# "alert_enabled": false,
-# "always_include_packet_data": false,
-# "application_type_id": 300,
-# "case_sensitive": false,
-# "debug_mode_enabled": false,
-# "description": "TEST IPR 2 DESCRIPTION",
-# "detect_only": false,
-# "event_logging_disabled": false,
-# "generate_event_on_packet_drop": true,
-# "id": 7888,
-# "name": "TEST IPR 2",
-# "priority": "normal",
-# "severity": "medium",
-# "signature": "test_new_signature_2",
-# "template": "signature"
-# }
-# ]
-# }
-
+ - name: TEST IPR 1
+ - name: TEST IPR 2
"""
from ansible.module_utils.basic import AnsibleModule
diff --git a/plugins/modules/deepsec_log_inspection_rules.py b/plugins/modules/deepsec_log_inspection_rules.py
index 6e20f63..5626797 100644
--- a/plugins/modules/deepsec_log_inspection_rules.py
+++ b/plugins/modules/deepsec_log_inspection_rules.py
@@ -11,7 +11,7 @@
short_description: Manages Log Inspection Rule resource module
description: Contains string matching and threshold to trigger alerts as well as group
information for LogInspectionRules.
-version_added: 2.0.0
+version_added: 1.2.0
options:
config:
description: A dictionary of Log Inspection Rules options
@@ -132,10 +132,10 @@
description: File path of the log file.
type: str
format:
- description: Structure of the data in the log file. The application that generates
- the log file defines the structure of the data.
- choices: ["syslog", "snort-full", "snort-fast", "apache", "iis", "squid", "nmapg",
- "mysql-log", "postgresql-log", "dbj-multilog", "eventlog", "single-line-text-log"]
+ description: Structure of the data in the log file. The application
+ that generates the log file defines the structure of the data.
+ choices: [syslog, snort-full, snort-fast, apache, iis, squid, nmapg,
+ mysql-log, postgresql-log, dbj-multilog, eventlog, single-line-text-log]
type: str
alert_enabled:
description: Controls whether to raise an alert when a LogInspectionRule logs
@@ -202,435 +202,88 @@
trendmicro.deepsec.deepsec_log_inspection_rules:
state: merged
config:
- - name: custom log_rule for mysqld event
- description: some description
- minimum_agent_version: 6.0.0.0
- type: defined
- template: basic-rule
- pattern: name
- pattern_type: string
- rule_id: 100001
- rule_description: test rule description
- groups:
- - test
- alert_minimum_severity: 4
- alert_enabled: true
+ - name: custom log_rule for mysqld event
+ description: some description
+ minimum_agent_version: 6.0.0.0
+ type: defined
+ template: basic-rule
+ pattern: name
+ pattern_type: string
+ rule_id: 100001
+ rule_description: test rule description
+ groups:
+ - test
+ alert_minimum_severity: 4
+ alert_enabled: true
+ log_files:
log_files:
- log_files:
- - location: /var/log/mysqld.log
- format: mysql-log
- - name: custom log_rule for mysqld event
- description: some description
- minimum_agent_version: 6.0.0.0
- type: defined
- template: basic-rule
- pattern: name
- pattern_type: string
- rule_id: 100001
- rule_description: test rule description
- groups:
- - test
- alert_minimum_severity: 4
- alert_enabled: true
+ - location: /var/log/mysqld.log
+ format: mysql-log
+ - name: custom log_rule for mysqld event
+ description: some description
+ minimum_agent_version: 6.0.0.0
+ type: defined
+ template: basic-rule
+ pattern: name
+ pattern_type: string
+ rule_id: 100001
+ rule_description: test rule description
+ groups:
+ - test
+ alert_minimum_severity: 4
+ alert_enabled: true
+ log_files:
log_files:
- log_files:
- - location: /var/log/mysqld.log
- format: mysql-log
-
-# Play Run:
-# =========
-#
-# "log_inspection_rules": {
-# "after": [
-# {
-# "alert_enabled": true,
-# "alert_minimum_severity": 4,
-# "dependency": "none",
-# "description": "log mysqld event",
-# "groups": [
-# "test"
-# ],
-# "id": 93,
-# "level": 0,
-# "log_files": {
-# "log_files": [
-# {
-# "format": "mysql-log",
-# "location": "/var/log/mysqld.log"
-# }
-# ]
-# },
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "custom log_rule for mysqld event",
-# "pattern": "name",
-# "pattern_type": "string",
-# "rule_description": "mysqld rule description",
-# "rule_id": 100001,
-# "sort_order": 15000,
-# "template": "basic-rule"
-# },
-# {
-# "alert_enabled": true,
-# "alert_minimum_severity": 5,
-# "dependency": "none",
-# "description": "log daemon event",
-# "groups": [
-# "test"
-# ],
-# "id": 94,
-# "level": 0,
-# "log_files": {
-# "log_files": [
-# {
-# "format": "syslog",
-# "location": "/var/log/daemon.log"
-# }
-# ]
-# },
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "custom log_rule for daemon event",
-# "pattern": "name",
-# "pattern_type": "string",
-# "rule_description": "daemon rule description",
-# "rule_id": 100002,
-# "sort_order": 15000,
-# "template": "basic-rule"
-# }
-# ],
-# "before": []
-# }
-
+ - location: /var/log/mysqld.log
+ format: mysql-log
- name: Modify the Pattern type of Log Inspection Rule by name
trendmicro.deepsec.deepsec_log_inspection_rules:
state: merged
config:
- - name: custom log_rule for mysqld event
- description: Modified pattern type for mysqld log event
- pattern: name
- pattern_type: regex
+ - name: custom log_rule for mysqld event
+ description: Modified pattern type for mysqld log event
+ pattern: name
+ pattern_type: regex
+ log_files:
log_files:
- log_files:
- - location: /var/log/messages
- format: syslog
-
-# Play Run:
-# =========
-#
-# "log_inspection_rules": {
-# "after": [
-# {
-# "alert_enabled": true,
-# "alert_minimum_severity": 4,
-# "dependency": "none",
-# "description": "Modified pattern type for mysqld log event",
-# "groups": [
-# "test"
-# ],
-# "id": 134,
-# "level": 0,
-# "log_files": {
-# "log_files": [
-# {
-# "format": "mysql-log",
-# "location": "/var/log/mysqld.log"
-# },
-# {
-# "format": "syslog",
-# "location": "/var/log/messages"
-# }
-# ]
-# },
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "custom log_rule for mysqld event",
-# "pattern": "name",
-# "pattern_type": "regex",
-# "rule_description": "mysqld rule description",
-# "rule_id": 100001,
-# "sort_order": 15000,
-# "template": "basic-rule"
-# }
-# ],
-# "before": [
-# {
-# "alert_enabled": true,
-# "alert_minimum_severity": 4,
-# "dependency": "none",
-# "description": "log mysqld event",
-# "groups": [
-# "test"
-# ],
-# "id": 134,
-# "level": 0,
-# "log_files": {
-# "log_files": {
-# "mysql-log/var/log/mysqld.log": {
-# "format": "mysql-log",
-# "location": "/var/log/mysqld.log"
-# }
-# }
-# },
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "custom log_rule for mysqld event",
-# "pattern": "name",
-# "pattern_type": "string",
-# "rule_description": "mysqld rule description",
-# "rule_id": 100001,
-# "sort_order": 15000,
-# "template": "basic-rule"
-# }
-# ]
-# }
-
-# Using REPLACED state
-# --------------------
-
+ - location: /var/log/messages
+ format: syslog
- name: Replace existing Log Inspection Rules
trendmicro.deepsec.deepsec_log_inspection_rules:
state: replaced
config:
- - name: custom log_rule for daemon event
- description: Replaced log daemon event
- minimum_agent_version: 6.0.0.0
- type: defined
- template: basic-rule
- pattern: name
- pattern_type: string
- rule_id: 100003
- rule_description: daemon rule description
- groups:
- - test
- alert_minimum_severity: 5
- alert_enabled: true
+ - name: custom log_rule for daemon event
+ description: Replaced log daemon event
+ minimum_agent_version: 6.0.0.0
+ type: defined
+ template: basic-rule
+ pattern: name
+ pattern_type: string
+ rule_id: 100003
+ rule_description: daemon rule description
+ groups:
+ - test
+ alert_minimum_severity: 5
+ alert_enabled: true
+ log_files:
log_files:
- log_files:
- - location: /var/log/messages
- format: syslog
-
-# Play Run:
-# =========
-#
-# "log_inspection_rules": {
-# "after": [
-# {
-# "alert_enabled": true,
-# "alert_minimum_severity": 5,
-# "dependency": "none",
-# "description": "Replaced log daemon event",
-# "groups": [
-# "test"
-# ],
-# "id": 155,
-# "level": 0,
-# "log_files": {
-# "log_files": [
-# {
-# "format": "syslog",
-# "location": "/var/log/messages"
-# }
-# ]
-# },
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "custom log_rule for daemon event",
-# "pattern": "name",
-# "pattern_type": "string",
-# "rule_description": "daemon rule description",
-# "rule_id": 100003,
-# "sort_order": 15000,
-# "template": "basic-rule"
-# }
-# ],
-# "before": [
-# {
-# "alert_enabled": true,
-# "alert_minimum_severity": 5,
-# "dependency": "none",
-# "description": "log daemon event",
-# "groups": [
-# "test"
-# ],
-# "id": 154,
-# "level": 0,
-# "log_files": {
-# "log_files": [
-# {
-# "format": "syslog",
-# "location": "/var/log/daemon.log"
-# }
-# ]
-# },
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "custom log_rule for daemon event",
-# "pattern": "name",
-# "pattern_type": "string",
-# "rule_description": "daemon rule description",
-# "rule_id": 100002,
-# "sort_order": 15000,
-# "template": "basic-rule"
-# }
-# ]
-# }
-
-# Using GATHERED state
-# --------------------
-
+ - location: /var/log/messages
+ format: syslog
- name: Gather Log Inspection Rules by IPR names
trendmicro.deepsec.deepsec_log_inspection_rules:
state: gathered
config:
- - name: custom log_rule for mysqld event
- - name: custom log_rule for daemon event
-
-# Play Run:
-# =========
-#
-# "gathered": [
-# {
-# "alert_enabled": true,
-# "alert_minimum_severity": 4,
-# "dependency": "none",
-# "description": "log mysqld event",
-# "groups": [
-# "test"
-# ],
-# "id": 153,
-# "level": 0,
-# "logFiles": {
-# "logFiles": [
-# {
-# "format": "mysql-log",
-# "location": "/var/log/mysqld.log"
-# }
-# ]
-# },
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "custom log_rule for mysqld event",
-# "pattern": "name",
-# "pattern_type": "string",
-# "rule_description": "mysqld rule description",
-# "rule_id": 100001,
-# "sort_order": 15000,
-# "template": "basic-rule"
-# },
-# {
-# "alert_enabled": true,
-# "alert_minimum_severity": 5,
-# "dependency": "none",
-# "description": "log daemon event",
-# "groups": [
-# "test"
-# ],
-# "id": 154,
-# "level": 0,
-# "logFiles": {
-# "logFiles": [
-# {
-# "format": "syslog",
-# "location": "/var/log/daemon.log"
-# }
-# ]
-# },
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "custom log_rule for daemon event",
-# "pattern": "name",
-# "pattern_type": "string",
-# "rule_description": "daemon rule description",
-# "rule_id": 100002,
-# "sort_order": 15000,
-# "template": "basic-rule"
-# }
-# ]
-
+ - name: custom log_rule for mysqld event
+ - name: custom log_rule for daemon event
- name: Gather ALL of the Log Inspection Rules
trendmicro.deepsec.deepsec_log_inspection_rules:
state: gathered
-
-# Using DELETED state
-# ------------------
-
- name: Delete Log Inspection Rules
trendmicro.deepsec.deepsec_log_inspection_rules:
state: deleted
config:
- - name: custom log_rule for mysqld event
- - name: custom log_rule for daemon event
-
-# Play Run:
-# =========
-#
-# "log_inspection_rules": {
-# "after": [],
-# "before": [
-# {
-# "alert_enabled": true,
-# "alert_minimum_severity": 4,
-# "dependency": "none",
-# "description": "Modified pattern type for mysqld log event",
-# "groups": [
-# "test"
-# ],
-# "id": 151,
-# "level": 0,
-# "log_files": {
-# "log_files": [
-# {
-# "format": "mysql-log",
-# "location": "/var/log/mysqld.log"
-# },
-# {
-# "format": "syslog",
-# "location": "/var/log/messages"
-# }
-# ]
-# },
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "custom log_rule for mysqld event",
-# "pattern": "name",
-# "pattern_type": "regex",
-# "rule_description": "mysqld rule description",
-# "rule_id": 100001,
-# "sort_order": 15000,
-# "template": "basic-rule"
-# },
-# {
-# "alert_enabled": true,
-# "alert_minimum_severity": 5,
-# "dependency": "none",
-# "description": "log daemon event",
-# "groups": [
-# "test"
-# ],
-# "id": 152,
-# "level": 0,
-# "log_files": {
-# "log_files": [
-# {
-# "format": "syslog",
-# "location": "/var/log/daemon.log"
-# }
-# ]
-# },
-# "minimum_agent_version": "6.0.0.0",
-# "minimum_manager_version": "6.0.0",
-# "name": "custom log_rule for daemon event",
-# "pattern": "name",
-# "pattern_type": "string",
-# "rule_description": "daemon rule description",
-# "rule_id": 100002,
-# "sort_order": 15000,
-# "template": "basic-rule"
-# }
-# ]
-# }
-
+ - name: custom log_rule for mysqld event
+ - name: custom log_rule for daemon event
"""
diff --git a/plugins/modules/deepsec_log_inspectionrules.py b/plugins/modules/deepsec_log_inspectionrules.py
index fc4d070..87f0b12 100644
--- a/plugins/modules/deepsec_log_inspectionrules.py
+++ b/plugins/modules/deepsec_log_inspectionrules.py
@@ -21,24 +21,17 @@
__metaclass__ = type
-ANSIBLE_METADATA = {
- "metadata_version": "1.1",
- "status": ["preview"],
- "supported_by": "community",
-}
-
DOCUMENTATION = """
----
module: deepsec_log_inspectionrules
short_description: Create a new log inspection rule.
description:
- - This module creates a new log inspection rule under TrendMicro Deep Security.
+- This module creates a new log inspection rule under TrendMicro Deep Security.
version_added: 1.0.0
deprecated:
alternative: deepsec_log_inspection_rules
why: Newer and updated modules released with more functionality
- removed_at_date: '2023-12-08'
-author: "Ansible Security Automation Team (@justjais) "
+ removed_at_date: '2023-12-01'
+author: Ansible Security Automation Team (@justjais)
options:
name:
description: Name of the LogInspectionRule.
@@ -59,8 +52,8 @@
provided by Trend Micro.
type: str
original_issue:
- description: Creation timestamp of the LogInspectionRule, measured in milliseconds since
- epoch.
+ description: Creation timestamp of the LogInspectionRule, measured in milliseconds
+ since epoch.
type: int
last_updated:
description: Update timestamp of the LogInspectionRule, measured in milliseconds
@@ -72,57 +65,60 @@
type: str
template:
description: Template used to create this rule.
- choices: ["basic-rule", "custom"]
+ choices: [basic-rule, custom]
type: str
rule_id:
- description: ID of the LogInspectionRule sent to the Deep Security Agent.
- The values 100000 - 109999 are reserved for user-definded rules.
+ description: ID of the LogInspectionRule sent to the Deep Security Agent. The
+ values 100000 - 109999 are reserved for user-definded rules.
type: int
level:
description: Log level of the LogInspectionRule indicates severity of attack.
- Level 0 is the least severe and will not log an event. Level 15 is the most severe.
+ Level 0 is the least severe and will not log an event. Level 15 is the most
+ severe.
type: int
groups:
description: Groups that the LogInspectionRule is assigned to, separated by commas.
- Useful when dependency is used as it's possible to create a LogInspectionRule that
- fires when another LogInspectionRule belonging to a specific group fires.
+ Useful when dependency is used as it's possible to create a LogInspectionRule
+ that fires when another LogInspectionRule belonging to a specific group fires.
type: list
elements: str
rule_description:
description: Description of the LogInspectionRule that appears on events and the
- Content tab in the Deep Security Manager user interface. Alternatively,
- you can configure this by inserting a description in 'rule_xml'.
+ Content tab in the Deep Security Manager user interface. Alternatively, you
+ can configure this by inserting a description in 'rule_xml'.
type: str
pattern:
- description: Regular expression pattern the LogInspectionRule will look for in the logs.
- The rule will be triggered on a match. Open Source HIDS SEcurity (OSSEC) regular expression
- syntax is supported, see http://www.ossec.net/docs/syntax/regex.html.
+ description: Regular expression pattern the LogInspectionRule will look for in
+ the logs. The rule will be triggered on a match. Open Source HIDS SEcurity (OSSEC)
+ regular expression syntax is supported, see http://www.ossec.net/docs/syntax/regex.html.
type: str
pattern_type:
- description: Pattern the LogInspectionRule will look for in the logs. The string matching
- pattern is faster than the regex pattern.
- choices: ["string", "regex"]
+ description: Pattern the LogInspectionRule will look for in the logs. The string
+ matching pattern is faster than the regex pattern.
+ choices: [string, regex]
type: str
dependency:
description: Indicates if a dependant rule or dependency group is set or not.
If set, the LogInspectionRule will only log an event if the dependency is triggered.
Available for user-defined rules.
- choices: ["none", "rule", "group"]
+ choices: [none, rule, group]
type: str
dependency_rule_id:
- description: If dependency is configured, the ID of the rule that this rule is dependant on.
- Ignored if the rule is from Trend Micro, which uses dependsOnRuleIDs instead.
+ description: If dependency is configured, the ID of the rule that this rule is
+ dependant on. Ignored if the rule is from Trend Micro, which uses dependsOnRuleIDs
+ instead.
type: int
dependency_group:
- description: If dependency is configured, the dependancy groups that this rule is dependant on.
+ description: If dependency is configured, the dependancy groups that this rule
+ is dependant on.
type: str
frequency:
- description: Number of times the dependant rule has to match within a specific time frame before
- the rule is triggered.
+ description: Number of times the dependant rule has to match within a specific
+ time frame before the rule is triggered.
type: int
time_frame:
- description: Time period for the frequency of LogInspectionRule triggers that will
- generate an event, in seconds.
+ description: Time period for the frequency of LogInspectionRule triggers that
+ will generate an event, in seconds.
type: int
rule_xml:
description: LogInspectionRule in an XML format. For information on the XML format,
@@ -141,44 +137,48 @@
description: File path of the log file.
type: str
format:
- description: Structure of the data in the log file. The application that generates
- the log file defines the structure of the data.
- choices: ["syslog", "snort-full", "snort-fast", "apache", "iis", "squid", "nmapg",
- "mysql-log", "postgresql-log", "dbj-multilog", "eventlog", "single-line-text-log"]
+ description: Structure of the data in the log file. The application that
+ generates the log file defines the structure of the data.
+ choices: [syslog, snort-full, snort-fast, apache, iis, squid, nmapg, mysql-log,
+ postgresql-log, dbj-multilog, eventlog, single-line-text-log]
type: str
alert_enabled:
- description: Controls whether to raise an alert when a LogInspectionRule logs an event.
- Use true to raise an alert.
+ description: Controls whether to raise an alert when a LogInspectionRule logs
+ an event. Use true to raise an alert.
type: bool
alert_minimum_severity:
- description: Severity level that will trigger an alert. Ignored unless ruleXML contains
- multiple rules with different severities, and so you must indicate which severity level to use.
+ description: Severity level that will trigger an alert. Ignored unless ruleXML
+ contains multiple rules with different severities, and so you must indicate
+ which severity level to use.
type: int
recommendations_mode:
- description: Indicates whether recommendation scans consider the LogInspectionRule. Can be set to
- enabled or ignored. Custom rules cannot be recommended.
- choices: ["enabled", "ignored", "unknown", "disabled"]
+ description: Indicates whether recommendation scans consider the LogInspectionRule.
+ Can be set to enabled or ignored. Custom rules cannot be recommended.
+ choices: [enabled, ignored, unknown, disabled]
type: str
sort_order:
- description: Order in which LogInspectionRules are sent to the Deep Security Agent. Log inspeciton
- rules are sent in ascending order. Valid values are between 10000 and 20000.
+ description: Order in which LogInspectionRules are sent to the Deep Security Agent.
+ Log inspeciton rules are sent in ascending order. Valid values are between 10000
+ and 20000.
type: int
can_be_assigned_alone:
- description: Indicates whether this LogInspectionRule can be allocated without allocating any additional
- LogInspectionRules. Ignored if the rule is user-defined, which uses dependency instead.
+ description: Indicates whether this LogInspectionRule can be allocated without
+ allocating any additional LogInspectionRules. Ignored if the rule is user-defined,
+ which uses dependency instead.
type: bool
depends_onrule_id:
- description: IDs of LogInspectionRules, separated by commas, that are required by this rule.
- Ignored if the rule is user-defined which uses dependency_rule_id or dependency_group instead.
+ description: IDs of LogInspectionRules, separated by commas, that are required
+ by this rule. Ignored if the rule is user-defined which uses dependency_rule_id
+ or dependency_group instead.
type: list
elements: str
state:
description:
- - The state the configuration should be left in
+ - The state the configuration should be left in
type: str
choices:
- - present
- - absent
+ - present
+ - absent
default: present
"""
@@ -196,14 +196,13 @@
rule_id: 100001
rule_description: test rule description
groups:
- - test
+ - test
alert_minimum_severity: 4
alert_enabled: true
log_files:
log_files:
- - location: /var/log/mysqld.log
- format: mysql-log
-
+ - location: /var/log/mysqld.log
+ format: mysql-log
- name: Delete/Remove the existing log inspection rule
trendmicro.deepsec.deepsec_log_inspectionrules:
state: absent
diff --git a/plugins/modules/deepsec_syslog.py b/plugins/modules/deepsec_syslog.py
index 3f55931..6cb3286 100644
--- a/plugins/modules/deepsec_syslog.py
+++ b/plugins/modules/deepsec_syslog.py
@@ -11,108 +11,113 @@
DOCUMENTATION = """
module: deepsec_syslog
-short_description: Configure or create a syslog configuration for TrendMicro Deep Security
+short_description: Configure or create a syslog configuration for TrendMicro Deep
+ Security
description:
- - Configure or create a syslog configuration for TrendMicro Deep Security
+- Configure or create a syslog configuration for TrendMicro Deep Security
version_added: 1.0.0
-author: "Ansible Security Automation Team (@justjais) "
+author: Ansible Security Automation Team (@justjais)
options:
name:
description:
- - The name for this syslog configuration.
+ - The name for this syslog configuration.
type: str
id:
description:
- - The ID of the syslog configuration (when editing an existing configuration).
+ - The ID of the syslog configuration (when editing an existing configuration).
type: str
description:
description:
- - The description for this syslog configuration.
+ - The description for this syslog configuration.
type: str
server:
description:
- - The destination server for syslog messages.
+ - The destination server for syslog messages.
type: str
port:
description:
- - The destination port for syslog messages.
+ - The destination port for syslog messages.
type: int
default: 514
transport:
description:
- - The transport to use when sending syslog messages.
+ - The transport to use when sending syslog messages.
type: str
choices:
- - 'udp'
- - 'tcp'
- - 'tls'
- default: 'udp'
+ - udp
+ - tcp
+ - tls
+ default: udp
event_format:
description:
- - The event format to use when sending syslog messages.
+ - The event format to use when sending syslog messages.
type: str
choices:
- - 'standard'
- - 'cef'
- - 'leef'
- default: 'cef'
+ - standard
+ - cef
+ - leef
+ default: cef
facility:
description:
- - The facility value to send with each syslog message.
+ - The facility value to send with each syslog message.
type: str
choices:
- - 'kernel'
- - 'user'
- - 'mail'
- - 'daemon'
- - 'authorization'
- - 'syslog'
- - 'printer'
- - 'news'
- - 'uucp'
- - 'clock'
- - 'authpriv'
- - 'ftp'
- - 'ntp'
- - 'log-audit'
- - 'log-alert'
- - 'cron'
- - 'local0'
- - 'local1'
- - 'local2'
- - 'local3'
- - 'local4'
- - 'local5'
- - 'local6'
- - 'local7'
- default: 'local0'
+ - kernel
+ - user
+ - mail
+ - daemon
+ - authorization
+ - syslog
+ - printer
+ - news
+ - uucp
+ - clock
+ - authpriv
+ - ftp
+ - ntp
+ - log-audit
+ - log-alert
+ - cron
+ - local0
+ - local1
+ - local2
+ - local3
+ - local4
+ - local5
+ - local6
+ - local7
+ default: local0
private_key:
description:
- - The private key the Deep Security Manager will use when it contacts the syslog server over TLS.
- - The private key must be an RSA key in PEM-encoded PKCS#1 or PKCS#8 format.
- - To prevent accidental disclosure of the private key, the Deep Security Manager will not return this value;
- therefore Ansible does not have access to it and it can only be used to set the private key.
+ - The private key the Deep Security Manager will use when it contacts the syslog
+ server over TLS.
+ - The private key must be an RSA key in PEM-encoded PKCS#1 or PKCS#8 format.
+ - To prevent accidental disclosure of the private key, the Deep Security Manager
+ will not return this value; therefore Ansible does not have access to it and
+ it can only be used to set the private key.
type: str
certificate_chain:
description:
- - The identity certificate chain the Deep Security Manager will use when it contacts the syslog server over TLS.
- - The identity certificate must be the first certificate in the list,
- followed by the certificate for the issuing certificate authority (if any) and continuing up the issuer chain.
- - The root certificate authority's certificate does not need to be included.
- - Each element in the list will be an unencrypted PEM-encoded certificate.
+ - The identity certificate chain the Deep Security Manager will use when it contacts
+ the syslog server over TLS.
+ - The identity certificate must be the first certificate in the list, followed
+ by the certificate for the issuing certificate authority (if any) and continuing
+ up the issuer chain.
+ - The root certificate authority's certificate does not need to be included.
+ - Each element in the list will be an unencrypted PEM-encoded certificate.
type: list
elements: str
direct:
description:
- - The "direct delivery from agent to syslog server" flag
+ - The "direct delivery from agent to syslog server" flag
type: bool
default: false
state:
description:
- - The state the configuration should be left in
- - The state I(gathered) will make a get call to the module API and transform
- it into structured data in the format as per the resource module argspec and
- the value is returned in the I(gathered) key within the result.
+ - The state the configuration should be left in
+ - The state I(gathered) will make a get call to the module API and transform it
+ into structured data in the format as per the resource module argspec and the
+ value is returned in the I(gathered) key within the result.
type: str
choices:
- present
diff --git a/plugins/modules/deepsec_system_settings.py b/plugins/modules/deepsec_system_settings.py
index 90468b4..9be2a7f 100644
--- a/plugins/modules/deepsec_system_settings.py
+++ b/plugins/modules/deepsec_system_settings.py
@@ -13,7 +13,7 @@
module: deepsec_system_settings
short_description: Modify the system settings for TrendMicro Deep Security.
description:
- - This module modifies system settings under TrendMicro Deep Security.
+- This module modifies system settings under TrendMicro Deep Security.
version_added: "1.1.0"
options:
config:
@@ -25,21 +25,23 @@
type: list
elements: str
platform_setting_saml_identity_provider_certificate_expiry_warning_daysr:
- description: platform setting saml identity provider certificate expiry warning days
+ description: platform setting saml identity provider certificate expiry warning
+ days
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "30"
+ default: '30'
platform_setting_update_agent_security_on_missing_deep_security_manager_enabled:
- description: platform setting update agent security on missing deep security manager enabled
+ description: platform setting update agent security on missing deep security
+ manager enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_ddan_manual_source_server_url:
description: platform setting ddan manual source server url
type: dict
@@ -54,15 +56,16 @@
value:
description: Value of a Setting.
type: str
- default: "4119"
+ default: '4119'
platform_setting_smart_protection_feedback_threat_detections_threshold:
- description: platform setting smart protection feedback threat detections threshold
+ description: platform setting smart protection feedback threat detections
+ threshold
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "10"
+ default: '10'
platform_setting_primary_tenant_allow_tenant_run_port_scan_enabled:
description: platform setting primary tenant allow tenant run port scan enabled
type: dict
@@ -70,7 +73,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
intrusion_prevention_setting_event_rank_severity_filter_medium:
description: intrusion prevention setting event rank severity filter medium
type: dict
@@ -78,9 +81,10 @@
value:
description: Value of a Setting.
type: str
- default: "25"
+ default: '25'
firewall_setting_intranet_connectivity_test_expected_content_regex:
- description: firewall setting intranet connectivity test expected content regex
+ description: firewall setting intranet connectivity test expected content
+ regex
type: dict
suboptions:
value:
@@ -93,31 +97,34 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_tenant_auto_revoke_impersonation_by_primary_tenant_timeout:
- description: platform setting tenant auto revoke impersonation by primary tenant timeout
+ description: platform setting tenant auto revoke impersonation by primary
+ tenant timeout
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "4 Hours"
+ default: 4 Hours
web_reputation_setting_event_rank_risk_blocked_by_administrator_rank:
- description: web reputation setting event rank risk blocked by administrator rank
+ description: web reputation setting event rank risk blocked by administrator
+ rank
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "100"
+ default: '100'
platform_setting_primary_tenant_lock_and_hide_tenant_storage_tab_enabled:
- description: platform setting primary tenant lock and hide tenant storage tab enabled
+ description: platform setting primary tenant lock and hide tenant storage
+ tab enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
anti_malware_setting_event_email_recipients:
description: anti malware setting event email recipients
type: dict
@@ -126,13 +133,14 @@
description: Value of a Setting.
type: str
platform_setting_primary_tenant_allow_tenant_use_default_relay_group_enabled:
- description: platform setting primary tenant allow tenant use default relay group enabled
+ description: platform setting primary tenant allow tenant use default relay
+ group enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_http_strict_transport_enabled:
description: platform setting http strict transport enabled
type: dict
@@ -140,7 +148,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
firewall_setting_intranet_connectivity_test_url:
description: firewall setting intranet connectivity test url
type: dict
@@ -155,15 +163,16 @@
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_tenant_use_default_relay_group_from_primary_tenant_enabled:
- description: platform setting tenant use default relay group from primary tenant enabled
+ description: platform setting tenant use default relay group from primary
+ tenant enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_exported_diagnostic_package_locale:
description: platform setting exported diagnostic package locale
type: dict
@@ -171,7 +180,7 @@
value:
description: Value of a Setting.
type: str
- default: "en_US"
+ default: en_US
intrusion_prevention_setting_event_rank_severity_filter_critical:
description: intrusion prevention setting event rank severity filter critical
type: dict
@@ -179,7 +188,7 @@
value:
description: Value of a Setting.
type: str
- default: "100"
+ default: '100'
platform_setting_update_imported_software_auto_download_enabled:
description: platform setting update imported software auto download enabled
type: dict
@@ -187,7 +196,7 @@
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_demo_mode_enabled:
description: platform setting demo mode enabled
type: dict
@@ -195,7 +204,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_user_enforce_terms_and_conditions_message:
description: platform setting user enforce terms and conditions message
type: dict
@@ -225,13 +234,14 @@
description: Value of a Setting.
type: str
platform_setting_agent_initiated_activation_reactivate_cloned_enabled:
- description: platform setting agent initiated activation reactivate cloned enabled
+ description: platform setting agent initiated activation reactivate cloned
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_managed_detect_response_server_url:
description: platform setting managed detect response server url
type: dict
@@ -240,13 +250,14 @@
description: Value of a Setting.
type: str
platform_setting_primary_tenant_share_managed_detect_responses_enabled:
- description: platform setting primary tenant share managed detect responses enabled
+ description: platform setting primary tenant share managed detect responses
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_saml_service_provider_certificate:
description: platform setting saml service provider certificate
type: dict
@@ -261,7 +272,7 @@
value:
description: Value of a Setting.
type: str
- default: "0"
+ default: '0'
platform_setting_smtp_start_tls_enabled:
description: platform setting smtp start tls enabled
type: dict
@@ -269,7 +280,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_user_password_require_letters_and_numbers_enabled:
description: platform setting user password require letters and numbers enabled
type: dict
@@ -277,15 +288,16 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_primary_tenant_allow_tenant_synchronize_ldap_directories_enabled:
- description: platform setting primary tenant allow tenant synchronize ldap directories enabled
+ description: platform setting primary tenant allow tenant synchronize ldap
+ directories enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_load_balancer_relay_port:
description: platform setting load balancer relay port
type: dict
@@ -293,7 +305,7 @@
value:
description: Value of a Setting.
type: str
- default: "4122"
+ default: '4122'
platform_setting_managed_detect_response_enabled:
description: platform setting managed detect response enabled
type: dict
@@ -301,7 +313,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_update_rules_policy_auto_apply_enabled:
description: platform setting update rules policy auto apply enabled
type: dict
@@ -309,15 +321,16 @@
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_primary_tenant_allow_tenant_configure_forgot_password_enabled:
- description: platform setting primary tenant allow tenant configure forgot password enabled
+ description: platform setting primary tenant allow tenant configure forgot
+ password enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_user_password_require_not_same_as_username_enabled:
description: platform setting user password require not same as username enabled
type: dict
@@ -325,7 +338,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
log_inspection_setting_event_rank_severity_medium:
description: log inspection setting event rank severity medium
type: dict
@@ -333,7 +346,7 @@
value:
description: Value of a Setting.
type: str
- default: "25"
+ default: '25'
anti_malware_setting_retain_event_duration:
description: anti malware setting retain event duration
type: dict
@@ -341,15 +354,16 @@
value:
description: Value of a Setting.
type: str
- default: "7 Days"
+ default: 7 Days
platform_setting_update_agent_security_contact_primary_source_on_missing_relay_enabled:
- description: platform setting update agent security contact primary source on missing relay enabled
+ description: platform setting update agent security contact primary source
+ on missing relay enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
firewall_setting_event_rank_severity_log_only:
description: firewall setting event rank severity log only
type: dict
@@ -357,15 +371,16 @@
value:
description: Value of a Setting.
type: str
- default: "1"
+ default: '1'
platform_setting_primary_tenant_lock_and_hide_tenant_data_privacy_option_enabled:
- description: platform setting primary tenant lock and hide tenant data privacy option enabled
+ description: platform setting primary tenant lock and hide tenant data privacy
+ option enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
application_control_setting_retain_event_duration:
description: application control setting retain event duration
type: dict
@@ -373,7 +388,7 @@
value:
description: Value of a Setting.
type: str
- default: "7 Days"
+ default: 7 Days
platform_setting_api_soap_web_service_enabled:
description: platform setting api soap web service enabled
type: dict
@@ -381,7 +396,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_saml_service_provider_private_key:
description: platform setting saml service provider private key
type: dict
@@ -396,7 +411,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_system_event_forwarding_snmp_port:
description: platform setting system event forwarding snmp port
type: dict
@@ -404,7 +419,7 @@
value:
description: Value of a Setting.
type: str
- default: "162"
+ default: '162'
firewall_setting_event_rank_severity_deny:
description: firewall setting event rank severity deny
type: dict
@@ -412,7 +427,7 @@
value:
description: Value of a Setting.
type: str
- default: "100"
+ default: '100'
intrusion_prevention_setting_event_rank_severity_filter_low:
description: intrusion prevention setting event rank severity filter low
type: dict
@@ -420,15 +435,16 @@
value:
description: Value of a Setting.
type: str
- default: "1"
+ default: '1'
platform_setting_primary_tenant_allow_tenant_control_impersonation_enabled:
- description: platform setting primary tenant allow tenant control impersonation enabled
+ description: platform setting primary tenant allow tenant control impersonation
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_recommendation_cpu_usage_level:
description: platform setting recommendation cpu usage level
type: dict
@@ -436,7 +452,7 @@
value:
description: Value of a Setting.
type: str
- default: "High"
+ default: High
platform_setting_managed_detect_response_service_token:
description: platform setting managed detect response service token
type: dict
@@ -465,7 +481,7 @@
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
log_inspection_setting_retain_event_duration:
description: log inspection setting retain event duration
type: dict
@@ -473,15 +489,16 @@
value:
description: Value of a Setting.
type: str
- default: "7 Days"
+ default: 7 Days
platform_setting_tenant_auto_revoke_impersonation_by_primary_tenant_enabled:
- description: platform setting tenant auto revoke impersonation by primary tenant enabled
+ description: platform setting tenant auto revoke impersonation by primary
+ tenant enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
anti_malware_setting_event_email_body_template:
description: anti malware setting event email body template
type: dict
@@ -496,15 +513,16 @@
value:
description: Value of a Setting.
type: str
- default: "10"
+ default: '10'
platform_setting_connected_threat_defense_control_manager_source_option:
- description: platform setting connected threat defense control manager source option
+ description: platform setting connected threat defense control manager source
+ option
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "Manually select an Apex Central server"
+ default: Manually select an Apex Central server
anti_malware_setting_event_email_enabled:
description: anti malware setting event email enabled
type: dict
@@ -512,15 +530,16 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_update_agent_software_use_download_center_on_missing_deep_security_manager_enabled:
- description: platform setting update agent software use download center on missing deep security manager enabled
+ description: platform setting update agent software use download center on
+ missing deep security manager enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_recommendation_ongoing_scans_enabled:
description: platform setting recommendation ongoing scans enabled
type: dict
@@ -528,7 +547,6 @@
value:
description: Value of a Setting.
type: str
- default: "No"
platform_setting_agent_initiated_activation_token:
description: platform setting agent initiated activation token
type: dict
@@ -543,7 +561,7 @@
value:
description: Value of a Setting.
type: str
- default: "8"
+ default: '8'
platform_setting_primary_tenant_allow_tenant_database_state:
description: platform setting primary tenant allow tenant database state
type: dict
@@ -551,7 +569,7 @@
value:
description: Value of a Setting.
type: str
- default: "10"
+ default: '10'
platform_setting_aws_manager_identity_use_instance_role_enabled:
description: platform setting aws manager identity use instance role enabled
type: dict
@@ -559,7 +577,7 @@
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_content_security_policy:
description: platform setting content security policy
type: dict
@@ -574,7 +592,7 @@
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_alert_agent_update_pending_threshold:
description: platform setting alert agent update pending threshold
type: dict
@@ -582,7 +600,7 @@
value:
description: Value of a Setting.
type: str
- default: "7 Days"
+ default: 7 Days
platform_setting_user_password_require_special_characters_enabled:
description: platform setting user password require special characters enabled
type: dict
@@ -590,7 +608,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_update_appliance_default_agent_version:
description: platform setting update appliance default agent version
type: dict
@@ -605,7 +623,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_smtp_bounce_email_address:
description: platform setting smtp bounce email address
type: dict
@@ -614,13 +632,14 @@
description: Value of a Setting.
type: str
platform_setting_update_relay_security_support_agent_9and_earlier_enabled:
- description: platform setting update relay security support agent and earlier enabled
+ description: platform setting update relay security support agent and earlier
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_managed_detect_response_proxy_id:
description: platform setting managed detect response proxy id
type: dict
@@ -642,7 +661,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_load_balancer_relay_address:
description: platform setting load balancer relay address
type: dict
@@ -664,7 +683,7 @@
value:
description: Value of a Setting.
type: str
- default: "30 Minutes"
+ default: 30 Minutes
anti_malware_setting_event_email_subject:
description: anti malware setting event email subject
type: dict
@@ -673,13 +692,14 @@
description: Value of a Setting.
type: str
platform_setting_connected_threat_defense_control_manager_use_proxy_enabled:
- description: platform setting connected threat defense control manager use proxy enabled
+ description: platform setting connected threat defense control manager use
+ proxy enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_user_enforce_terms_and_conditions_enabled:
description: platform setting user enforce terms and conditions enabled
type: dict
@@ -687,7 +707,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_aws_manager_identity_access_key:
description: platform setting aws manager identity access key
type: dict
@@ -696,22 +716,25 @@
description: Value of a Setting.
type: str
platform_setting_connected_threat_defense_control_manager_proxy_id:
- description: platform setting connected threat defense control manager proxy id
+ description: platform setting connected threat defense control manager proxy
+ id
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
platform_setting_tenant_allow_impersonation_by_primary_tenant_enabled:
- description: platform setting tenant allow impersonation by primary tenant enabled
+ description: platform setting tenant allow impersonation by primary tenant
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_connected_threat_defense_control_manager_manual_source_server_url:
- description: platform setting connected threat defense control manager manual source server url
+ description: platform setting connected threat defense control manager manual
+ source server url
type: dict
suboptions:
value:
@@ -724,7 +747,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_trend_micro_xdr_identity_provider_api_url:
description: platform setting trend micro xdr identity provider api url
type: dict
@@ -733,13 +756,14 @@
description: Value of a Setting.
type: str
platform_setting_smart_protection_feedback_for_suspicious_file_enabled:
- description: platform setting smart protection feedback for suspicious file enabled
+ description: platform setting smart protection feedback for suspicious file
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_primary_tenant_allow_tenant_configure_snmp_enabled:
description: platform setting primary tenant allow tenant configure snmp enabled
type: dict
@@ -747,7 +771,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_smart_protection_feedback_industry_type:
description: platform setting smart protection feedback industry type
type: dict
@@ -755,7 +779,7 @@
value:
description: Value of a Setting.
type: str
- default: "Not specified"
+ default: Not specified
web_reputation_setting_retain_event_duration:
description: web reputation setting retain event duration
type: dict
@@ -763,7 +787,7 @@
value:
description: Value of a Setting.
type: str
- default: "7 Days"
+ default: 7 Days
platform_setting_retain_server_log_duration:
description: platform setting retain server log duration
type: dict
@@ -771,7 +795,7 @@
value:
description: Value of a Setting.
type: str
- default: "7 Days"
+ default: 7 Days
integrity_monitoring_setting_event_rank_severity_medium:
description: integrity monitoring setting event rank severity medium
type: dict
@@ -779,7 +803,7 @@
value:
description: Value of a Setting.
type: str
- default: "25"
+ default: '25'
platform_setting_proxy_manager_cloud_proxy_id:
description: platform setting proxy manager cloud proxy id
type: dict
@@ -788,13 +812,14 @@
description: Value of a Setting.
type: str
platform_setting_update_relay_security_all_regions_patterns_download_enabled:
- description: platform setting update relay security all regions patterns download enabled
+ description: platform setting update relay security all regions patterns download
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_ddan_submission_enabled:
description: platform setting ddan submission enabled
type: dict
@@ -802,7 +827,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
web_reputation_setting_event_rank_risk_suspicious:
description: web reputation setting event rank risk suspicious
type: dict
@@ -810,7 +835,7 @@
value:
description: Value of a Setting.
type: str
- default: "25"
+ default: '25'
integrity_monitoring_setting_event_rank_severity_critical:
description: integrity monitoring setting event rank severity critical
type: dict
@@ -818,7 +843,7 @@
value:
description: Value of a Setting.
type: str
- default: "100"
+ default: '100'
platform_setting_smtp_from_email_address:
description: platform setting smtp from email address
type: dict
@@ -833,7 +858,7 @@
value:
description: Value of a Setting.
type: str
- default: "0"
+ default: '0'
platform_setting_event_forwarding_sns_topic_arn:
description: platform setting event forwarding sns topic arn
type: dict
@@ -842,14 +867,16 @@
description: Value of a Setting.
type: str
firewall_setting_internet_connectivity_test_expected_content_regex:
- description: firewall setting internet connectivity test expected content regex
+ description: firewall setting internet connectivity test expected content
+ regex
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
platform_setting_connected_threat_defense_control_manager_manual_source_api_key:
- description: platform setting connected threat defense control manager manual source api key
+ description: platform setting connected threat defense control manager manual
+ source api key
type: dict
suboptions:
value:
@@ -869,15 +896,16 @@
value:
description: Value of a Setting.
type: str
- default: "Trend Micro ActiveUpdate Server"
+ default: Trend Micro ActiveUpdate Server
platform_setting_primary_tenant_share_connected_threat_defenses_enabled:
- description: platform setting primary tenant share connected threat defenses enabled
+ description: platform setting primary tenant share connected threat defenses
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
web_reputation_setting_event_rank_risk_dangerous:
description: web reputation setting event rank risk dangerous
type: dict
@@ -885,7 +913,7 @@
value:
description: Value of a Setting.
type: str
- default: "100"
+ default: '100'
platform_setting_load_balancer_heartbeat_port:
description: platform setting load balancer heartbeat port
type: dict
@@ -893,7 +921,7 @@
value:
description: Value of a Setting.
type: str
- default: "4120"
+ default: '4120'
platform_setting_user_hide_unlicensed_modules_enabled:
description: platform setting user hide unlicensed modules enabled
type: dict
@@ -901,7 +929,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_capture_encrypted_traffic_enabled:
description: platform setting capture encrypted traffic enabled
type: dict
@@ -909,7 +937,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_retain_system_event_duration:
description: platform setting retain system event duration
type: dict
@@ -917,7 +945,7 @@
value:
description: Value of a Setting.
type: str
- default: "53 weeks"
+ default: 53 weeks
platform_setting_user_password_expiry:
description: platform setting user password expiry
type: dict
@@ -925,7 +953,7 @@
value:
description: Value of a Setting.
type: str
- default: "Never"
+ default: Never
platform_setting_smart_protection_feedback_enabled:
description: platform setting smart protection feedback enabled
type: dict
@@ -933,7 +961,7 @@
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
integrity_monitoring_setting_retain_event_duration:
description: integrity monitoring setting retain event duration
type: dict
@@ -941,15 +969,16 @@
value:
description: Value of a Setting.
type: str
- default: "7 Days"
+ default: 7 Days
platform_setting_primary_tenant_allow_tenant_use_scheduled_run_script_task_enabled:
- description: platform setting primary tenant allow tenant use scheduled run script task enabled
+ description: platform setting primary tenant allow tenant use scheduled run
+ script task enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
log_inspection_setting_event_rank_severity_critical:
description: log inspection setting event rank severity critical
type: dict
@@ -957,15 +986,16 @@
value:
description: Value of a Setting.
type: str
- default: "100"
+ default: '100'
platform_setting_primary_tenant_lock_and_hide_tenant_smtp_tab_enabled:
- description: platform setting primary tenant lock and hide tenant smtp tab enabled
+ description: platform setting primary tenant lock and hide tenant smtp tab
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_ddan_proxy_id:
description: platform setting ddan proxy id
type: dict
@@ -987,7 +1017,7 @@
value:
description: Value of a Setting.
type: str
- default: "http://"
+ default: http://
platform_setting_agentless_vcloud_protection_enabled:
description: platform setting agentless vcloud protection enabled
type: dict
@@ -995,7 +1025,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_linux_upgrade_on_activation_enabled:
description: platform setting linux upgrade on activation enabled
type: dict
@@ -1003,7 +1033,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_trend_micro_xdr_enabled:
description: platform setting trend micro xdr enabled
type: dict
@@ -1011,7 +1041,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_active_sessions_max_exceeded_action:
description: platform setting active sessions max exceeded action
type: dict
@@ -1019,7 +1049,7 @@
value:
description: Value of a Setting.
type: str
- default: "Block new sessions"
+ default: Block new sessions
platform_setting_update_hostname_on_ip_change_enabled:
description: platform setting update hostname on ip change enabled
type: dict
@@ -1027,7 +1057,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
log_inspection_setting_event_rank_severity_high:
description: log inspection setting event rank severity high
type: dict
@@ -1035,7 +1065,7 @@
value:
description: Value of a Setting.
type: str
- default: "50"
+ default: '50'
platform_setting_smtp_requires_authentication_enabled:
description: platform setting smtp requires authentication enabled
type: dict
@@ -1043,7 +1073,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_active_sessions_max:
description: platform setting active sessions max
type: dict
@@ -1051,7 +1081,7 @@
value:
description: Value of a Setting.
type: str
- default: "10"
+ default: '10'
platform_setting_aws_external_id_retrieval_enabled:
description: platform setting aws external id retrieval enabled
type: dict
@@ -1059,7 +1089,7 @@
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
log_inspection_setting_event_rank_severity_low:
description: log inspection setting event rank severity low
type: dict
@@ -1067,7 +1097,7 @@
value:
description: Value of a Setting.
type: str
- default: "1"
+ default: '1'
platform_setting_azure_sso_certificate:
description: platform setting azure sso certificate
type: dict
@@ -1089,7 +1119,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
firewall_setting_internet_connectivity_test_interval:
description: firewall setting internet connectivity test interval
type: dict
@@ -1097,7 +1127,7 @@
value:
description: Value of a Setting.
type: str
- default: "10 Seconds"
+ default: 10 Seconds
platform_setting_whois_url:
description: platform setting whois url
type: dict
@@ -1112,15 +1142,16 @@
value:
description: Value of a Setting.
type: str
- default: "Manually select a Deep Discovery Analyzer server"
+ default: Manually select a Deep Discovery Analyzer server
platform_setting_connected_threat_defense_control_manager_suspicious_object_list_comparison_enabled:
- description: platform setting connected threat defense control manager suspicious object list comparison enabled
+ description: platform setting connected threat defense control manager suspicious
+ object list comparison enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_exported_file_character_encoding:
description: platform setting exported file character encoding
type: dict
@@ -1128,7 +1159,7 @@
value:
description: Value of a Setting.
type: str
- default: "US-ASCII"
+ default: US-ASCII
platform_setting_user_session_duration_max:
description: platform setting user session duration max
type: dict
@@ -1136,7 +1167,7 @@
value:
description: Value of a Setting.
type: str
- default: "No Limit"
+ default: No Limit
platform_setting_update_software_alternate_update_server_urls:
description: platform setting update software alternate update server urls
type: dict
@@ -1151,15 +1182,16 @@
value:
description: Value of a Setting.
type: str
- default: "13 Weeks"
+ default: 13 Weeks
platform_setting_primary_tenant_allow_tenant_run_computer_discovery_enabled:
- description: platform setting primary tenant allow tenant run computer discovery enabled
+ description: platform setting primary tenant allow tenant run computer discovery
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_smart_protection_feedback_interval:
description: platform setting smart protection feedback interval
type: dict
@@ -1167,7 +1199,7 @@
value:
description: Value of a Setting.
type: str
- default: "5"
+ default: '5'
platform_setting_system_event_forwarding_snmp_address:
description: platform setting system event forwarding snmp address
type: dict
@@ -1189,7 +1221,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_smtp_password:
description: platform setting smtp password
type: dict
@@ -1211,7 +1243,7 @@
value:
description: Value of a Setting.
type: str
- default: "7 Days"
+ default: 7 Days
web_reputation_setting_event_rank_risk_untested:
description: web reputation setting event rank risk untested
type: dict
@@ -1219,7 +1251,7 @@
value:
description: Value of a Setting.
type: str
- default: "25"
+ default: '25'
platform_setting_managed_detect_response_use_proxy_enabled:
description: platform setting managed detect response use proxy enabled
type: dict
@@ -1227,7 +1259,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_event_forwarding_sns_secret_key:
description: platform setting event forwarding sns secret key
type: dict
@@ -1256,7 +1288,7 @@
value:
description: Value of a Setting.
type: str
- default: "50"
+ default: '50'
platform_setting_api_status_monitoring_enabled:
description: platform setting api status monitoring enabled
type: dict
@@ -1264,7 +1296,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_sign_in_page_message:
description: platform setting sign in page message
type: dict
@@ -1279,7 +1311,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_user_sign_in_attempts_allowed_number:
description: platform setting user sign in attempts allowed number
type: dict
@@ -1287,7 +1319,7 @@
value:
description: Value of a Setting.
type: str
- default: "5"
+ default: '5'
platform_setting_ddan_use_proxy_enabled:
description: platform setting ddan use proxy enabled
type: dict
@@ -1295,7 +1327,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_agent_initiated_activation_enabled:
description: platform setting agent initiated activation enabled
type: dict
@@ -1303,15 +1335,16 @@
value:
description: Value of a Setting.
type: str
- default: "For any computers"
+ default: For any computers
platform_setting_primary_tenant_allow_tenant_configure_remember_me_option_enabled:
- description: platform setting primary tenant allow tenant configure remember me option enabled
+ description: platform setting primary tenant allow tenant configure remember
+ me option enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_smart_protection_feedback_bandwidth_max_kbytes:
description: platform setting smart protection feedback bandwidth max kbytes
type: dict
@@ -1319,7 +1352,7 @@
value:
description: Value of a Setting.
type: str
- default: "32"
+ default: '32'
firewall_setting_event_rank_severity_packet_rejection:
description: firewall setting event rank severity packet rejection
type: dict
@@ -1327,7 +1360,7 @@
value:
description: Value of a Setting.
type: str
- default: "50"
+ default: '50'
platform_setting_proxy_manager_update_proxy_id:
description: platform setting proxy manager update proxy id
type: dict
@@ -1336,13 +1369,14 @@
description: Value of a Setting.
type: str
platform_setting_managed_detect_response_use_primary_tenant_settings_enabled:
- description: platform setting managed detect response use primary tenant settings enabled
+ description: platform setting managed detect response use primary tenant settings
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_event_forwarding_sns_access_key:
description: platform setting event forwarding sns access key
type: dict
@@ -1351,29 +1385,32 @@
description: Value of a Setting.
type: str
platform_setting_agent_initiated_activation_specify_hostname_enabled:
- description: platform setting agent initiated activation specify hostname enabled
+ description: platform setting agent initiated activation specify hostname
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_primary_tenant_allow_tenant_sync_with_cloud_account_enabled:
- description: platform setting primary tenant allow tenant sync with cloud account enabled
+ description: platform setting primary tenant allow tenant sync with cloud
+ account enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_connected_threat_defenses_use_primary_tenant_server_settings_enabled:
- description: platform setting connected threat defenses use primary tenant server settings enabled
+ description: platform setting connected threat defenses use primary tenant
+ server settings enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_inactive_agent_cleanup_duration:
description: platform setting inactive agent cleanup duration
type: dict
@@ -1381,15 +1418,16 @@
value:
description: Value of a Setting.
type: str
- default: "1 Month"
+ default: 1 Month
platform_setting_agent_initiated_activation_duplicate_hostname_mode:
- description: platform setting agent initiated activation duplicate hostname mode
+ description: platform setting agent initiated activation duplicate hostname
+ mode
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "Re-activate the existing Computer"
+ default: Re-activate the existing Computer
platform_setting_vmware_nsx_manager_node:
description: platform setting vmware nsx manager node
type: dict
@@ -1397,7 +1435,7 @@
value:
description: Value of a Setting.
type: str
- default: "1"
+ default: '1'
platform_setting_user_enforce_terms_and_conditions_title:
description: platform setting user enforce terms and conditions title
type: dict
@@ -1406,13 +1444,14 @@
description: Value of a Setting.
type: str
platform_setting_primary_tenant_allow_tenant_add_vmware_vcenter_enabled:
- description: platform setting primary tenant allow tenant add vmware vcenter enabled
+ description: platform setting primary tenant allow tenant add vmware vcenter
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_new_tenant_download_security_update_enabled:
description: platform setting new tenant download security update enabled
type: dict
@@ -1420,31 +1459,34 @@
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_tenant_protection_usage_monitoring_computer_id_3:
- description: platform setting tenant protection usage monitoring computer id 3
+ description: platform setting tenant protection usage monitoring computer
+ id 3
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "Platform"
+ default: Platform
platform_setting_agent_initiated_activation_reactivate_unknown_enabled:
- description: platform setting agent initiated activation reactivate unknown enabled
+ description: platform setting agent initiated activation reactivate unknown
+ enabled
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_tenant_protection_usage_monitoring_computer_id_2:
- description: platform setting tenant protection usage monitoring computer id 2
+ description: platform setting tenant protection usage monitoring computer
+ id 2
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "Last Used IP Address"
+ default: Last Used IP Address
platform_setting_agent_initiated_activation_policy_id:
description: platform setting agent initiated activation policy id
type: dict
@@ -1453,13 +1495,14 @@
description: Value of a Setting.
type: str
platform_setting_tenant_protection_usage_monitoring_computer_id_1:
- description: platform setting tenant protection usage monitoring computer id 1
+ description: platform setting tenant protection usage monitoring computer
+ id 1
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "Hostname"
+ default: Hostname
platform_setting_trend_micro_xdr_api_server_url:
description: platform setting trend micro xdr api server url
type: dict
@@ -1474,7 +1517,7 @@
value:
description: Value of a Setting.
type: str
- default: "5"
+ default: '5'
application_control_setting_serve_rulesets_from_relays_enabled:
description: application control setting serve rulesets from relays enabled
type: dict
@@ -1482,7 +1525,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
integrity_monitoring_setting_event_rank_severity_high:
description: integrity monitoring setting event rank severity high
type: dict
@@ -1490,15 +1533,16 @@
value:
description: Value of a Setting.
type: str
- default: "50"
+ default: '50'
platform_setting_saml_retain_inactive_external_administrators_duration:
- description: platform setting saml retain inactive external administrators duration
+ description: platform setting saml retain inactive external administrators
+ duration
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "365"
+ default: '365'
intrusion_prevention_setting_retain_event_duration:
description: intrusion prevention setting retain event duration
type: dict
@@ -1506,7 +1550,7 @@
value:
description: Value of a Setting.
type: str
- default: "7 Days"
+ default: 7 Days
platform_setting_http_public_key_pin_policy_report_only_enabled:
description: platform setting http public key pin policy report only enabled
type: dict
@@ -1514,7 +1558,7 @@
value:
description: Value of a Setting.
type: str
- default: "true"
+ default: 'true'
platform_setting_saml_service_provider_name:
description: platform setting saml service provider name
type: dict
@@ -1530,13 +1574,14 @@
description: Value of a Setting.
type: str
platform_setting_saml_service_provider_certificate_expiry_warning_days:
- description: platform setting saml service provider certificate expiry warning days
+ description: platform setting saml service provider certificate expiry warning
+ days
type: dict
suboptions:
value:
description: Value of a Setting.
type: str
- default: "30"
+ default: '30'
platform_setting_proxy_agent_update_proxy_id:
description: platform setting proxy agent update proxy id
type: dict
@@ -1551,7 +1596,7 @@
value:
description: Value of a Setting.
type: str
- default: "false"
+ default: 'false'
platform_setting_ddan_manual_source_api_key:
description: platform setting ddan manual source api key
type: dict
@@ -1573,7 +1618,7 @@
value:
description: Value of a Setting.
type: str
- default: "100"
+ default: '100'
intrusion_prevention_setting_event_rank_severity_filter_high:
description: intrusion prevention setting event rank severity filter high
type: dict
@@ -1581,7 +1626,7 @@
value:
description: Value of a Setting.
type: str
- default: "50"
+ default: '50'
platform_setting_trend_micro_xdr_api_key:
description: platform setting trend micro xdr api key
type: dict
@@ -1596,7 +1641,7 @@
value:
description: Value of a Setting.
type: str
- default: "1"
+ default: '1'
platform_setting_trend_micro_xdr_company_id:
description: platform setting trend micro xdr company id
type: dict
@@ -1606,9 +1651,9 @@
type: str
platform_setting_allow_packet_data_capture_in_network_events:
description:
- - platform setting that allows packet data capture in network_events
- - Applicaple only with GET call
- - Not applicaple param with Create/Modify POST call
+ - platform setting that allows packet data capture in network_events
+ - Applicaple only with GET call
+ - Not applicaple param with Create/Modify POST call
type: dict
suboptions:
value:
@@ -1616,9 +1661,9 @@
type: str
platform_setting_dsm_as_xbc_agent_feature_enabled:
description:
- - platform setting dsm as xbc agent feature enabled
- - Applicaple only with GET call
- - Not applicaple param with Create/Modify POST call
+ - platform setting dsm as xbc agent feature enabled
+ - Applicaple only with GET call
+ - Not applicaple param with Create/Modify POST call
type: dict
suboptions:
value:
@@ -1626,15 +1671,15 @@
type: bool
state:
description:
- - The state the configuration should be left in
- - The state I(gathered) will get the module API configuration from the device and
- transform it into structured data in the format as per the module argspec and
- the value is returned in the I(gathered) key within the result.
+ - The state the configuration should be left in
+ - The state I(gathered) will get the module API configuration from the device
+ and transform it into structured data in the format as per the module argspec
+ and the value is returned in the I(gathered) key within the result.
type: str
choices:
- - present
- - absent
- - gathered
+ - present
+ - absent
+ - gathered
default: present
author: Ansible Security Automation Team (@justjais) "
"""
@@ -1651,43 +1696,14 @@
value: true
platform_setting_demo_mode_enabled:
value: true
-
-# Play Run:
-# =========
-#
-# "system_settings": {
-# "after": {
-# "platform_setting_demo_mode_enabled": {
-# "value": true
-# },
-# "platform_setting_http_strict_transport_enabled": {
-# "value": true
-# },
-# "platform_setting_syslog_config_id": {
-# "value": "12"
-# }
-# },
-# "before": {
-# "platform_setting_demo_mode_enabled": {
-# "value": "false"
-# },
-# "platform_setting_http_strict_transport_enabled": {
-# "value": "false"
-# },
-# "platform_setting_syslog_config_id": {
-# "value": "0"
-# }
-# }
-# }
-
- name: Reset/Delete the input System Settings Config
trendmicro.deepsec.deepsec_system_settings:
state: absent
config:
name:
- - platform_setting_syslog_config_id
- - platform_setting_http_strict_transport_enabled
- - platform_setting_demo_mode_enabled
+ - platform_setting_syslog_config_id
+ - platform_setting_http_strict_transport_enabled
+ - platform_setting_demo_mode_enabled
# Play Run:
# =========
@@ -1722,9 +1738,9 @@
state: gathered
config:
name:
- - platform_setting_syslog_config_id
- - platform_setting_http_strict_transport_enabled
- - platform_setting_demo_mode_enabled
+ - platform_setting_syslog_config_id
+ - platform_setting_http_strict_transport_enabled
+ - platform_setting_demo_mode_enabled
# Play Run:
# =========
@@ -1746,630 +1762,6 @@
- name: Gather/Get the complete System Settings
trendmicro.deepsec.deepsec_system_settings:
state: gathered
-
-# Play Run:
-# =========
-#
-# "gathered": {
-# "config": {
-# "anti_malware_setting_event_email_body_template": {
-# "value": ""
-# },
-# "anti_malware_setting_event_email_enabled": {
-# "value": "false"
-# },
-# "anti_malware_setting_event_email_recipients": {
-# "value": ""
-# },
-# "anti_malware_setting_event_email_subject": {
-# "value": ""
-# },
-# "anti_malware_setting_retain_event_duration": {
-# "value": "7 Days"
-# },
-# "application_control_setting_retain_event_duration": {
-# "value": "7 Days"
-# },
-# "application_control_setting_serve_rulesets_from_relays_enabled": {
-# "value": "false"
-# },
-# "firewall_setting_event_rank_severity_deny": {
-# "value": "100"
-# },
-# "firewall_setting_event_rank_severity_log_only": {
-# "value": "1"
-# },
-# "firewall_setting_event_rank_severity_packet_rejection": {
-# "value": "50"
-# },
-# "firewall_setting_global_stateful_config_id": {
-# "value": "0"
-# },
-# "firewall_setting_internet_connectivity_test_expected_content_regex": {
-# "value": ""
-# },
-# "firewall_setting_internet_connectivity_test_interval": {
-# "value": "10 Seconds"
-# },
-# "firewall_setting_internet_connectivity_test_url": {
-# "value": ""
-# },
-# "firewall_setting_intranet_connectivity_test_expected_content_regex": {
-# "value": ""
-# },
-# "firewall_setting_intranet_connectivity_test_url": {
-# "value": ""
-# },
-# "firewall_setting_retain_event_duration": {
-# "value": "7 Days"
-# },
-# "integrity_monitoring_setting_event_rank_severity_critical": {
-# "value": "100"
-# },
-# "integrity_monitoring_setting_event_rank_severity_high": {
-# "value": "50"
-# },
-# "integrity_monitoring_setting_event_rank_severity_low": {
-# "value": "1"
-# },
-# "integrity_monitoring_setting_event_rank_severity_medium": {
-# "value": "25"
-# },
-# "integrity_monitoring_setting_retain_event_duration": {
-# "value": "7 Days"
-# },
-# "intrusion_prevention_setting_event_rank_severity_filter_critical": {
-# "value": "100"
-# },
-# "intrusion_prevention_setting_event_rank_severity_filter_error": {
-# "value": "100"
-# },
-# "intrusion_prevention_setting_event_rank_severity_filter_high": {
-# "value": "50"
-# },
-# "intrusion_prevention_setting_event_rank_severity_filter_low": {
-# "value": "1"
-# },
-# "intrusion_prevention_setting_event_rank_severity_filter_medium": {
-# "value": "25"
-# },
-# "intrusion_prevention_setting_retain_event_duration": {
-# "value": "7 Days"
-# },
-# "log_inspection_setting_event_rank_severity_critical": {
-# "value": "100"
-# },
-# "log_inspection_setting_event_rank_severity_high": {
-# "value": "50"
-# },
-# "log_inspection_setting_event_rank_severity_low": {
-# "value": "1"
-# },
-# "log_inspection_setting_event_rank_severity_medium": {
-# "value": "25"
-# },
-# "log_inspection_setting_retain_event_duration": {
-# "value": "7 Days"
-# },
-# "platform_setting_active_sessions_max": {
-# "value": "10"
-# },
-# "platform_setting_active_sessions_max_exceeded_action": {
-# "value": "Block new sessions"
-# },
-# "platform_setting_agent_initiated_activation_duplicate_hostname_mode": {
-# "value": "Re-activate the existing Computer"
-# },
-# "platform_setting_agent_initiated_activation_enabled": {
-# "value": "For any computers"
-# },
-# "platform_setting_agent_initiated_activation_policy_id": {
-# "value": ""
-# },
-# "platform_setting_agent_initiated_activation_reactivate_cloned_enabled": {
-# "value": "true"
-# },
-# "platform_setting_agent_initiated_activation_reactivate_unknown_enabled": {
-# "value": "true"
-# },
-# "platform_setting_agent_initiated_activation_specify_hostname_enabled": {
-# "value": "false"
-# },
-# "platform_setting_agent_initiated_activation_token": {
-# "value": ""
-# },
-# "platform_setting_agent_initiated_activation_within_ip_list_id": {
-# "value": ""
-# },
-# "platform_setting_agentless_vcloud_protection_enabled": {
-# "value": "false"
-# },
-# "platform_setting_alert_agent_update_pending_threshold": {
-# "value": "7 Days"
-# },
-# "platform_setting_alert_default_email_address": {
-# "value": ""
-# },
-# "platform_setting_api_soap_web_service_enabled": {
-# "value": "false"
-# },
-# "platform_setting_api_status_monitoring_enabled": {
-# "value": "false"
-# },
-# "platform_setting_aws_external_id_retrieval_enabled": {
-# "value": "true"
-# },
-# "platform_setting_aws_manager_identity_access_key": {
-# "value": ""
-# },
-# "platform_setting_aws_manager_identity_secret_key": {
-# "value": ""
-# },
-# "platform_setting_aws_manager_identity_use_instance_role_enabled": {
-# "value": "true"
-# },
-# "platform_setting_azure_sso_certificate": {
-# "value": ""
-# },
-# "platform_setting_capture_encrypted_traffic_enabled": {
-# "value": "false"
-# },
-# "platform_setting_connected_threat_defense_control_manager_manual_source_api_key": {
-# "value": ""
-# },
-# "platform_setting_connected_threat_defense_control_manager_manual_source_server_url": {
-# "value": ""
-# },
-# "platform_setting_connected_threat_defense_control_manager_proxy_id": {
-# "value": ""
-# },
-# "platform_setting_connected_threat_defense_control_manager_source_option": {
-# "value": "Manually select an Apex Central server"
-# },
-# "platform_setting_connected_threat_defense_control_manager_suspicious_object_list_comparison_enabled": {
-# "value": "false"
-# },
-# "platform_setting_connected_threat_defense_control_manager_use_proxy_enabled": {
-# "value": "false"
-# },
-# "platform_setting_connected_threat_defenses_use_primary_tenant_server_settings_enabled": {
-# "value": "false"
-# },
-# "platform_setting_content_security_policy": {
-# "value": ""
-# },
-# "platform_setting_content_security_policy_report_only_enabled": {
-# "value": "true"
-# },
-# "platform_setting_ddan_auto_submission_enabled": {
-# "value": "false"
-# },
-# "platform_setting_ddan_manual_source_api_key": {
-# "value": ""
-# },
-# "platform_setting_ddan_manual_source_server_url": {
-# "value": ""
-# },
-# "platform_setting_ddan_proxy_id": {
-# "value": ""
-# },
-# "platform_setting_ddan_source_option": {
-# "value": "Manually select a Deep Discovery Analyzer server"
-# },
-# "platform_setting_ddan_submission_enabled": {
-# "value": "false"
-# },
-# "platform_setting_ddan_use_proxy_enabled": {
-# "value": "false"
-# },
-# "platform_setting_demo_mode_enabled": {
-# "value": "false"
-# },
-# "platform_setting_event_forwarding_sns_access_key": {
-# "value": ""
-# },
-# "platform_setting_event_forwarding_sns_advanced_config_enabled": {
-# "value": "false"
-# },
-# "platform_setting_event_forwarding_sns_config_json": {
-# "value": ""
-# },
-# "platform_setting_event_forwarding_sns_enabled": {
-# "value": "false"
-# },
-# "platform_setting_event_forwarding_sns_secret_key": {
-# "value": ""
-# },
-# "platform_setting_event_forwarding_sns_topic_arn": {
-# "value": ""
-# },
-# "platform_setting_exported_diagnostic_package_locale": {
-# "value": "en_US"
-# },
-# "platform_setting_exported_file_character_encoding": {
-# "value": "US-ASCII"
-# },
-# "platform_setting_http_public_key_pin_policy": {
-# "value": ""
-# },
-# "platform_setting_http_public_key_pin_policy_report_only_enabled": {
-# "value": "true"
-# },
-# "platform_setting_http_strict_transport_enabled": {
-# "value": "false"
-# },
-# "platform_setting_inactive_agent_cleanup_duration": {
-# "value": "1 Month"
-# },
-# "platform_setting_inactive_agent_cleanup_enabled": {
-# "value": "false"
-# },
-# "platform_setting_linux_upgrade_on_activation_enabled": {
-# "value": "false"
-# },
-# "platform_setting_load_balancer_heartbeat_address": {
-# "value": ""
-# },
-# "platform_setting_load_balancer_heartbeat_port": {
-# "value": "4120"
-# },
-# "platform_setting_load_balancer_manager_address": {
-# "value": ""
-# },
-# "platform_setting_load_balancer_manager_port": {
-# "value": "4119"
-# },
-# "platform_setting_load_balancer_relay_address": {
-# "value": ""
-# },
-# "platform_setting_load_balancer_relay_port": {
-# "value": "4122"
-# },
-# "platform_setting_logo_binary_image_img": {
-# "value": ""
-# },
-# "platform_setting_managed_detect_response_company_guid": {
-# "value": ""
-# },
-# "platform_setting_managed_detect_response_enabled": {
-# "value": "false"
-# },
-# "platform_setting_managed_detect_response_proxy_id": {
-# "value": ""
-# },
-# "platform_setting_managed_detect_response_server_url": {
-# "value": ""
-# },
-# "platform_setting_managed_detect_response_service_token": {
-# "value": ""
-# },
-# "platform_setting_managed_detect_response_use_primary_tenant_settings_enabled": {
-# "value": "false"
-# },
-# "platform_setting_managed_detect_response_use_proxy_enabled": {
-# "value": "false"
-# },
-# "platform_setting_new_tenant_download_security_update_enabled": {
-# "value": "true"
-# },
-# "platform_setting_primary_tenant_allow_tenant_add_vmware_vcenter_enabled": {
-# "value": "true"
-# },
-# "platform_setting_primary_tenant_allow_tenant_configure_forgot_password_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_allow_tenant_configure_remember_me_option_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_allow_tenant_configure_siem_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_allow_tenant_configure_snmp_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_allow_tenant_configure_sns_enabled": {
-# "value": "true"
-# },
-# "platform_setting_primary_tenant_allow_tenant_control_impersonation_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_allow_tenant_database_state": {
-# "value": "10"
-# },
-# "platform_setting_primary_tenant_allow_tenant_run_computer_discovery_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_allow_tenant_run_port_scan_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_allow_tenant_sync_with_cloud_account_enabled": {
-# "value": "true"
-# },
-# "platform_setting_primary_tenant_allow_tenant_synchronize_ldap_directories_enabled": {
-# "value": "true"
-# },
-# "platform_setting_primary_tenant_allow_tenant_use_default_relay_group_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_allow_tenant_use_scheduled_run_script_task_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_lock_and_hide_tenant_data_privacy_option_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_lock_and_hide_tenant_smtp_tab_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_lock_and_hide_tenant_storage_tab_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_share_connected_threat_defenses_enabled": {
-# "value": "false"
-# },
-# "platform_setting_primary_tenant_share_managed_detect_responses_enabled": {
-# "value": "false"
-# },
-# "platform_setting_product_usage_data_collection_enabled": {
-# "value": "true"
-# },
-# "platform_setting_proxy_agent_update_proxy_id": {
-# "value": ""
-# },
-# "platform_setting_proxy_manager_cloud_proxy_id": {
-# "value": ""
-# },
-# "platform_setting_proxy_manager_update_proxy_id": {
-# "value": ""
-# },
-# "platform_setting_recommendation_cpu_usage_level": {
-# "value": "High"
-# },
-# "platform_setting_recommendation_ongoing_scans_enabled": {
-# "value": "No"
-# },
-# "platform_setting_retain_agent_installers_per_platform_max": {
-# "value": "5"
-# },
-# "platform_setting_retain_counters_duration": {
-# "value": "13 Weeks"
-# },
-# "platform_setting_retain_security_updates_max": {
-# "value": "10"
-# },
-# "platform_setting_retain_server_log_duration": {
-# "value": "7 Days"
-# },
-# "platform_setting_retain_system_event_duration": {
-# "value": "53 Weeks"
-# },
-# "platform_setting_saml_identity_provider_certificate_expiry_warning_daysr": {
-# "value": "30"
-# },
-# "platform_setting_saml_retain_inactive_external_administrators_duration": {
-# "value": "365"
-# },
-# "platform_setting_saml_service_provider_certificate": {
-# "value": ""
-# },
-# "platform_setting_saml_service_provider_certificate_expiry_warning_days": {
-# "value": "30"
-# },
-# "platform_setting_saml_service_provider_entity_id": {
-# "value": ""
-# },
-# "platform_setting_saml_service_provider_name": {
-# "value": ""
-# },
-# "platform_setting_saml_service_provider_private_key": {
-# "value": ""
-# },
-# "platform_setting_sign_in_page_message": {
-# "value": ""
-# },
-# "platform_setting_smart_protection_feedback_bandwidth_max_kbytes": {
-# "value": "32"
-# },
-# "platform_setting_smart_protection_feedback_enabled": {
-# "value": "true"
-# },
-# "platform_setting_smart_protection_feedback_for_suspicious_file_enabled": {
-# "value": "true"
-# },
-# "platform_setting_smart_protection_feedback_industry_type": {
-# "value": "Not specified"
-# },
-# "platform_setting_smart_protection_feedback_interval": {
-# "value": "5"
-# },
-# "platform_setting_smart_protection_feedback_threat_detections_threshold": {
-# "value": "10"
-# },
-# "platform_setting_smtp_bounce_email_address": {
-# "value": ""
-# },
-# "platform_setting_smtp_from_email_address": {
-# "value": ""
-# },
-# "platform_setting_smtp_password": {
-# "value": ""
-# },
-# "platform_setting_smtp_requires_authentication_enabled": {
-# "value": "false"
-# },
-# "platform_setting_smtp_server_address": {
-# "value": ""
-# },
-# "platform_setting_smtp_start_tls_enabled": {
-# "value": "false"
-# },
-# "platform_setting_smtp_username": {
-# "value": ""
-# },
-# "platform_setting_syslog_config_id": {
-# "value": "0"
-# },
-# "platform_setting_system_event_forwarding_snmp_address": {
-# "value": ""
-# },
-# "platform_setting_system_event_forwarding_snmp_enabled": {
-# "value": "false"
-# },
-# "platform_setting_system_event_forwarding_snmp_port": {
-# "value": "162"
-# },
-# "platform_setting_tenant_allow_impersonation_by_primary_tenant_enabled": {
-# "value": "false"
-# },
-# "platform_setting_tenant_auto_revoke_impersonation_by_primary_tenant_enabled": {
-# "value": "false"
-# },
-# "platform_setting_tenant_auto_revoke_impersonation_by_primary_tenant_timeout": {
-# "value": "4 Hours"
-# },
-# "platform_setting_tenant_protection_usage_monitoring_computer_id_1": {
-# "value": "Hostname"
-# },
-# "platform_setting_tenant_protection_usage_monitoring_computer_id_2": {
-# "value": "Last Used IP Address"
-# },
-# "platform_setting_tenant_protection_usage_monitoring_computer_id_3": {
-# "value": "Platform"
-# },
-# "platform_setting_tenant_use_default_relay_group_from_primary_tenant_enabled": {
-# "value": "false"
-# },
-# "platform_setting_trend_micro_xdr_api_key": {
-# "value": ""
-# },
-# "platform_setting_trend_micro_xdr_api_server_url": {
-# "value": ""
-# },
-# "platform_setting_trend_micro_xdr_api_user": {
-# "value": ""
-# },
-# "platform_setting_trend_micro_xdr_common_log_receiver_url": {
-# "value": ""
-# },
-# "platform_setting_trend_micro_xdr_company_id": {
-# "value": ""
-# },
-# "platform_setting_trend_micro_xdr_enabled": {
-# "value": "false"
-# },
-# "platform_setting_trend_micro_xdr_identity_provider_api_url": {
-# "value": ""
-# },
-# "platform_setting_trend_micro_xdr_log_server_url": {
-# "value": ""
-# },
-# "platform_setting_update_agent_security_contact_primary_source_on_missing_relay_enabled": {
-# "value": "true"
-# },
-# "platform_setting_update_agent_security_on_missing_deep_security_manager_enabled": {
-# "value": "true"
-# },
-# "platform_setting_update_agent_software_use_download_center_on_missing_deep_security_manager_enabled": {
-# "value": "false"
-# },
-# "platform_setting_update_appliance_default_agent_version": {
-# "value": ""
-# },
-# "platform_setting_update_hostname_on_ip_change_enabled": {
-# "value": "false"
-# },
-# "platform_setting_update_imported_software_auto_download_enabled": {
-# "value": "true"
-# },
-# "platform_setting_update_relay_security_all_regions_patterns_download_enabled": {
-# "value": "false"
-# },
-# "platform_setting_update_relay_security_support_agent_9and_earlier_enabled": {
-# "value": "false"
-# },
-# "platform_setting_update_rules_policy_auto_apply_enabled": {
-# "value": "true"
-# },
-# "platform_setting_update_security_primary_source_mode": {
-# "value": "Trend Micro ActiveUpdate Server"
-# },
-# "platform_setting_update_security_primary_source_url": {
-# "value": "http://"
-# },
-# "platform_setting_update_software_alternate_update_server_urls": {
-# "value": ""
-# },
-# "platform_setting_user_enforce_terms_and_conditions_enabled": {
-# "value": "false"
-# },
-# "platform_setting_user_enforce_terms_and_conditions_message": {
-# "value": ""
-# },
-# "platform_setting_user_enforce_terms_and_conditions_title": {
-# "value": ""
-# },
-# "platform_setting_user_hide_unlicensed_modules_enabled": {
-# "value": "false"
-# },
-# "platform_setting_user_password_expiry": {
-# "value": "Never"
-# },
-# "platform_setting_user_password_expiry_send_email_enabled": {
-# "value": "false"
-# },
-# "platform_setting_user_password_length_min": {
-# "value": "8"
-# },
-# "platform_setting_user_password_require_letters_and_numbers_enabled": {
-# "value": "false"
-# },
-# "platform_setting_user_password_require_mixed_case_enabled": {
-# "value": "false"
-# },
-# "platform_setting_user_password_require_not_same_as_username_enabled": {
-# "value": "false"
-# },
-# "platform_setting_user_password_require_special_characters_enabled": {
-# "value": "false"
-# },
-# "platform_setting_user_session_duration_max": {
-# "value": "No Limit"
-# },
-# "platform_setting_user_session_idle_timeout": {
-# "value": "30 Minutes"
-# },
-# "platform_setting_user_sign_in_attempts_allowed_number": {
-# "value": "5"
-# },
-# "platform_setting_vmware_nsx_manager_node": {
-# "value": "1"
-# },
-# "platform_setting_whois_url": {
-# "value": ""
-# },
-# "platform_setting_windows_upgrade_on_activation_enabled": {
-# "value": "false"
-# },
-# "web_reputation_setting_event_rank_risk_blocked_by_administrator_rank": {
-# "value": "100"
-# },
-# "web_reputation_setting_event_rank_risk_dangerous": {
-# "value": "100"
-# },
-# "web_reputation_setting_event_rank_risk_highly_suspicious": {
-# "value": "50"
-# },
-# "web_reputation_setting_event_rank_risk_suspicious": {
-# "value": "25"
-# },
-# "web_reputation_setting_event_rank_risk_untested": {
-# "value": "25"
-# },
-# "web_reputation_setting_retain_event_duration": {
-# "value": "7 Days"
-# }
-# }
-# }
-
"""
from ansible.module_utils.six import iteritems
@@ -3016,8 +2408,7 @@ def main():
options=dict(value=dict(type="str", default="false")),
),
platform_setting_recommendation_ongoing_scans_enabled=dict(
- type="dict",
- options=dict(value=dict(type="str", default="No")),
+ type="dict", options=dict(value=dict(type="str"))
),
platform_setting_agent_initiated_activation_token=dict(
type="dict",
|