a10_threat_intel_threat_list
Synopsis
Threat Categories for malicious IPs
Parameters
Parameters |
Choices/Defaults |
Comment |
|
|---|---|---|---|
state str/required |
[‘noop’, ‘present’, ‘absent’] |
State of the object to be created. |
|
ansible_host str/required |
Host for AXAPI authentication |
||
ansible_username str/required |
Username for AXAPI authentication |
||
ansible_password str/required |
Password for AXAPI authentication |
||
ansible_port int/required |
Port for AXAPI authentication |
||
a10_device_context_id int |
[‘1-8’] |
Device ID for aVCS configuration |
|
a10_partition str |
Destination/target partition for object/command |
||
name str/required |
Threat category List name |
||
ntype str |
‘webroot’= Configure Webroot threat categories; |
||
all_categories bool |
Enable all categories |
||
spam_sources bool |
IP’s tunneling spam messages through a proxy, anomalous SMTP activities, and forum spam activities |
||
windows_exploits bool |
IP’s associated with malware, shell code, rootkits, worms or viruses |
||
web_attacks bool |
IP’s associated with cross site scripting, iFrame injection, SQL injection, cross domain injection, or domain password brute fo |
||
botnets bool |
Botnet C&C channels, and infected zombie machines controlled by Bot master |
||
scanners bool |
IP’s associated with probes, host scan, domain scan, and password brute force attack |
||
dos_attacks bool |
IP’s participating in DOS, DDOS, anomalous sync flood, and anomalous traffic detection |
||
reputation bool |
IP addresses currently known to be infected with malware |
||
phishing bool |
IP addresses hosting phishing sites, ad click fraud or gaming fraud |
||
proxy bool |
IP addresses providing proxy services |
||
mobile_threats bool |
IP’s associated with mobile threats |
||
tor_proxy bool |
IP’s providing tor proxy services |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
sampling_enable list |
Field sampling_enable |
||
counters1 str |
‘all’= all; ‘spam-sources’= Hits for spam sources; ‘windows-exploits’= Hits for windows exploits; ‘web-attacks’= Hits for web attacks; ‘botnets’= Hits for botnets; ‘scanners’= Hits for scanners; ‘dos-attacks’= Hits for dos attacks; ‘reputation’= Hits for reputation; ‘phishing’= Hits for phishing; ‘proxy’= Hits for proxy; ‘mobile-threats’= Hits for mobile threats; ‘tor-proxy’= Hits for tor-proxy; ‘total-hits’= Total hits for threat-list; |
||
stats dict |
Field stats |
||
spam_sources str |
Hits for spam sources |
||
windows_exploits str |
Hits for windows exploits |
||
web_attacks str |
Hits for web attacks |
||
botnets str |
Hits for botnets |
||
scanners str |
Hits for scanners |
||
dos_attacks str |
Hits for dos attacks |
||
reputation str |
Hits for reputation |
||
phishing str |
Hits for phishing |
||
proxy str |
Hits for proxy |
||
mobile_threats str |
Hits for mobile threats |
||
tor_proxy str |
Hits for tor-proxy |
||
total_hits str |
Total hits for threat-list |
||
name str |
Threat category List name |
||
Examples
Return Values
- modified_values (changed, dict, )
Values modified (or potential changes if using check_mode) as a result of task operation
- axapi_calls (always, list, )
Sequential list of AXAPI calls made by the task
- endpoint (, str, [‘/axapi/v3/slb/virtual_server’, ‘/axapi/v3/file/ssl-cert’])
The AXAPI endpoint being accessed.
- http_method (, str, [‘POST’, ‘GET’])
HTTP method being used by the primary task to interact with the AXAPI endpoint.
- request_body (, complex, )
Params used to query the AXAPI
- response_body (, complex, )
Response from the AXAPI
Status
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by community.