check_point.mgmt.cp_mgmt_threat_exception_facts – Get threat-exception objects facts on Check Point over Web Services API

Note

This plugin is part of the check_point.mgmt collection (version 2.2.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install check_point.mgmt.

To use it in a playbook, specify: check_point.mgmt.cp_mgmt_threat_exception_facts.

New in version 2.9: of check_point.mgmt

Synopsis

  • Get threat-exception objects facts on Check Point devices.

  • All operations are performed over Web Services API.

  • This module handles both operations, get a specific object and get several objects, For getting a specific object use the parameter ‘name’.

Parameters

Parameter

Comments

dereference_group_members

boolean

Indicates whether to dereference “members” field by details level for every object in reply.

Choices:

  • no

  • yes

details_level

string

The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object.

Choices:

  • uid

  • standard

  • full

exception_group_name

string

The name of the exception-group.

exception_group_uid

string

The UID of the exception-group.

filter

string

Search expression to filter the rulebase. The provided text should be exactly the same as it would be given in Smart Console. The logical operators in the expression (‘AND’, ‘OR’) should be provided in capital letters. If an operator is not used, the default OR operator applies.

filter_settings

dictionary

Sets filter preferences.

packet_search_settings

dictionary

When ‘search-mode’ is set to ‘packet’, this object allows to set the packet search preferences.

expand_group_members

boolean

When true, if the search expression contains a UID or a name of a group object, results will include rules that match on at least one member of the group.

Choices:

  • no

  • yes

expand_group_with_exclusion_members

boolean

When true, if the search expression contains a UID or a name of a group-with-exclusion object, results will include rules that match at least one member of the “include” part and is not a member of the “except” part.

Choices:

  • no

  • yes

match_on_any

boolean

Whether to match on ‘Any’ object.

Choices:

  • no

  • yes

match_on_group_with_exclusion

boolean

Whether to match on a group-with-exclusion.

Choices:

  • no

  • yes

match_on_negate

boolean

Whether to match on a negated cell.

Choices:

  • no

  • yes

search_mode

string

When set to ‘general’, both the Full Text Search and Packet Search are enabled. In this mode, Packet Search will not match on ‘Any’ object, a negated cell or a group-with-exclusion. When the search-mode is set to ‘packet’, by default, the match on ‘Any’ object, a negated cell or a group-with-exclusion are enabled. packet-search-settings may be provided to change the default behavior.

Choices:

  • general

  • packet

layer

string

Layer that the rule belongs to identified by the name or UID.

limit

integer

No more than that many results will be returned. This parameter is relevant only for getting few objects.

name

string

The name of the layer containing the parent threat rule. This parameter is relevant only for getting few objects.

offset

integer

Skip that many results before beginning to return them. This parameter is relevant only for getting few objects.

order

list / elements=string

Sorts results by the given field. By default the results are sorted in the ascending order by name. This parameter is relevant only for getting few objects.

ASC

string

Sorts results by the given field in ascending order.

Choices:

  • name

DESC

string

Sorts results by the given field in descending order.

Choices:

  • name

package

string

Name of the package.

rule_name

string

The name of the parent rule.

show_membership

boolean

Indicates whether to calculate and show “groups” field for every object in reply.

Choices:

  • no

  • yes

use_object_dictionary

boolean

N/A

Choices:

  • no

  • yes

version

string

Version of checkpoint. If not given one, the latest version taken.

Examples

- name: show-threat-exception
  cp_mgmt_threat_exception_facts:
    name: Exception Rule
    layer: New Layer 1
    rule_name: Threat Rule 1

- name: show-threat-rule-exception-rulebase
  cp_mgmt_threat_exception_facts:
    name: Standard Threat Prevention
    rule_name: Threat Rule 1

Authors

  • Or Soffer (@chkp-orso)