ibm.qradar.rule_info module – Obtain information about one or many QRadar Rules, with filter options
Note
This module is part of the ibm.qradar collection (version 2.1.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install ibm.qradar
.
To use it in a playbook, specify: ibm.qradar.rule_info
.
New in ibm.qradar 1.0.0
DEPRECATED
- Removed in
major release after 2024-09-01
- Why
Newer and updated modules released with more functionality.
- Alternative
qradar_analytics_rules
Synopsis
This module obtains information about one or many QRadar Rules, with filter options
Parameters
Parameter |
Comments |
---|---|
Obtain only information of the Rule with provided ID |
|
Obtain only information of the Rule that matches the provided name |
|
Obtain only information of Rules that are of a certain origin Choices:
|
|
Obtain only information of Rules owned by a certain user |
|
Obtain only information for the Rules of a certain type Choices:
|
Notes
Note
You may provide many filters and they will all be applied, except for
id
as that will return only the Rule identified by the unique ID provided.
Examples
- name: Get information about the Rule named "Custom Company DDoS Rule"
ibm.qradar.rule_info:
name: "Custom Company DDoS Rule"
register: custom_ddos_rule_info
- name: debugging output of the custom_ddos_rule_info registered variable
debug:
var: custom_ddos_rule_info
Status
This module will be removed in a major release after 2024-09-01. [deprecated]
For more information see DEPRECATED.