Note
This plugin is part of the cisco.meraki collection.
To install it use: ansible-galaxy collection install cisco.meraki
.
To use it in a playbook, specify: cisco.meraki.meraki_mx_intrusion_prevention
.
Parameter | Choices/Defaults | Comments | |
---|---|---|---|
allowed_rules list / elements=dictionary | List of IDs related to rules which are allowed for the organization. | ||
message string | Description of rule. This is overwritten by the API. | ||
rule_id string | ID of rule as defined by Snort. | ||
auth_key string / required | Authentication key provided by the dashboard. Required if environmental variable MERAKI_KEY is not set. | ||
host string | Default: "api.meraki.com" | Hostname for Meraki dashboard. Can be used to access regional Meraki environments, such as China. | |
ids_rulesets string |
| Ruleset complexity setting. | |
internal_error_retry_time integer | Default: 60 | Number of seconds to retry if server returns an internal server error. | |
mode string |
| Operational mode of Intrusion Prevention system. | |
net_id string | ID number of a network. | ||
net_name string | Name of a network. aliases: name, network | ||
org_id string | ID of organization. | ||
org_name string | Name of organization. aliases: organization | ||
output_format string |
| Instructs module whether response keys should be snake case (ex. net_id ) or camel case (ex. netId ). | |
output_level string |
| Set amount of debug output during module execution. | |
protected_networks dictionary | Set included/excluded networks for Intrusion Prevention. | ||
excluded_cidr list / elements=string | List of network IP ranges to exclude from scanning. | ||
included_cidr list / elements=string | List of network IP ranges to include in scanning. | ||
use_default boolean |
| Whether to use special IPv4 addresses per RFC 5735. | |
rate_limit_retry_time integer | Default: 165 | Number of seconds to retry if rate limiter is triggered. | |
state string |
| Create or modify an organization. | |
timeout integer | Default: 30 | Time to timeout for HTTP requests. | |
use_https boolean |
| If no , it will use HTTP. Otherwise it will use HTTPS.Only useful for internal Meraki developers. | |
use_proxy boolean |
| If no , it will not use a proxy, even if one is defined in an environment variable on the target hosts. | |
validate_certs boolean |
| Whether to validate HTTP certificates. |
Note
ANSIBLE_MERAKI_FORMAT
environment variable to camelcase
.- name: Set whitelist for organization meraki_intrusion_prevention: auth_key: '{{auth_key}}' state: present org_id: '{{test_org_id}}' allowed_rules: - rule_id: "meraki:intrusion/snort/GID/01/SID/5805" message: Test rule delegate_to: localhost - name: Query IPS info for organization meraki_intrusion_prevention: auth_key: '{{auth_key}}' state: query org_name: '{{test_org_name}}' delegate_to: localhost register: query_org - name: Set full ruleset with check mode meraki_intrusion_prevention: auth_key: '{{auth_key}}' state: present org_name: '{{test_org_name}}' net_name: '{{test_net_name}} - IPS' mode: prevention ids_rulesets: security protected_networks: use_default: true included_cidr: - 192.0.1.0/24 excluded_cidr: - 10.0.1.0/24 delegate_to: localhost - name: Clear rules from organization meraki_intrusion_prevention: auth_key: '{{auth_key}}' state: absent org_name: '{{test_org_name}}' allowed_rules: [] delegate_to: localhost
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description | ||
---|---|---|---|---|
data complex | success | Information about the Threat Protection settings. | ||
idsRulesets string | success, when network is queried or modified | Setting of selected ruleset. Sample: balanced | ||
mode string | success, when network is queried or modified | Enabled setting of intrusion prevention. Sample: enabled | ||
protectedNetworks complex | success, when network is queried or modified | Networks protected by IPS. | ||
excludedCidr string | success, when network is queried or modified | List of CIDR notiation networks to exclude from protection. Sample: 192.0.1.0/24 | ||
includedCidr string | success, when network is queried or modified | List of CIDR notiation networks to protect. Sample: 192.0.1.0/24 | ||
useDefault boolean | success, when network is queried or modified | Whether to use special IPv4 addresses. Sample: True | ||
whitelistedRules complex | success, when organization is queried or modified | List of whitelisted IPS rules. | ||
message string | success, when organization is queried or modified | Description of rule. Sample: MALWARE-OTHER Trackware myway speedbar runtime detection - switch engines | ||
ruleId string | success, when organization is queried or modified | A rule identifier for an IPS rule. Sample: meraki:intrusion/snort/GID/01/SID/5805 |
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/cisco/meraki/meraki_mx_intrusion_prevention_module.html