The Grid threat protection settings.
References to grid:threatprotection are object references.
The name part of the grid:threatprotection object reference has the following components:
- The name of the Grid.
The object does not support the following operations:
The object cannot be managed on Cloud Platform members.
These fields are actual members of the object; thus, they can be requested by using _return_fields, if the fields are readable.
The basic version of the object contains the field(s): grid_name.
The current Grid ruleset.
Type
String.
Create
The default value is undefined.
Search
The field is not available for search.
Determines if multiple BIND responses via TCP connection are disabled.
Type
Bool.
Create
The default value is True.
Search
The field is not available for search.
Determines if DNS responses are sent from acceleration cache before applying Threat Protection rules. Recommended for better performance when using DNS Cache Acceleration.
Type
Bool.
Create
The default value is True.
Search
The field is not available for search.
Determines if auto download service is enabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines if NAT (Network Address Translation) mapping for threat protection is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines if scheduled download is enabled. The default frequency is once in every 24 hours if it is disabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
The number of events logged per second per rule.
Type
Unsigned integer.
Create
The default value is 1.
Search
The field is not available for search.
The Grid name.
Type
String.
Search
The field is not available for search.
Notes
The grid_name is part of the base object.
The grid_name cannot be updated.
grid_name cannot be written.
The time when the Grid last checked for updates.
Type
Timestamp.
Search
The field is not available for search.
Notes
The last_checked_for_update cannot be updated.
last_checked_for_update cannot be written.
The last rule update timestamp.
Type
Timestamp.
Search
The field is not available for search.
Notes
The last_rule_update_timestamp cannot be updated.
last_rule_update_timestamp cannot be written.
The version of last rule update.
Type
String.
Search
The field is not available for search.
Notes
The last_rule_update_version cannot be updated.
last_rule_update_version cannot be written.
The list of NAT mapping rules for threat protection.
Type
A/An NAT Threat Protection Rule struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Outbound settings for ATP events.
Type
A/An Outbound settings for ATP events struct.
Create
The default value is:
{ 'enable_query_fqdn': False, 'query_fqdn_limit': 2}
Search
The field is not available for search.
The update rule policy.
Type
String.
Create
The default value is AUTOMATIC.
Search
The field is not available for search.
The schedule setting for automatic rule update.
Type
A/An Schedule Setting struct.
Create
The default value is empty.
Search
The field is not available for search.
This function is used to invoke a factory reset on an ATP object.
This function does not support multiple object matches when called as part of an atomic insertion operation.
Input fields
atp_object ( String. ). This parameter is mandatory. The reference to object to reset. It can be a rule, ruleset, or a category.
delete_custom_rules ( Bool. ). This parameter is mandatory. Determines if custom rules will be deleted. Applicable only if atp_object is a ruleset or a category. The default value is “False”.
Output fields
None
This function is used to test the connectivity to the ATP server.
This function does not support multiple object matches when called as part of an atomic insertion operation.
Input fields
None
Output fields
error_messages ( String array. ) List of errors that occured.
overall_status ( String. Valid values are: “SUCCESS”, “FAILED” ) Overall status of the test.
| Field | Type | Req | R/O | Base | Search |
|---|---|---|---|---|---|
| current_ruleset | String | N | N | N | N/A |
| disable_multiple_dns_tcp_request | Bool | N | N | N | N/A |
| enable_accel_resp_before_threat_protection | Bool | N | N | N | N/A |
| enable_auto_download | Bool | N | N | N | N/A |
| enable_nat_rules | Bool | N | N | N | N/A |
| enable_scheduled_download | Bool | N | N | N | N/A |
| events_per_second_per_rule | Unsigned int | N | N | N | N/A |
| grid_name | String | N | Y | Y | N/A |
| last_checked_for_update | Timestamp | N | Y | N | N/A |
| last_rule_update_timestamp | Timestamp | N | Y | N | N/A |
| last_rule_update_version | String | N | Y | N | N/A |
| nat_rules | [struct] | N | N | N | N/A |
| outbound_settings | struct | N | N | N | N/A |
| rule_update_policy | String | N | N | N | N/A |
| scheduled_download | struct | N | N | N | N/A |
grid:threatanalytics : Grid threat analytics object.