threatprotection:grid:rule : Threat protection custom rule object.

This object provides information about the threat protection custom rule settings.

Object Reference

References to threatprotection:grid:rule are object references.

The name part of the threatprotection:grid:rule object reference has the following components:

  • The name of the threat protection ruleset the custom rule assigned to.
  • The name of the threat protection custom rule with its rule config parameters concatenated.
  • The sid of the threat protection custom rule.
Example:
threatprotection:grid:rule/YXRwLmNsdXN0yb3BlcnRpZXMkMA: UDPAttackCounterMeasures:DDOSPrevention%3A:4916

Restrictions

The object does not support the following operations:

The object cannot be managed on Cloud Platform members.

Fields

These fields are actual members of the object; thus, they can be requested by using _return_fields, if the fields are readable.

The basic version of the object contains the field(s): name, ruleset, sid.

The following fields are required to create this object:

Field Notes
template  

allowed_actions

allowed_actions

The list of allowed actions of the custom rule.

Type

Enum values array.

Valid values are:
  • ALERT
  • DROP
  • PASS

Search

The field is not available for search.

Notes

The allowed_actions cannot be updated.

allowed_actions cannot be written.

category

category

The rule category the custom rule assigned to.

Type

String.

This field supports nested return fields as described here.

Search

The field is available for search via

  • ‘=’ (exact equality)

Notes

The category cannot be updated.

category cannot be written.

comment

comment

The human readable comment for the custom rule.

Type

String.

Values with leading or trailing white space are not valid for this field.

Create

The default value is empty.

Search

The field is available for search via

  • ‘:=’ (case insensitive search)
  • ‘=’ (exact equality)
  • ‘~=’ (regular expression)

config

config

The rule config of the template.

Type

A/An Threat protection rule configuration struct.

Create

The default value is undefined.

Search

The field is not available for search.

description

description

The description of the custom rule.

Type

String.

Search

The field is available for search via

  • ‘:=’ (case insensitive search)
  • ‘=’ (exact equality)
  • ‘~=’ (regular expression)

Notes

The description cannot be updated.

description cannot be written.

disabled

disabled

Determines if the custom rule is disabled.

Type

Bool.

Create

The default value is True.

Search

The field is not available for search.

is_factory_reset_enabled

is_factory_reset_enabled

Determines if factory reset is enabled for the custom rule.

Type

Bool.

Search

The field is not available for search.

Notes

The is_factory_reset_enabled cannot be updated.

is_factory_reset_enabled cannot be written.

name

name

The name of the rule custom rule concatenated with its rule config parameters.

Type

String.

Search

The field is available for search via

  • ‘:=’ (case insensitive search)
  • ‘=’ (exact equality)
  • ‘~=’ (regular expression)

Notes

The name is part of the base object.

The name cannot be updated.

name cannot be written.

ruleset

ruleset

The version of the ruleset the custom rule assigned to.

Type

String.

Search

The field is available for search via

  • ‘=’ (exact equality)

Notes

The ruleset is part of the base object.

The ruleset cannot be updated.

ruleset cannot be written.

sid

sid

The Rule ID.

Type

Unsigned integer.

Search

The field is available for search via

  • ‘=’ (exact equality)

Notes

The sid is part of the base object.

The sid cannot be updated.

sid cannot be written.

template

template

The threat protection rule template used to create this rule.

Type

String.

This field supports nested return fields as described here.

Create

The field is required on creation.

Search

The field is available for search via

  • ‘=’ (exact equality)

type

type

The type of the custom rule.

Type

String.

Valid values are:
  • AUTO
  • CUSTOM
  • SYSTEM

Search

The field is available for search via

  • ‘=’ (exact equality)

Notes

The type cannot be updated.

type cannot be written.

Fields List

Field Type Req R/O Base Search
allowed_actions [Enum] N Y N N/A
category String N Y N =
comment String N N N : = ~
config struct N N N N/A
description String N Y N : = ~
disabled Bool N N N N/A
is_factory_reset_enabled Bool N Y N N/A
name String N Y Y : = ~
ruleset String N Y Y =
sid Unsigned int N Y Y =
template String Y N N =
type String N Y N =