threatprotection:ruletemplate : Threat protection rule template object.

This object provides information about the threat protection rule template settings.

Object Reference

References to threatprotection:ruletemplate are object references.

The name part of the threatprotection:ruletemplate object reference has the following components:

  • The name of the threat protection ruleset the template assigned to.
  • The name of the threat protection template.
  • The sid of the threat protection template.
Example:
threatprotection:ruletemplate/YXRwLmNsdXN0yb3BlcnRpZXMkMA: UDPAttackCounterMeasures:DDOSPrevention:4916

Restrictions

The object does not support the following operations:

  • Create (insert)
  • Delete
  • Modify (update)
  • Permissions
  • Global search (searches via the search object)
  • Scheduling
  • CSV export

The object cannot be managed on Cloud Platform members.

Fields

These fields are actual members of the object; thus, they can be requested by using _return_fields, if the fields are readable.

The basic version of the object contains the field(s): name, ruleset, sid.

allowed_actions

allowed_actions

The list of allowed actions of rhe rule template.

Type

Enum values array.

Valid values are:
  • ALERT
  • DROP
  • PASS

Search

The field is not available for search.

Notes

The allowed_actions cannot be updated.

allowed_actions cannot be written.

category

category

The rule category this template assigned to.

Type

String.

This field supports nested return fields as described here.

Search

The field is available for search via

  • ‘=’ (exact equality)

Notes

The category cannot be updated.

category cannot be written.

default_config

default_config

The rule config of this template.

Type

A/An Threat protection rule configuration struct.

Search

The field is not available for search.

Notes

The default_config cannot be updated.

default_config cannot be written.

description

description

The description of the rule template.

Type

String.

Search

The field is available for search via

  • ‘:=’ (case insensitive search)
  • ‘=’ (exact equality)
  • ‘~=’ (regular expression)

Notes

The description cannot be updated.

description cannot be written.

name

name

The name of the rule template.

Type

String.

Search

The field is available for search via

  • ‘:=’ (case insensitive search)
  • ‘=’ (exact equality)
  • ‘~=’ (regular expression)

Notes

The name is part of the base object.

The name cannot be updated.

name cannot be written.

ruleset

ruleset

The version of the ruleset the template assigned to.

Type

String.

Search

The field is available for search via

  • ‘=’ (exact equality)

Notes

The ruleset is part of the base object.

The ruleset cannot be updated.

ruleset cannot be written.

sid

sid

The Rule ID.

Type

Unsigned integer.

Search

The field is available for search via

  • ‘=’ (exact equality)

Notes

The sid is part of the base object.

The sid cannot be updated.

sid cannot be written.

Fields List

Field Type Req R/O Base Search
allowed_actions [Enum] N Y N N/A
category String N Y N =
default_config struct N Y N N/A
description String N Y N : = ~
name String N Y Y : = ~
ruleset String N Y Y =
sid Unsigned int N Y Y =