cp_mgmt_threat_indicator – Manages threat-indicator objects on Check Point over Web Services API¶
New in version 2.9.
Synopsis¶
- Manages threat-indicator objects on Check Point devices including creating, updating and removing objects.
- All operations are performed over Web Services API.
Parameters¶
Examples¶
- name: add-threat-indicator
  cp_mgmt_threat_indicator:
    action: ask
    ignore_warnings: true
    name: My_Indicator
    observables:
    - confidence: medium
      mail_to: someone@somewhere.com
      name: My_Observable
      product: AV
      severity: low
    profile_overrides:
    - action: detect
      profile: My_Profile
    state: present
- name: set-threat-indicator
  cp_mgmt_threat_indicator:
    action: prevent
    ignore_warnings: true
    name: My_Indicator
    state: present
- name: delete-threat-indicator
  cp_mgmt_threat_indicator:
    name: My_Indicator
    state: absent
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | 
|---|---|---|
| cp_mgmt_threat_indicator 
                  dictionary
                                       | always, except when deleting the object. | The checkpoint object created or updated. | 
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- Or Soffer (@chkp-orso)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
