sophos.sophos_firewall.sfos_atp module – Manage Active Threat Protection (Protect > Active threat response > Sophos X-Ops threat feeds)
Note
This module is part of the sophos.sophos_firewall collection (version 2.0.1).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install sophos.sophos_firewall.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: sophos.sophos_firewall.sfos_atp.
New in sophos.sophos_firewall 1.0.0
Synopsis
Manage Active Threat Protection (Protect > Active threat response > Sophos X-Ops threat feeds) on Sophos Firewall
Requirements
The below requirements are needed on the host that executes this module.
sophosfirewall-python
Beginning in version 2.0.0, this module requires use of an httpapi connection plugin. See the HTTPAPI example for details.
Parameters
Parameter |
Comments |
|---|---|
Enable (true) or disable (false) threat feeds Choices:
|
|
Configure inspection of only untrusted or both trusted and untrusted content Choices:
|
|
Configure logging policy Choices:
|
|
Use Choices:
|
Examples
- name: Update advanced threat protection settings
sophos.sophos_firewall.sfos_atp:
enabled: true
inspect_content: untrusted
logging_policy: Log and Drop
state: updated
vars:
ansible_command_timeout: 90
- name: Query advanced threat protection settings
sophos.sophos_firewall.sfos_atp:
state: query
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Serialized object containing the API response. Returned: always |
Collection links
Warning
If the firewall is a member of a group in Central, the changes made by Ansible will override the settings of the group. The actual configuration on the firewall may then differ from what is displayed for the same setting in the Central group.