Trend Micro Deep Security
Trend Micro Deep Security Pack.#
This Integration is part of theSupported versions
Supported Cortex XSOAR versions: 6.0.0 and later.
Trend Micro Deep Security This integration was integrated and tested with version 20.0 of Trend Micro Deep Security, and v1 of the API.
#
Changes compared to TrendMicroDsm#
Changes in commands- trendmicro-create-computer - New command.
- trendmicro-search-computers - New command.
- trendmicro-get-computer - New command.
- trendmicro-list-computers - New command.
- trendmicro-modify-computer - New command.
- trendmicro-delete-computer - New command.
- trendmicro-get-computer-setting - New command.
- trendmicro-modify-computer-setting - New command.
- trendmicro-reset-computer-setting - New command.
- trendmicro-list-computer-groups - New command.
- trendmicro-create-computer-group - New command.
- trendmicro-search-computer-groups - New command.
- trendmicro-get-computer-group - New command.
- trendmicro-modify-computer-group - New command.
- trendmicro-delete-computer-group - New command.
- trendmicro-search-firewall-rules - New command.
- trendmicro-list-firewall-rules - New command.
- trendmicro-create-firewall-rule - New command.
- trendmicro-get-firewall-rule - New command.
- trendmicro-modify-firewall-rule - New command.
- trendmicro-delete-firewall-rule - New command.
- trendmicro-list-firewall-rule-ids-of-computer - New command.
- trendmicro-add-firewall-rule-ids-to-computer - New command.
- trendmicro-set-firewall-rule-ids-to-computer - New command.
- trendmicro-get-policy - New command.
- trendmicro-modify-policy - New command.
- trendmicro-delete-policy - New command.
- trendmicro-get-policy-setting - New command.
- trendmicro-modify-policy-setting - New command.
- trendmicro-reset-policy-setting - New command.
- trendmicro-list-policies - New command.
- trendmicro-search-policies - New command.
- trendmicro-create-policy - New command.
- trendmicro-remove-firewall-rule-id-from-computer - New command.
- trendmicro-list-default-policy-settings - New command.
- trendmicro-get-default-policy-setting - New command.
- trendmicro-modify-default-policy-setting - New command.
- trendmicro-reset-default-policy-setting - New command.
#
Configure Trend Micro Deep Security in CortexParameter | Description | Required |
---|---|---|
Server URL | Server URL for TrendMicro console. e.g: https://ip:port/ | True |
API Secret | The API secret key | True |
API Version | The API version used | False |
Trust any certificate (not secure) | False | |
Use system proxy settings | False |
#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
trendmicro-create-computerCreate a new computer
#
Base Commandtrendmicro-create-computer
#
InputArgument Name | Description | Required |
---|---|---|
expand | Determines the computer information to include in the response. Notice that the information is appended to the context data only. Possible values are: none, all, computerStatus, tasks, securityUpdates, computerSettings, allSecurityModules, antiMalware, webReputation, activityMonitoring, firewall, intrusionPrevention, integrityMonitoring, logInspection, applicationControl, SAP, interfaces, ESXSummary, allVirtualMachineSummaries, azureARMVirtualMachineSummary, azureVMVirtualMachineSummary, ec2VirtualMachineSummary, noConnectorVirtualMachineSummary, vmwareVMVirtualMachineSummary, vcloudVMVirtualMachineSummary, workspaceVirtualMachineSummary, gcpVirtualMachineSummary. Default is none. | Optional |
overrides | Show only overrides defined for the current computer. Possible values are: true, false. Default is false. | Optional |
host_name | Hostname of the computer. | Optional |
display_name | Display name of the computer. | Optional |
description | Description of the computer. | Optional |
group_id | ID of the computer group to which the computer belongs. | Optional |
policy_id | ID of the policy assigned to the computer. | Optional |
asset_importance_id | ID of the asset importance assigned to the computer. | Optional |
relay_list_id | ID of the relay list that is assigned to the computer. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.Computers.hostName | string | Hostname of the computer |
TrendMicro.Computers.displayName | string | Display name of the computer |
TrendMicro.Computers.description | string | Description of the computer |
TrendMicro.Computers.groupID | integer | ID of the computer group to which the computer belongs |
TrendMicro.Computers.policyID | integer | ID of the policy assigned to the computer |
TrendMicro.Computers.assetImportanceID | integer | ID of the asset importance assigned to the computer |
TrendMicro.Computers.relayListID | integer | ID of the relay list that is assigned to the computer |
#
Command Example!trendmicro-create-computer host_name="example_computer"
#
Context Example#
Human Readable Output#
Details for the new computer example_computer
ID Host Name Group ID 217 example_computer 0
#
trendmicro-search-computersSearch for specific computers by some field name with a certain type. Every field has a specific type. It can be a simple type like a string, a numeric or a boolean. However, it can also be a choice, which is a string with specific options (enumeration). To search, you must provide the field_name & field_type, the operation to perform, and the value to search.
#
Base Commandtrendmicro-search-computers
#
InputArgument Name | Description | Required |
---|---|---|
max_items | Limits the number of objects returned. | Optional |
field_name | The field name to search for. Possible values are: hostName, displayName, description, groupID, policyID, assetImportanceID, relayListID. | Required |
field_type | The type of the field. Possible values are: boolean, numeric, choice, id, string. | Required |
operation | The search conditional to test on the field name. Possible values are: less-than, less-than-or-equal, equal, greater-than-or-equal, greater-than, not-equal. | Required |
value | The value to compare. | Required |
sort_by_object_id | If true, forces the response objects to be sorted by ID, overriding the default sort order. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.Computers.hostName | string | Hostname of the computer |
TrendMicro.Computers.displayName | string | Display name of the computer |
TrendMicro.Computers.description | string | Description of the computer |
TrendMicro.Computers.groupID | integer | ID of the computer group to which the computer belongs |
TrendMicro.Computers.policyID | integer | ID of the policy assigned to the computer |
TrendMicro.Computers.assetImportanceID | integer | ID of the asset importance assigned to the computer |
TrendMicro.Computers.relayListID | integer | ID of the relay list that is assigned to the computer |
#
Command Example!trendmicro-search-computers field_name=groupID field_type=numeric operation=equal value=0
#
Context Example#
Human Readable Output#
Matched Computers
ID Host Name Description Group ID 1 q1 Modified Test 0 2 q2 Modified Test 0 3 poc Modified Test 0 34 aaaaa Modified Test 0 166 poc1 Modified Test 0 216 example_computer 0
#
trendmicro-get-computerGet information about a certain computer
#
Base Commandtrendmicro-get-computer
#
InputArgument Name | Description | Required |
---|---|---|
computer_id | The ID number of the computer to get. | Required |
expand | Determines the computer information to include in the response. Notice that the information is appended to the context data only. Possible values are: none, all, computerStatus, tasks, securityUpdates, computerSettings, allSecurityModules, antiMalware, webReputation, activityMonitoring, firewall, intrusionPrevention, integrityMonitoring, logInspection, applicationControl, SAP, interfaces, ESXSummary, allVirtualMachineSummaries, azureARMVirtualMachineSummary, azureVMVirtualMachineSummary, ec2VirtualMachineSummary, noConnectorVirtualMachineSummary, vmwareVMVirtualMachineSummary, vcloudVMVirtualMachineSummary, workspaceVirtualMachineSummary, gcpVirtualMachineSummary. Default is none. | Optional |
overrides | Show only overrides defined for the current computer. Possible values are: true, false. Default is false. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.Computers.hostName | string | Hostname of the computer |
TrendMicro.Computers.displayName | string | Display name of the computer |
TrendMicro.Computers.description | string | Description of the computer |
TrendMicro.Computers.groupID | integer | ID of the computer group to which the computer belongs |
TrendMicro.Computers.policyID | integer | ID of the policy assigned to the computer |
TrendMicro.Computers.assetImportanceID | integer | ID of the asset importance assigned to the computer |
TrendMicro.Computers.relayListID | integer | ID of the relay list that is assigned to the computer |
#
Command Example!trendmicro-get-computer computer_id=216
#
Context Example#
Human Readable Output#
Details for the computer example_computer
ID Host Name Group ID 216 example_computer 0
#
trendmicro-list-computersGet information of all existing computers
#
Base Commandtrendmicro-list-computers
#
InputArgument Name | Description | Required |
---|---|---|
expand | Determines the computer information to include in the response. Notice that the information is appended to the context data only. Possible values are: none, all, computerStatus, tasks, securityUpdates, computerSettings, allSecurityModules, antiMalware, webReputation, activityMonitoring, firewall, intrusionPrevention, integrityMonitoring, logInspection, applicationControl, SAP, interfaces, ESXSummary, allVirtualMachineSummaries, azureARMVirtualMachineSummary, azureVMVirtualMachineSummary, ec2VirtualMachineSummary, noConnectorVirtualMachineSummary, vmwareVMVirtualMachineSummary, vcloudVMVirtualMachineSummary, workspaceVirtualMachineSummary, gcpVirtualMachineSummary. Default is none. | Optional |
overrides | Show only overrides defined for the current computer. Possible values are: true, false. Default is false. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.Computers.hostName | string | Hostname of the computer |
TrendMicro.Computers.displayName | string | Display name of the computer |
TrendMicro.Computers.description | string | Description of the computer |
TrendMicro.Computers.groupID | integer | ID of the computer group to which the computer belongs |
TrendMicro.Computers.policyID | integer | ID of the policy assigned to the computer |
TrendMicro.Computers.assetImportanceID | integer | ID of the asset importance assigned to the computer |
TrendMicro.Computers.relayListID | integer | ID of the relay list that is assigned to the computer |
#
Command Example!trendmicro-list-computers expand="firewall"
#
Context Example#
Human Readable Output#
All computers list
ID Host Name Description Group ID 1 q1 Modified Test 0 2 q2 Modified Test 0 3 poc Modified Test 0 34 aaaaa Modified Test 0 166 poc1 Modified Test 0 216 example_computer 0
#
trendmicro-modify-computerModify properties of a certain computer
#
Base Commandtrendmicro-modify-computer
#
InputArgument Name | Description | Required |
---|---|---|
computer_id | The ID number of the computer to modify. | Required |
expand | Determines the computer information to include in the response. Notice that the information is appended to the context data only. Possible values are: none, all, computerStatus, tasks, securityUpdates, computerSettings, allSecurityModules, antiMalware, webReputation, activityMonitoring, firewall, intrusionPrevention, integrityMonitoring, logInspection, applicationControl, SAP, interfaces, ESXSummary, allVirtualMachineSummaries, azureARMVirtualMachineSummary, azureVMVirtualMachineSummary, ec2VirtualMachineSummary, noConnectorVirtualMachineSummary, vmwareVMVirtualMachineSummary, vcloudVMVirtualMachineSummary, workspaceVirtualMachineSummary, gcpVirtualMachineSummary. Default is none. | Optional |
host_name | Hostname of the computer. | Optional |
display_name | Display name of the computer. | Optional |
description | Description of the computer. | Optional |
group_id | ID of the computer group to which the computer belongs. | Optional |
policy_id | ID of the policy assigned to the computer. | Optional |
asset_importance_id | ID of the asset importance assigned to the computer. | Optional |
relay_list_id | ID of the relay list that is assigned to the computer. | Optional |
overrides | Show the value only if defined for the current computer. Possible values are: true, false. Default is false. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.Computers.hostName | string | Hostname of the computer |
TrendMicro.Computers.displayName | string | Display name of the computer |
TrendMicro.Computers.description | string | Description of the computer |
TrendMicro.Computers.groupID | integer | ID of the computer group to which the computer belongs |
TrendMicro.Computers.policyID | integer | ID of the policy assigned to the computer |
TrendMicro.Computers.assetImportanceID | integer | ID of the asset importance assigned to the computer |
TrendMicro.Computers.relayListID | integer | ID of the relay list that is assigned to the computer |
#
Command Example!trendmicro-modify-computer computer_id=216 description="Example computer description"
#
Context Example#
Human Readable Output#
Details for the computer example_computer
ID Host Name Description Group ID 216 example_computer Example computer description 0
#
trendmicro-delete-computerDelete a certain computer
#
Base Commandtrendmicro-delete-computer
#
InputArgument Name | Description | Required |
---|---|---|
computer_id | The ID number of the computer to delete. | Required |
#
Context OutputThere is no context output for this command.
#
Command Example!trendmicro-delete-computer computer_id=216
#
Human Readable OutputThe computer was successfully deleted!
#
trendmicro-get-computer-settingGet information about a setting of a certain computer
#
Base Commandtrendmicro-get-computer-setting
#
InputArgument Name | Description | Required |
---|---|---|
computer_id | The ID number of the computer. | Required |
name | The name of the setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource. | Required |
overrides | Show the value only if defined for the current computer. Possible values are: true, false. Default is false. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.ComputersSettings.computerId | integer | The computer id that owns the computer |
TrendMicro.ComputersSettings.name | string | The name of the setting |
TrendMicro.ComputersSettings.value | string | The value of a setting |
#
Command Example!trendmicro-get-computer-setting computer_id=216 name=activityMonitoringSettingActivityEnabled
#
Context Example#
Human Readable Output#
Settings for computer 216
Computer ID Name Value activityMonitoringSettingActivityEnabled Off
#
trendmicro-modify-computer-settingModify a setting of a certain computer
#
Base Commandtrendmicro-modify-computer-setting
#
InputArgument Name | Description | Required |
---|---|---|
computer_id | The ID number of the computer. | Required |
name | The name of the setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource. | Required |
overrides | Show the value only if defined for the current computer. Possible values are: true, false. Default is false. | Optional |
value | Value of a Setting. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.ComputersSettings.computerId | integer | The ID of the computer that owns the setting |
TrendMicro.ComputersSettings.name | string | The name of the setting |
TrendMicro.ComputersSettings.value | string | Value of a Setting |
#
Command Example!trendmicro-modify-computer-setting computer_id=216 name=activityMonitoringSettingActivityEnabled value=on
#
Context Example#
Human Readable Output#
Settings for computer 216
Computer ID Name Value activityMonitoringSettingActivityEnabled On
#
trendmicro-reset-computer-settingReset a setting of certain computer to its default value.
#
Base Commandtrendmicro-reset-computer-setting
#
InputArgument Name | Description | Required |
---|---|---|
computer_id | The ID number of the computer. | Required |
name | The name of the setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource. | Required |
overrides | Show the value only if defined for the current computer. Possible values are: true, false. Default is false. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.ComputersSettings.computerId | integer | The ID of the computer that owns the setting |
TrendMicro.ComputersSettings.name | string | The name of the setting |
TrendMicro.ComputersSettings.value | string | The value of the setting |
#
Command Example!trendmicro-reset-computer-setting computer_id=216 name=activityMonitoringSettingActivityEnabled
#
Context Example#
Human Readable Output#
Settings for computer 216
Computer ID Name Value activityMonitoringSettingActivityEnabled Off
#
trendmicro-list-computer-groupsGet information about all existing computer groups
#
Base Commandtrendmicro-list-computer-groups
#
InputArgument Name | Description | Required |
---|
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.ComputerGroups.name | string | Name of the computer group |
TrendMicro.ComputerGroups.description | string | Description of the computer group |
TrendMicro.ComputerGroups.parentGroupID | integer | ID of the computer group's parent group |
#
Command Example!trendmicro-list-computer-groups
#
Context Example#
Human Readable Output#
Computer Groups
ID Name Description Parent Group ID 1 PoC Group Testing Group 100 Test Test Group 1 110 Example Computer Group 1
#
trendmicro-create-computer-groupCreate a new computer group
#
Base Commandtrendmicro-create-computer-group
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the computer group. | Required |
description | Description of the computer group. | Optional |
parent_group_id | ID of the computer group's parent group. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.ComputerGroups.name | string | Name of the computer group |
TrendMicro.ComputerGroups.description | string | Description of the computer group |
TrendMicro.ComputerGroups.parentGroupID | integer | ID of the computer group's parent group |
#
Command Example!trendmicro-create-computer-group name="Example Computer Group" description="Example computer group description" parent_group_id=1
#
Context Example#
Human Readable Output#
Computer Groups
ID Name Description Parent Group ID 111 Example Computer Group Example computer group description 1
#
trendmicro-search-computer-groupsSearch for specific computer groups by some field name with a certain type. Every field has a specific type. It can be a simple type like a string, a numeric or a boolean. However, it can also be a choice, which is a string with specific options (enumeration). To search, you must provide the field_name & field_type, the operation to perform, and the value to search.
#
Base Commandtrendmicro-search-computer-groups
#
InputArgument Name | Description | Required |
---|---|---|
max_items | Limits the number of objects returned. | Optional |
field_name | The name of the field. Possible values are: ID, type, name, description, parentGroupID. | Required |
field_type | The type of the field. Possible values are: boolean, numeric, choice, id, string. | Required |
operation | The operation to compare with. Possible values are: less-than, less-than-or-equal, equal, greater-than-or-equal, greater-than, not-equal. | Required |
value | The value compare against the field name. | Required |
sort_by_object_id | If true, forces the response objects to be sorted by ID, overriding the default sort order. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.ComputerGroups.name | string | Name of the computer group |
TrendMicro.ComputerGroups.description | string | Description of the computer group |
TrendMicro.ComputerGroups.parentGroupID | integer | ID of the computer group's parent group |
#
Command Example!trendmicro-search-computer-groups field_name=ID operation=equal field_type=id value=110
#
Context Example#
Human Readable Output#
Matched Computer Groups
ID Name Parent Group ID 110 Example Computer Group 1
#
trendmicro-get-computer-groupGet information of a certain computer group
#
Base Commandtrendmicro-get-computer-group
#
InputArgument Name | Description | Required |
---|---|---|
computer_group_id | The ID number of the computer group to get. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.ComputerGroups.name | string | Name of the computer group |
TrendMicro.ComputerGroups.description | string | Description of the computer group |
TrendMicro.ComputerGroups.parentGroupID | integer | ID of the computer group's parent group |
#
Command Example!trendmicro-get-computer-group computer_group_id=110
#
Context Example#
Human Readable Output#
Computer Group 110 Details
ID Name Parent Group ID 110 Example Computer Group 1
#
trendmicro-modify-computer-groupModify the properties of a certain computer group
#
Base Commandtrendmicro-modify-computer-group
#
InputArgument Name | Description | Required |
---|---|---|
computer_group_id | The ID number of the computer group to modify. | Required |
name | Name of the computer group. | Optional |
description | Description of the computer group. | Optional |
parent_group_id | ID of the computer group's parent group. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.ComputerGroups.name | string | Name of the computer group |
TrendMicro.ComputerGroups.description | string | Description of the computer group |
TrendMicro.ComputerGroups.parentGroupID | integer | ID of the computer group's parent group |
#
Command Example!trendmicro-modify-computer-group computer_group_id=110 description="Example computer group description"
#
Context Example#
Human Readable Output#
Computer Group
ID Name Description Parent Group ID 110 Example Computer Group Example computer group description 1
#
trendmicro-delete-computer-groupDelete a certain computer group
#
Base Commandtrendmicro-delete-computer-group
#
InputArgument Name | Description | Required |
---|---|---|
computer_group_id | The ID number of the computer group to delete. | Required |
#
Context OutputThere is no context output for this command.
#
Command Example!trendmicro-delete-computer-group computer_group_id=110
#
Human Readable OutputThe computer group was successfully deleted!
#
trendmicro-search-firewall-rulesSearch for specific firewall rules by some field name with a certain type. Every field has a specific type. It can be a simple type like a string, a numeric or a boolean. However, it can also be a choice, which is a string with specific options (enumeration). To search, you must provide the field_name & field_type, the operation to perform, and the value to search.
#
Base Commandtrendmicro-search-firewall-rules
#
InputArgument Name | Description | Required |
---|---|---|
max_items | Limits the number of objects returned. | Optional |
field_name | The field name to search. Possible values are: ID, name, description, action, priority, direction, frameType, frameNumber, frameNot, protocol, protocolNumber, protocolNot, sourceIPType, sourceIPValue, sourceIPMask, sourceIPRangeFrom, sourceIPRangeTo, sourceIPMultiple, sourceIPListID, sourceIPNot, sourceMACType, sourceMACValue, sourceMACMultiple, sourceMACListID, sourceMACNot, sourcePortType, sourcePortMultiple, sourcePortListID, sourcePortNot, destinationIPType, destinationIPValue, destinationIPMask, destinationIPRangeFrom, destinationIPRangeTo, destinationIPMultiple, destinationIPListID, destinationIPNot, destinationMACType, destinationMACValue, destinationMACMultiple, destinationMACListID, destinationMACNot, destinationPortType, destinationPortMultiple, destinationPortListID, destinationPortNot, anyFlags, logDisabled, includePacketData, alertEnabled, scheduleID, contextID. | Required |
field_type | The field type. Possible values are: boolean, numeric, choice, id, string. Default is string. | Optional |
operation | The operation to test against the field. Possible values are: less-than, less-than-or-equal, equal, greater-than-or-equal, greater-than, not-equal. | Required |
value | The value to compare against the field. | Required |
sort_by_object_id | If true, forces the response objects to be sorted by ID, overriding the default sort order. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.FirewallRules.name | string | Name of the firewall rule |
TrendMicro.FirewallRules.description | string | Description of the firewall rule |
TrendMicro.FirewallRules.action | string | Action of the packet filter |
TrendMicro.FirewallRules.priority | string | Priority of the packet filter |
TrendMicro.FirewallRules.direction | string | Packet direction |
TrendMicro.FirewallRules.frameType | string | Supported frame types |
TrendMicro.FirewallRules.frameNumber | integer | Ethernet frame number |
TrendMicro.FirewallRules.frameNot | boolean | Controls if the frame setting should be inverted |
TrendMicro.FirewallRules.protocol | string | Protocol |
TrendMicro.FirewallRules.protocolNumber | integer | Two-byte protocol number |
TrendMicro.FirewallRules.protocolNot | boolean | Controls if the protocol setting should be inverted |
TrendMicro.FirewallRules.sourceIPType | string | Source IP type |
TrendMicro.FirewallRules.sourceIPValue | string | Source IP |
TrendMicro.FirewallRules.sourceIPMask | string | Source IP mask |
TrendMicro.FirewallRules.sourceIPRangeFrom | string | The first value for a range of source IP addresses |
TrendMicro.FirewallRules.sourceIPRangeTo | string | The last value for a range of source IP addresses |
TrendMicro.FirewallRules.sourceIPMultiple | array | List of source IP addresses |
TrendMicro.FirewallRules.sourceIPListID | integer | ID of source IP list |
TrendMicro.FirewallRules.sourceIPNot | boolean | Controls if the source IP setting should be inverted |
TrendMicro.FirewallRules.sourceMACType | string | Source MAC type |
TrendMicro.FirewallRules.sourceMACValue | string | Source MAC address |
TrendMicro.FirewallRules.sourceMACMultiple | array | List of MAC addresses |
TrendMicro.FirewallRules.sourceMACListID | integer | ID of MAC address list |
TrendMicro.FirewallRules.sourceMACNot | boolean | Controls if the source MAC setting should be inverted |
TrendMicro.FirewallRules.sourcePortType | string | The type of source port |
TrendMicro.FirewallRules.sourcePortMultiple | array | List of comma-delimited source ports |
TrendMicro.FirewallRules.sourcePortListID | integer | ID of source port list |
TrendMicro.FirewallRules.sourcePortNot | boolean | Controls if the source port setting should be inverted |
TrendMicro.FirewallRules.destinationIPType | string | Destination IP type |
TrendMicro.FirewallRules.destinationIPValue | string | Destination IP |
TrendMicro.FirewallRules.destinationIPMask | string | Destination IP mask |
TrendMicro.FirewallRules.destinationIPRangeFrom | string | The first value for a range of destination IP addresses |
TrendMicro.FirewallRules.destinationIPRangeTo | string | The last value for a range of destination IP addresses |
TrendMicro.FirewallRules.destinationIPMultiple | array | List of comma-delimited destination IP addresses |
TrendMicro.FirewallRules.destinationIPListID | integer | ID of destination IP list |
TrendMicro.FirewallRules.destinationIPNot | boolean | Controls if the destination IP setting should be inverted |
TrendMicro.FirewallRules.destinationMACType | string | Destination MAC type |
TrendMicro.FirewallRules.destinationMACValue | string | Destination MAC address |
TrendMicro.FirewallRules.destinationMACMultiple | array | List of comma-delimited MAC addresses |
TrendMicro.FirewallRules.destinationMACListID | integer | ID of MAC address list |
TrendMicro.FirewallRules.destinationMACNot | boolean | Controls if the destination MAC setting should be inverted |
TrendMicro.FirewallRules.destinationPortType | string | The type of destination port |
TrendMicro.FirewallRules.destinationPortMultiple | array | List of comma-delimited destination ports |
TrendMicro.FirewallRules.destinationPortListID | integer | ID of destination port list |
TrendMicro.FirewallRules.destinationPortNot | boolean | Controls if the destination port setting should be inverted |
TrendMicro.FirewallRules.anyFlags | boolean | True if any flags are used |
TrendMicro.FirewallRules.logDisabled | boolean | Controls if logging for this filter is disabled |
TrendMicro.FirewallRules.includePacketData | boolean | Controls if this filter should capture data for every log |
TrendMicro.FirewallRules.alertEnabled | boolean | Controls if this filter should be alerted on |
TrendMicro.FirewallRules.scheduleID | integer | ID of the schedule to control when this filter is "on" |
TrendMicro.FirewallRules.contextID | integer | RuleContext that is applied to this filter |
TrendMicro.FirewallRules.tcpflags | array | TCP flags |
TrendMicro.FirewallRules.TCPNot | boolean | Whther the TCP settings are inverted or not |
TrendMicro.FirewallRules.ICMPType | integer | ICMP type |
TrendMicro.FirewallRules.ICMPCode | integer | ICMP code |
TrendMicro.FirewallRules.ICMPNot | boolean | Whther the ICMP settings are inverted or not |
#
Command Example!trendmicro-search-firewall-rules field_name="action" field_type="choice" operation="equal" value="allow"
#
Context Example#
Human Readable Output#
Matched Firewall Rules
ID Name Description Direction Action 20 Deep Security Agent Allow incoming traffic to Deep Security Agent incoming allow 21 VMware vCenter Server Allow incoming traffic to VMware vCenter Server incoming allow 22 Allow Deep Security as a Service inbound communications incoming allow 24 Allow solicited TCP/UDP replies UDP stateful and TCP stateful must be enabled incoming allow 25 Allow solicited ICMP replies ICMP stateful must be enabled incoming allow 32 FTP Server Allow incoming traffic to an FTP Server incoming allow 35 Deep Security Manager Allow incoming traffic to Deep Security Manager incoming allow 36 Microsoft Exchange Server Allow incoming traffic to an Microsoft Exchange Server incoming allow 37 IPSec IKE incoming allow 38 IPSec Encryption incoming allow 39 IPSec Authentication incoming allow 40 Domain Controller (TCP) Allow incoming traffic to a Domain Controller incoming allow 42 Web Server Allow incoming TCP traffic to a Web Server incoming allow 43 Remote Access SSH Allow remote access to machines incoming allow 44 Domain Client (TCP) Allow incoming traffic from the domain controller incoming allow 46 SMTP Server Allow incoming TCP traffic to an SMTP Server incoming allow 47 IDENT incoming allow 52 Remote Access RDP Allow remote access to machines incoming allow 53 POP3 Server incoming allow 54 IMAP Server incoming allow 55 Computer Associates Unicenter incoming allow 56 Veritas incoming allow 70 Allow PPPOE Discovery incoming allow 71 Allow PPPOE Session incoming allow 72 Generic Routing Encapsulation incoming allow 75 poc_rule incoming allow 76 poc_rule1 incoming allow 77 poc_rule2 incoming allow 133 None incoming allow 166 UDP incoming allow 174 Example Rule incoming allow
#
trendmicro-list-firewall-rulesList all existing firewall rules
#
Base Commandtrendmicro-list-firewall-rules
#
InputArgument Name | Description | Required |
---|
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.FirewallRules.name | string | Name of the firewall rule |
TrendMicro.FirewallRules.description | string | Description of the firewall rule |
TrendMicro.FirewallRules.action | string | Action of the packet filter |
TrendMicro.FirewallRules.priority | string | Priority of the packet filter |
TrendMicro.FirewallRules.direction | string | Packet direction |
TrendMicro.FirewallRules.frameType | string | Supported frame types |
TrendMicro.FirewallRules.frameNumber | integer | Ethernet frame number |
TrendMicro.FirewallRules.frameNot | boolean | Controls if the frame setting should be inverted |
TrendMicro.FirewallRules.protocol | string | Protocol |
TrendMicro.FirewallRules.protocolNumber | integer | Two-byte protocol number |
TrendMicro.FirewallRules.protocolNot | boolean | Controls if the protocol setting should be inverted |
TrendMicro.FirewallRules.sourceIPType | string | Source IP type |
TrendMicro.FirewallRules.sourceIPValue | string | Source IP |
TrendMicro.FirewallRules.sourceIPMask | string | Source IP mask |
TrendMicro.FirewallRules.sourceIPRangeFrom | string | The first value for a range of source IP addresses |
TrendMicro.FirewallRules.sourceIPRangeTo | string | The last value for a range of source IP addresses |
TrendMicro.FirewallRules.sourceIPMultiple | array | List of source IP addresses |
TrendMicro.FirewallRules.sourceIPListID | integer | ID of source IP list |
TrendMicro.FirewallRules.sourceIPNot | boolean | Controls if the source IP setting should be inverted |
TrendMicro.FirewallRules.sourceMACType | string | Source MAC type |
TrendMicro.FirewallRules.sourceMACValue | string | Source MAC address |
TrendMicro.FirewallRules.sourceMACMultiple | array | List of MAC addresses |
TrendMicro.FirewallRules.sourceMACListID | integer | ID of MAC address list |
TrendMicro.FirewallRules.sourceMACNot | boolean | Controls if the source MAC setting should be inverted |
TrendMicro.FirewallRules.sourcePortType | string | The type of source port |
TrendMicro.FirewallRules.sourcePortMultiple | array | List of comma-delimited source ports |
TrendMicro.FirewallRules.sourcePortListID | integer | ID of source port list |
TrendMicro.FirewallRules.sourcePortNot | boolean | Controls if the source port setting should be inverted |
TrendMicro.FirewallRules.destinationIPType | string | Destination IP type |
TrendMicro.FirewallRules.destinationIPValue | string | Destination IP |
TrendMicro.FirewallRules.destinationIPMask | string | Destination IP mask |
TrendMicro.FirewallRules.destinationIPRangeFrom | string | The first value for a range of destination IP addresses |
TrendMicro.FirewallRules.destinationIPRangeTo | string | The last value for a range of destination IP addresses |
TrendMicro.FirewallRules.destinationIPMultiple | array | List of comma-delimited destination IP addresses |
TrendMicro.FirewallRules.destinationIPListID | integer | ID of destination IP list |
TrendMicro.FirewallRules.destinationIPNot | boolean | Controls if the destination IP setting should be inverted |
TrendMicro.FirewallRules.destinationMACType | string | Destination MAC type |
TrendMicro.FirewallRules.destinationMACValue | string | Destination MAC address |
TrendMicro.FirewallRules.destinationMACMultiple | array | List of comma-delimited MAC addresses |
TrendMicro.FirewallRules.destinationMACListID | integer | ID of MAC address list |
TrendMicro.FirewallRules.destinationMACNot | boolean | Controls if the destination MAC setting should be inverted |
TrendMicro.FirewallRules.destinationPortType | string | The type of destination port |
TrendMicro.FirewallRules.destinationPortMultiple | array | List of comma-delimited destination ports |
TrendMicro.FirewallRules.destinationPortListID | integer | ID of destination port list |
TrendMicro.FirewallRules.destinationPortNot | boolean | Controls if the destination port setting should be inverted |
TrendMicro.FirewallRules.anyFlags | boolean | True if any flags are used |
TrendMicro.FirewallRules.logDisabled | boolean | Controls if logging for this filter is disabled |
TrendMicro.FirewallRules.includePacketData | boolean | Controls if this filter should capture data for every log |
TrendMicro.FirewallRules.alertEnabled | boolean | Controls if this filter should be alerted on |
TrendMicro.FirewallRules.scheduleID | integer | ID of the schedule to control when this filter is "on" |
TrendMicro.FirewallRules.contextID | integer | RuleContext that is applied to this filter |
TrendMicro.FirewallRules.tcpflags | array | TCP flags |
TrendMicro.FirewallRules.TCPNot | boolean | Whther the TCP settings are inverted or not |
TrendMicro.FirewallRules.ICMPType | integer | ICMP type |
TrendMicro.FirewallRules.ICMPCode | integer | ICMP code |
TrendMicro.FirewallRules.ICMPNot | boolean | Whther the ICMP settings are inverted or not |
#
Command Example!trendmicro-list-firewall-rules
#
Context Example#
Human Readable Output#
Firewall Rules
ID Name Description Direction Action 1 Off Domain Exceptions - Domain Client (UDP) outgoing force-allow 2 Off Domain Exceptions - GRE outgoing force-allow 3 Off Domain Exceptions - HTTP(S) outgoing force-allow 4 Off Domain Exceptions - ICMP Echo Request outgoing force-allow 5 Off Domain Exceptions - IPSec Encryption outgoing force-allow 6 Off Domain Exceptions - VPN Tunnel outgoing force-allow 7 Off Domain Exceptions - Wireless Authentication outgoing force-allow 8 Remote Domain Exceptions - ARP outgoing force-allow 9 Remote Domain Exceptions - DNS outgoing force-allow 10 Remote Domain Exceptions - GRE outgoing force-allow 11 Remote Domain Exceptions - ICMP Echo Request outgoing force-allow 12 Remote Domain Exceptions - IPSec Encryption outgoing force-allow 13 Remote Domain Exceptions - VPN Tunnel outgoing force-allow 14 Restricted Interface Exceptions - ARP Outgoing outgoing force-allow 15 Restricted Interface Exceptions - DHCP Client Incoming incoming force-allow 16 Restricted Interface Exceptions - DHCP Client Outgoing outgoing force-allow 17 Restricted Interface Exceptions - Wireless Authentication Incoming incoming force-allow 18 Restricted Interface Exceptions - Wireless Authentication Outgoing outgoing force-allow 19 Restricted Interface Exceptions - Netbios Name Service Outgoing outgoing force-allow 20 Deep Security Agent Allow incoming traffic to Deep Security Agent incoming allow 21 VMware vCenter Server Allow incoming traffic to VMware vCenter Server incoming allow 22 Allow Deep Security as a Service inbound communications incoming allow 23 Allow ICMP type 3 code 4 This ICMP packet is used for MTU path negotiation incoming force-allow 24 Allow solicited TCP/UDP replies UDP stateful and TCP stateful must be enabled incoming allow 25 Allow solicited ICMP replies ICMP stateful must be enabled incoming allow 26 DHCP Client Allow DHCP Offer traffic to a DHCP Client incoming force-allow 27 Deny Internal IP Ranges Ingress filter to deny incoming spoofed packets incoming deny 28 ARP Allow incoming ARP traffic incoming force-allow 29 NetBios Name Service For hosts that rely on NetBios for name resolution incoming force-allow 30 DHCP Server Allow incoming DHCP requests to a DHCP server incoming force-allow 31 Wireless Authentication Allow wireless authentication traffic incoming force-allow 32 FTP Server Allow incoming traffic to an FTP Server incoming allow 33 Microsoft SQL Server Allow incoming TCP traffic to a Microsoft SQL server incoming force-allow 34 Oracle SQL Server Allow incoming traffic to an Oracle SQL server incoming force-allow 35 Deep Security Manager Allow incoming traffic to Deep Security Manager incoming allow 36 Microsoft Exchange Server Allow incoming traffic to an Microsoft Exchange Server incoming allow 37 IPSec IKE incoming allow 38 IPSec Encryption incoming allow 39 IPSec Authentication incoming allow 40 Domain Controller (TCP) Allow incoming traffic to a Domain Controller incoming allow 41 Domain Controller (UDP) Allow incoming traffic to a Domain Controller incoming force-allow 42 Web Server Allow incoming TCP traffic to a Web Server incoming allow 43 Remote Access SSH Allow remote access to machines incoming allow 44 Domain Client (TCP) Allow incoming traffic from the domain controller incoming allow 45 Domain Client (UDP) Allow incoming traffic from the domain controller incoming force-allow 46 SMTP Server Allow incoming TCP traffic to an SMTP Server incoming allow 47 IDENT incoming allow 48 DNS Server Allow incoming DNS requests to a DNS server incoming force-allow 49 ICMP Echo Request Allow incoming Ping requests incoming force-allow 50 Network Time Protocol Allow Network Time Protocol traffic incoming force-allow 51 Windows File Sharing Allow file sharing traffic incoming force-allow 52 Remote Access RDP Allow remote access to machines incoming allow 53 POP3 Server incoming allow 54 IMAP Server incoming allow 55 Computer Associates Unicenter incoming allow 56 Veritas incoming allow 57 MySQL Server incoming force-allow 58 WINS incoming force-allow 59 WINS Registration incoming force-allow 60 WINS Replication incoming force-allow 61 Restricted Interface Exceptions - Netbios Name Service Incoming incoming force-allow 62 Restricted Interface Exceptions - ARP Incoming incoming force-allow 63 Restricted Interface Enforcement Log packets blocked due to Restricted Interface Enforcement policy outgoing deny 64 Off Domain Exceptions - Domain Client (TCP) outgoing force-allow 65 Off Domain Exceptions - ARP outgoing force-allow 66 Off Domain Exceptions - DNS outgoing force-allow 67 Remote Domain Exceptions When remotely connected to domain only corporate traffic is allowed outgoing force-allow 68 Remote Domain Enforcement (Split Tunnel) Log packets blocked due to Remote Domain Enforcement policy outgoing deny 69 Off Domain Enforcement Log packets blocked due to Off Domain Enforcement policy outgoing deny 70 Allow PPPOE Discovery incoming allow 71 Allow PPPOE Session incoming allow 72 Generic Routing Encapsulation incoming allow 73 Off Domain Exceptions - DHCP Client outgoing force-allow 75 poc_rule incoming allow 76 poc_rule1 incoming allow 77 poc_rule2 incoming allow 133 None incoming allow 166 UDP incoming allow 174 Example Rule incoming allow
#
trendmicro-create-firewall-ruleCreate a new firewall rule
#
Base Commandtrendmicro-create-firewall-rule
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the firewall rule. | Required |
description | Description of the firewall rule. | Optional |
action | Action of the packet filter. Possible values are: log-only, allow, deny, force-allow, bypass. | Required |
priority | Priority of the packet filter. Possible values are: 0, 1, 2, 3, 4. | Optional |
direction | Packet direction. Possible values are: incoming, outgoing. | Required |
frame_type | Supported frame types. Possible values are: any, ip, arp, revarp, ipv4, ipv6, other. | Optional |
frame_number | Ethernet frame number. | Optional |
frame_not | Controls if the frame setting should be inverted. | Optional |
protocol | Protocol. Possible values are: any, icmp, igmp, ggp, tcp, udp, pup, idp, nd, raw, tcp-udp, icmpv6, other. | Optional |
protocol_number | Two-byte protocol number. | Optional |
protocol_not | Controls if the protocol setting should be inverted. | Optional |
source_ip_type | Source IP type. Possible values are: any, single, multiple, masked-ip, range, ip-list. | Optional |
source_ip_value | Source IP. | Optional |
source_ip_mask | Source IP mask. | Optional |
source_ip_range_from | The first value for a range of source IP addresses. | Optional |
source_ip_range_to | The last value for a range of source IP addresses. | Optional |
source_ip_multiple | List of source IP addresses. | Optional |
source_ip_list_id | ID of source IP list. | Optional |
source_ip_not | Controls if the source IP setting should be inverted. | Optional |
source_mac_type | Source MAC type. Possible values are: any, single, multiple, mac-list. | Optional |
source_mac_value | Source MAC address. | Optional |
source_mac_multiple | List of MAC addresses. | Optional |
source_mac_list_id | ID of MAC address list. | Optional |
source_mac_not | Controls if the source MAC setting should be inverted. | Optional |
source_port_type | The type of source port. Possible values are: any, multiple, port-list. | Optional |
source_port_multiple | List of comma-delimited source ports. | Optional |
source_port_list_id | ID of source port list. | Optional |
source_port_not | Controls if the source port setting should be inverted. | Optional |
destination_ip_type | Destination IP type. Possible values are: any, single, multiple, range, masked-ip, ip-list. | Optional |
destination_ip_value | Destination IP. | Optional |
destination_ip_mask | Destination IP mask. | Optional |
destination_ip_range_from | The first value for a range of destination IP addresses. | Optional |
destination_ip_range_to | The last value for a range of destination IP addresses. | Optional |
destination_ip_multiple | List of comma-delimited destination IP addresses. | Optional |
destination_ip_list_id | ID of destination IP list. | Optional |
destination_ip_not | Controls if the destination IP setting should be inverted. | Optional |
destination_mac_type | Destination MAC type. Possible values are: any, single, multiple, mac-list. | Optional |
destination_mac_value | Destination MAC address. | Optional |
destination_mac_multiple | List of comma-delimited MAC addresses. | Optional |
destination_mac_list_id | ID of MAC address list. | Optional |
destination_mac_not | Controls if the destination MAC setting should be inverted. | Optional |
destination_port_type | The type of destination port. Possible values are: any, multiple, port-list. | Optional |
destination_port_multiple | List of comma-delimited destination ports. | Optional |
destination_port_list_id | ID of destination port list. | Optional |
destination_port_not | Controls if the destination port setting should be inverted. | Optional |
any_flags | True if any flags are used. | Optional |
log_disabled | Controls if logging for this filter is disabled. | Optional |
include_packet_data | Controls if this filter should capture data for every log. | Optional |
alert_enabled | Controls if this filter should be alerted on. | Optional |
schedule_id | ID of the schedule to control when this filter is "on". | Optional |
context_id | RuleContext that is applied to this filter. | Optional |
tcpflags | The TCP flags the rule should filter by. Possible values are: syn, ack, psh, urg, fin, rst. | Optional |
tcp_not | Controls if the TCP settings should be inverted. | Optional |
icmp_type | The ICMP type the rule should filter by. | Optional |
icmp_code | The ICMP code the rule should filter by. | Optional |
icmp_not | Controls if the ICMP settings should be inverted. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.FirewallRules.name | string | Name of the firewall rule |
TrendMicro.FirewallRules.description | string | Description of the firewall rule |
TrendMicro.FirewallRules.action | string | Action of the packet filter |
TrendMicro.FirewallRules.priority | string | Priority of the packet filter |
TrendMicro.FirewallRules.direction | string | Packet direction |
TrendMicro.FirewallRules.frameType | string | Supported frame types |
TrendMicro.FirewallRules.frameNumber | integer | Ethernet frame number |
TrendMicro.FirewallRules.frameNot | boolean | Controls if the frame setting should be inverted |
TrendMicro.FirewallRules.protocol | string | Protocol |
TrendMicro.FirewallRules.protocolNumber | integer | Two-byte protocol number |
TrendMicro.FirewallRules.protocolNot | boolean | Controls if the protocol setting should be inverted |
TrendMicro.FirewallRules.sourceIPType | string | Source IP type |
TrendMicro.FirewallRules.sourceIPValue | string | Source IP |
TrendMicro.FirewallRules.sourceIPMask | string | Source IP mask |
TrendMicro.FirewallRules.sourceIPRangeFrom | string | The first value for a range of source IP addresses |
TrendMicro.FirewallRules.sourceIPRangeTo | string | The last value for a range of source IP addresses |
TrendMicro.FirewallRules.sourceIPMultiple | array | List of source IP addresses |
TrendMicro.FirewallRules.sourceIPListID | integer | ID of source IP list |
TrendMicro.FirewallRules.sourceIPNot | boolean | Controls if the source IP setting should be inverted |
TrendMicro.FirewallRules.sourceMACType | string | Source MAC type |
TrendMicro.FirewallRules.sourceMACValue | string | Source MAC address |
TrendMicro.FirewallRules.sourceMACMultiple | array | List of MAC addresses |
TrendMicro.FirewallRules.sourceMACListID | integer | ID of MAC address list |
TrendMicro.FirewallRules.sourceMACNot | boolean | Controls if the source MAC setting should be inverted |
TrendMicro.FirewallRules.sourcePortType | string | The type of source port |
TrendMicro.FirewallRules.sourcePortMultiple | array | List of comma-delimited source ports |
TrendMicro.FirewallRules.sourcePortListID | integer | ID of source port list |
TrendMicro.FirewallRules.sourcePortNot | boolean | Controls if the source port setting should be inverted |
TrendMicro.FirewallRules.destinationIPType | string | Destination IP type |
TrendMicro.FirewallRules.destinationIPValue | string | Destination IP |
TrendMicro.FirewallRules.destinationIPMask | string | Destination IP mask |
TrendMicro.FirewallRules.destinationIPRangeFrom | string | The first value for a range of destination IP addresses |
TrendMicro.FirewallRules.destinationIPRangeTo | string | The last value for a range of destination IP addresses |
TrendMicro.FirewallRules.destinationIPMultiple | array | List of comma-delimited destination IP addresses |
TrendMicro.FirewallRules.destinationIPListID | integer | ID of destination IP list |
TrendMicro.FirewallRules.destinationIPNot | boolean | Controls if the destination IP setting should be inverted |
TrendMicro.FirewallRules.destinationMACType | string | Destination MAC type |
TrendMicro.FirewallRules.destinationMACValue | string | Destination MAC address |
TrendMicro.FirewallRules.destinationMACMultiple | array | List of comma-delimited MAC addresses |
TrendMicro.FirewallRules.destinationMACListID | integer | ID of MAC address list |
TrendMicro.FirewallRules.destinationMACNot | boolean | Controls if the destination MAC setting should be inverted |
TrendMicro.FirewallRules.destinationPortType | string | The type of destination port |
TrendMicro.FirewallRules.destinationPortMultiple | array | List of comma-delimited destination ports |
TrendMicro.FirewallRules.destinationPortListID | integer | ID of destination port list |
TrendMicro.FirewallRules.destinationPortNot | boolean | Controls if the destination port setting should be inverted |
TrendMicro.FirewallRules.anyFlags | boolean | True if any flags are used |
TrendMicro.FirewallRules.logDisabled | boolean | Controls if logging for this filter is disabled |
TrendMicro.FirewallRules.includePacketData | boolean | Controls if this filter should capture data for every log |
TrendMicro.FirewallRules.alertEnabled | boolean | Controls if this filter should be alerted on |
TrendMicro.FirewallRules.scheduleID | integer | ID of the schedule to control when this filter is "on" |
TrendMicro.FirewallRules.contextID | integer | RuleContext that is applied to this filter |
TrendMicro.FirewallRules.tcpflags | array | TCP flags |
TrendMicro.FirewallRules.TCPNot | boolean | Whether the TCP settings are inverted |
TrendMicro.FirewallRules.ICMPType | integer | ICMP type |
TrendMicro.FirewallRules.ICMPCode | integer | ICMP code |
TrendMicro.FirewallRules.ICMPNot | boolean | Whether the ICMP settings are inverted |
#
Command Example!trendmicro-create-firewall-rule name="Example Rule" action=allow protocol=udp direction=incoming
#
Context Example#
Human Readable Output#
Firewall Rules
ID Name Direction Action 175 Example Rule incoming allow
#
trendmicro-get-firewall-ruleGet information about a certain firewall rule
#
Base Commandtrendmicro-get-firewall-rule
#
InputArgument Name | Description | Required |
---|---|---|
firewall_rule_id | The ID number of the firewall rule to get. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.FirewallRules.name | string | Name of the firewall rule |
TrendMicro.FirewallRules.description | string | Description of the firewall rule |
TrendMicro.FirewallRules.action | string | Action of the packet filter |
TrendMicro.FirewallRules.priority | string | Priority of the packet filter |
TrendMicro.FirewallRules.direction | string | Packet direction |
TrendMicro.FirewallRules.frameType | string | Supported frame types |
TrendMicro.FirewallRules.frameNumber | integer | Ethernet frame number |
TrendMicro.FirewallRules.frameNot | boolean | Controls if the frame setting should be inverted |
TrendMicro.FirewallRules.protocol | string | Protocol |
TrendMicro.FirewallRules.protocolNumber | integer | Two-byte protocol number |
TrendMicro.FirewallRules.protocolNot | boolean | Controls if the protocol setting should be inverted |
TrendMicro.FirewallRules.sourceIPType | string | Source IP type |
TrendMicro.FirewallRules.sourceIPValue | string | Source IP |
TrendMicro.FirewallRules.sourceIPMask | string | Source IP mask |
TrendMicro.FirewallRules.sourceIPRangeFrom | string | The first value for a range of source IP addresses |
TrendMicro.FirewallRules.sourceIPRangeTo | string | The last value for a range of source IP addresses |
TrendMicro.FirewallRules.sourceIPMultiple | array | List of source IP addresses |
TrendMicro.FirewallRules.sourceIPListID | integer | ID of source IP list |
TrendMicro.FirewallRules.sourceIPNot | boolean | Controls if the source IP setting should be inverted |
TrendMicro.FirewallRules.sourceMACType | string | Source MAC type |
TrendMicro.FirewallRules.sourceMACValue | string | Source MAC address |
TrendMicro.FirewallRules.sourceMACMultiple | array | List of MAC addresses |
TrendMicro.FirewallRules.sourceMACListID | integer | ID of MAC address list |
TrendMicro.FirewallRules.sourceMACNot | boolean | Controls if the source MAC setting should be inverted |
TrendMicro.FirewallRules.sourcePortType | string | The type of source port |
TrendMicro.FirewallRules.sourcePortMultiple | array | List of comma-delimited source ports |
TrendMicro.FirewallRules.sourcePortListID | integer | ID of source port list |
TrendMicro.FirewallRules.sourcePortNot | boolean | Controls if the source port setting should be inverted |
TrendMicro.FirewallRules.destinationIPType | string | Destination IP type |
TrendMicro.FirewallRules.destinationIPValue | string | Destination IP |
TrendMicro.FirewallRules.destinationIPMask | string | Destination IP mask |
TrendMicro.FirewallRules.destinationIPRangeFrom | string | The first value for a range of destination IP addresses |
TrendMicro.FirewallRules.destinationIPRangeTo | string | The last value for a range of destination IP addresses |
TrendMicro.FirewallRules.destinationIPMultiple | array | List of comma-delimited destination IP addresses |
TrendMicro.FirewallRules.destinationIPListID | integer | ID of destination IP list |
TrendMicro.FirewallRules.destinationIPNot | boolean | Controls if the destination IP setting should be inverted |
TrendMicro.FirewallRules.destinationMACType | string | Destination MAC type |
TrendMicro.FirewallRules.destinationMACValue | string | Destination MAC address |
TrendMicro.FirewallRules.destinationMACMultiple | array | List of comma-delimited MAC addresses |
TrendMicro.FirewallRules.destinationMACListID | integer | ID of MAC address list |
TrendMicro.FirewallRules.destinationMACNot | boolean | Controls if the destination MAC setting should be inverted |
TrendMicro.FirewallRules.destinationPortType | string | The type of destination port |
TrendMicro.FirewallRules.destinationPortMultiple | array | List of comma-delimited destination ports |
TrendMicro.FirewallRules.destinationPortListID | integer | ID of destination port list |
TrendMicro.FirewallRules.destinationPortNot | boolean | Controls if the destination port setting should be inverted |
TrendMicro.FirewallRules.anyFlags | boolean | True if any flags are used |
TrendMicro.FirewallRules.logDisabled | boolean | Controls if logging for this filter is disabled |
TrendMicro.FirewallRules.includePacketData | boolean | Controls if this filter should capture data for every log |
TrendMicro.FirewallRules.alertEnabled | boolean | Controls if this filter should be alerted on |
TrendMicro.FirewallRules.scheduleID | integer | ID of the schedule to control when this filter is "on" |
TrendMicro.FirewallRules.contextID | integer | RuleContext that is applied to this filter |
TrendMicro.FirewallRules.tcpflags | array | TCP flags |
TrendMicro.FirewallRules.TCPNot | boolean | Whether the TCP settings are inverted or not |
TrendMicro.FirewallRules.ICMPType | integer | ICMP type |
TrendMicro.FirewallRules.ICMPCode | integer | ICMP code |
TrendMicro.FirewallRules.ICMPNot | boolean | Whether the ICMP settings are inverted or not |
#
Command Example!trendmicro-get-firewall-rule firewall_rule_id=174
#
Context Example#
Human Readable Output#
Details of The Firewall Rule 174
ID Name Direction Action 174 Example Rule incoming allow
#
trendmicro-modify-firewall-ruleModify the properties of a certain firewall rule
#
Base Commandtrendmicro-modify-firewall-rule
#
InputArgument Name | Description | Required |
---|---|---|
firewall_rule_id | The ID number of the firewall rule to modify. | Required |
name | Name of the firewall rule. | Optional |
description | Description of the firewall rule. | Optional |
action | Action of the packet filter. Possible values are: log-only, allow, deny, force-allow, bypass. | Optional |
priority | Priority of the packet filter. Possible values are: 0, 1, 2, 3, 4. | Optional |
direction | Packet direction. Possible values are: incoming, outgoing. | Optional |
frame_type | Supported frame types. Possible values are: any, ip, arp, revarp, ipv4, ipv6, other. | Optional |
frame_number | Ethernet frame number. | Optional |
frame_not | Controls if the frame setting should be inverted. | Optional |
protocol | Protocol. Possible values are: any, icmp, igmp, ggp, tcp, pup, udp, idp, nd, raw, tcp-udp, icmpv6, other. | Optional |
protocol_number | Two-byte protocol number. | Optional |
protocol_not | Controls if the protocol setting should be inverted. | Optional |
source_ip_type | Source IP type. Possible values are: any, masked-ip, range, ip-list, single, multiple. | Optional |
source_ip_value | Source IP. | Optional |
source_ip_mask | Source IP mask. | Optional |
source_ip_range_from | The first value for a range of source IP addresses. | Optional |
source_ip_range_to | The last value for a range of source IP addresses. | Optional |
source_ip_multiple | List of source IP addresses. | Optional |
source_ip_list_id | ID of source IP list. | Optional |
source_ip_not | Controls if the source IP setting should be inverted. | Optional |
source_mac_type | Source MAC type. Possible values are: any, single, mac-list, multiple. | Optional |
source_mac_value | Source MAC address. | Optional |
source_mac_multiple | List of MAC addresses. | Optional |
source_mac_list_id | ID of MAC address list. | Optional |
source_mac_not | Controls if the source MAC setting should be inverted. | Optional |
source_port_type | The type of source port. Possible values are: any, multiple, port-list. | Optional |
source_port_multiple | List of comma-delimited source ports. | Optional |
source_port_list_id | ID of source port list. | Optional |
source_port_not | Controls if the source port setting should be inverted. | Optional |
destination_ip_type | Destination IP type. Possible values are: any, single, multiple, range, masked-ip, ip-list. | Optional |
destination_ip_value | Destination IP. | Optional |
destination_ip_mask | Destination IP mask. | Optional |
destination_ip_range_from | The first value for a range of destination IP addresses. | Optional |
destination_ip_range_to | The last value for a range of destination IP addresses. | Optional |
destination_ip_multiple | List of comma-delimited destination IP addresses. | Optional |
destination_ip_list_id | ID of destination IP list. | Optional |
destination_ip_not | Controls if the destination IP setting should be inverted. | Optional |
destination_mac_type | Destination MAC type. Possible values are: any, single, multiple, mac-list. | Optional |
destination_mac_value | Destination MAC address. | Optional |
destination_mac_multiple | List of comma-delimited MAC addresses. | Optional |
destination_mac_list_id | ID of MAC address list. | Optional |
destination_mac_not | Controls if the destination MAC setting should be inverted. | Optional |
destination_port_type | The type of destination port. Possible values are: any, port-list, multiple. | Optional |
destination_port_multiple | List of comma-delimited destination ports. | Optional |
destination_port_list_id | ID of destination port list. | Optional |
destination_port_not | Controls if the destination port setting should be inverted. | Optional |
any_flags | True if any flags are used. | Optional |
log_disabled | Controls if logging for this filter is disabled. | Optional |
include_packet_data | Controls if this filter should capture data for every log. | Optional |
alert_enabled | Controls if this filter should be alerted on. | Optional |
schedule_id | ID of the schedule to control when this filter is "on". | Optional |
context_id | RuleContext that is applied to this filter. | Optional |
tcpflags | The TCP flags the rule should filter by. Possible values are: syn, ack, psh, urg, fin, rst. | Optional |
tcp_not | Controls if the TCP settings should be inverted. | Optional |
icmp_type | The ICMP type the rule should filter by. | Optional |
icmp_code | The ICMP code the rule should filter by. | Optional |
icmp_not | Controls if the ICMP settings should be inverted. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.FirewallRules.name | string | Name of the firewall rule |
TrendMicro.FirewallRules.description | string | Description of the firewall rule |
TrendMicro.FirewallRules.action | string | Action of the packet filter |
TrendMicro.FirewallRules.priority | string | Priority of the packet filter |
TrendMicro.FirewallRules.direction | string | Packet direction |
TrendMicro.FirewallRules.frameType | string | Supported frame types |
TrendMicro.FirewallRules.frameNumber | integer | Ethernet frame number |
TrendMicro.FirewallRules.frameNot | boolean | Controls if the frame setting should be inverted |
TrendMicro.FirewallRules.protocol | string | Protocol |
TrendMicro.FirewallRules.protocolNumber | integer | Two-byte protocol number |
TrendMicro.FirewallRules.protocolNot | boolean | Controls if the protocol setting should be inverted |
TrendMicro.FirewallRules.sourceIPType | string | Source IP type |
TrendMicro.FirewallRules.sourceIPValue | string | Source IP |
TrendMicro.FirewallRules.sourceIPMask | string | Source IP mask |
TrendMicro.FirewallRules.sourceIPRangeFrom | string | The first value for a range of source IP addresses |
TrendMicro.FirewallRules.sourceIPRangeTo | string | The last value for a range of source IP addresses |
TrendMicro.FirewallRules.sourceIPMultiple | array | List of source IP addresses |
TrendMicro.FirewallRules.sourceIPListID | integer | ID of source IP list |
TrendMicro.FirewallRules.sourceIPNot | boolean | Controls if the source IP setting should be inverted |
TrendMicro.FirewallRules.sourceMACType | string | Source MAC type |
TrendMicro.FirewallRules.sourceMACValue | string | Source MAC address |
TrendMicro.FirewallRules.sourceMACMultiple | array | List of MAC addresses |
TrendMicro.FirewallRules.sourceMACListID | integer | ID of MAC address list |
TrendMicro.FirewallRules.sourceMACNot | boolean | Controls if the source MAC setting should be inverted |
TrendMicro.FirewallRules.sourcePortType | string | The type of source port |
TrendMicro.FirewallRules.sourcePortMultiple | array | List of comma-delimited source ports |
TrendMicro.FirewallRules.sourcePortListID | integer | ID of source port list |
TrendMicro.FirewallRules.sourcePortNot | boolean | Controls if the source port setting should be inverted |
TrendMicro.FirewallRules.destinationIPType | string | Destination IP type |
TrendMicro.FirewallRules.destinationIPValue | string | Destination IP |
TrendMicro.FirewallRules.destinationIPMask | string | Destination IP mask |
TrendMicro.FirewallRules.destinationIPRangeFrom | string | The first value for a range of destination IP addresses |
TrendMicro.FirewallRules.destinationIPRangeTo | string | The last value for a range of destination IP addresses |
TrendMicro.FirewallRules.destinationIPMultiple | array | List of comma-delimited destination IP addresses |
TrendMicro.FirewallRules.destinationIPListID | integer | ID of destination IP list |
TrendMicro.FirewallRules.destinationIPNot | boolean | Controls if the destination IP setting should be inverted |
TrendMicro.FirewallRules.destinationMACType | string | Destination MAC type |
TrendMicro.FirewallRules.destinationMACValue | string | Destination MAC address |
TrendMicro.FirewallRules.destinationMACMultiple | array | List of comma-delimited MAC addresses |
TrendMicro.FirewallRules.destinationMACListID | integer | ID of MAC address list |
TrendMicro.FirewallRules.destinationMACNot | boolean | Controls if the destination MAC setting should be inverted |
TrendMicro.FirewallRules.destinationPortType | string | The type of destination port |
TrendMicro.FirewallRules.destinationPortMultiple | array | List of comma-delimited destination ports |
TrendMicro.FirewallRules.destinationPortListID | integer | ID of destination port list |
TrendMicro.FirewallRules.destinationPortNot | boolean | Controls if the destination port setting should be inverted |
TrendMicro.FirewallRules.anyFlags | boolean | True if any flags are used |
TrendMicro.FirewallRules.logDisabled | boolean | Controls if logging for this filter is disabled |
TrendMicro.FirewallRules.includePacketData | boolean | Controls if this filter should capture data for every log |
TrendMicro.FirewallRules.alertEnabled | boolean | Controls if this filter should be alerted on |
TrendMicro.FirewallRules.scheduleID | integer | ID of the schedule to control when this filter is "on" |
TrendMicro.FirewallRules.contextID | integer | RuleContext that is applied to this filter |
TrendMicro.FirewallRules.tcpflags | array | TCP flags |
TrendMicro.FirewallRules.TCPNot | boolean | Whether the TCP settings are inverted or not |
TrendMicro.FirewallRules.ICMPType | integer | ICMP type |
TrendMicro.FirewallRules.ICMPCode | integer | ICMP code |
TrendMicro.FirewallRules.ICMPNot | boolean | Whether the ICMP settings are inverted or not |
#
Command Example!trendmicro-modify-firewall-rule firewall_rule_id=174 action=deny
#
Context Example#
Human Readable Output#
Details About The Modified Firewall Rule 174
ID Name Direction Action 174 Example Rule incoming deny
#
trendmicro-delete-firewall-ruleDelete a certain firewall rule
#
Base Commandtrendmicro-delete-firewall-rule
#
InputArgument Name | Description | Required |
---|---|---|
firewall_rule_id | The ID number of the firewall rule to delete. | Required |
#
Context OutputThere is no context output for this command.
#
Command Example!trendmicro-delete-firewall-rule firewall_rule_id=174
#
Human Readable OutputThe firewall rule was successfully deleted!
#
trendmicro-list-firewall-rule-ids-of-computerList all IDs of the firewall rules that are assigned to a certain computer
#
Base Commandtrendmicro-list-firewall-rule-ids-of-computer
#
InputArgument Name | Description | Required |
---|---|---|
computer_id | The ID number of the computer. | Required |
overrides | Return only rule IDs assigned directly to the current computer. Possible values are: true, false. Default is false. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.FirewallAssignments.assignedRuleIDs | array | List of assigned firewall rule IDs |
#
Command Example!trendmicro-list-firewall-rule-ids-of-computer computer_id=216
#
Context Example#
Human Readable OutputThe firewall rules IDs that are assigned to 216:
#
trendmicro-add-firewall-rule-ids-to-computerAdd firewall rule IDs to a certain computer
#
Base Commandtrendmicro-add-firewall-rule-ids-to-computer
#
InputArgument Name | Description | Required |
---|---|---|
computer_id | The ID number of the computer. | Required |
overrides | Return only rule IDs assigned directly to the current computer. Possible values are: true, false. Default is false. | Optional |
rule_ids | The rule IDs to add to the computer. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.FirewallAssignments.assignedRuleIDs | array | List of assigned firewall rule IDs |
#
Command Example!trendmicro-add-firewall-rule-ids-to-computer computer_id=216 rule_ids=31
#
Context Example#
Human Readable OutputThe firewall rules IDs that are assigned to computer 216: 21, 22, 31
#
trendmicro-set-firewall-rule-ids-to-computerAssign firewall rule IDs to a certain computer
#
Base Commandtrendmicro-set-firewall-rule-ids-to-computer
#
InputArgument Name | Description | Required |
---|---|---|
computer_id | The ID number of the computer. | Required |
overrides | Return only rule IDs assigned directly to the current computer. Possible values are: true, false. Default is false. | Optional |
rule_ids | The rule IDs to assign to the computer. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.FirewallAssignments.assignedRuleIDs | array | List of assigned firewall rule IDs |
#
Command Example!trendmicro-set-firewall-rule-ids-to-computer computer_id=216 rule_ids=21,22
#
Context Example#
Human Readable OutputThe firewall rules IDs that are assigned to computer 216: 21, 22
#
trendmicro-get-policyGet information about a certain policy
#
Base Commandtrendmicro-get-policy
#
InputArgument Name | Description | Required |
---|---|---|
policy_id | The ID number of the policy to get. | Required |
overrides | Show only overrides defined for the current policy. Possible values are: true, false. Default is false. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.Policies.parentID | integer | ID of the parent policy |
TrendMicro.Policies.name | string | Name of the policy |
TrendMicro.Policies.description | string | Description of the policy |
TrendMicro.Policies.recommendationScanMode | string | Enable or disable ongoing recommendation scans for computers assigned this policy |
TrendMicro.Policies.autoRequiresUpdate | string | Automatically update computers assigned this policy when the configuration changes |
#
Command Example!trendmicro-get-policy policy_id=105
#
Context Example#
Human Readable Output#
Details About The Policy 105
ID Name Description 105 Example Policy Example policy description
#
trendmicro-modify-policyModify a certain policy
#
Base Commandtrendmicro-modify-policy
#
InputArgument Name | Description | Required |
---|---|---|
policy_id | The ID number of the policy to modify. | Required |
overrides | Show only overrides defined for the current policy. Possible values are: true, false. Default is false. | Optional |
parent_id | ID of the parent policy. | Optional |
name | Name of the policy. | Optional |
description | Description of the policy. | Optional |
recommendation_scan_mode | Enable or disable ongoing recommendation scans for computers assigned this policy. | Optional |
auto_requires_update | Automatically update computers assigned this policy when the configuration changes. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.Policies.parentID | integer | ID of the parent policy |
TrendMicro.Policies.name | string | Name of the policy |
TrendMicro.Policies.description | string | Description of the policy |
TrendMicro.Policies.recommendationScanMode | string | Enable or disable ongoing recommendation scans for computers assigned this policy |
TrendMicro.Policies.autoRequiresUpdate | string | Automatically update computers assigned this policy when the configuration changes |
#
Command Example!trendmicro-modify-policy policy_id=105 description="Example policy description"
#
Context Example#
Human Readable Output#
Details About The Policy 105
ID Name Description 105 Example Policy Example policy description
#
trendmicro-delete-policyDelete a certain policy
#
Base Commandtrendmicro-delete-policy
#
InputArgument Name | Description | Required |
---|---|---|
policy_id | The ID number of the policy to delete. | Required |
#
Context OutputThere is no context output for this command.
#
Command Example!trendmicro-delete-policy policy_id=105
#
Human Readable OutputThe policy was successfully deleted!
#
trendmicro-get-policy-settingGet information about a setting of a certain policy
#
Base Commandtrendmicro-get-policy-setting
#
InputArgument Name | Description | Required |
---|---|---|
policy_id | The ID number of the policy. | Required |
name | The name of the policy setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource. | Required |
overrides | Show the value only if defined for the current policy. Possible values are: true, false. Default is false. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.PolicySettings.policyId | integer | Policy ID of a Setting |
TrendMicro.PolicySettings.name | string | Name of a Setting |
TrendMicro.PolicySettings.value | string | Value of a Setting |
#
Command Example!trendmicro-get-policy-setting policy_id=105 name=firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled
#
Context Example#
Human Readable Output#
The Policy Setting
Policy Id Name Value 105 firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled false
#
trendmicro-modify-policy-settingModify the value of a setting of a certain policy
#
Base Commandtrendmicro-modify-policy-setting
#
InputArgument Name | Description | Required |
---|---|---|
policy_id | The ID number of the policy. | Required |
name | The name of the setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource. | Required |
overrides | Show the value only if defined for the current computer. Possible values are: true, false. Default is false. | Optional |
value | Value of a Setting. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.PolicySettings.policyId | integer | Policy Id of a Setting |
TrendMicro.PolicySettings.name | string | Name of a Setting |
TrendMicro.PolicySettings.value | string | Value of a Setting |
#
Command Example!trendmicro-modify-policy-setting name=firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled policy_id=105 value=true
#
Context Example#
Human Readable Output#
The Policy Setting:
Policy Id Name Value 105 firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled true
#
trendmicro-reset-policy-settingReset the value of a setting of a certain policy
#
Base Commandtrendmicro-reset-policy-setting
#
InputArgument Name | Description | Required |
---|---|---|
policy_id | The ID number of the policy. | Required |
name | The name of the policy setting. Possible values are: logInspectionSettingSeverityClippingAgentEventSendSyslogLevelMin, firewallSettingEngineOptionConnectionsCleanupMax, firewallSettingEngineOptionVerifyTcpChecksumEnabled, antiMalwareSettingScanCacheOnDemandConfigId, applicationControlSettingSharedRulesetId, webReputationSettingSmartProtectionServerConnectionLostWarningEnabled, applicationControlSettingExecutionEnforcementLevel, webReputationSettingBlockedUrlDomains, firewallSettingEngineOptionSynSentTimeout, platformSettingAgentSelfProtectionPassword, firewallSettingReconnaissanceBlockTcpXmasAttackDuration, intrusionPreventionSettingVirtualAndContainerNetworkScanEnabled, logInspectionSettingSyslogConfigId, firewallSettingEngineOptionDebugModeEnabled, firewallSettingVirtualAndContainerNetworkScanEnabled, antiMalwareSettingFileHashSha256Enabled, firewallSettingReconnaissanceNotifyFingerprintProbeEnabled, firewallSettingEventLogFileRetainNum, firewallSettingAntiEvasionCheckTcpPawsZero, antiMalwareSettingConnectedThreatDefenseUseControlManagerSuspiciousObjectListEnabled, intrusionPreventionSettingEngineOptionFragmentedIpKeepMax, firewallSettingEngineOptionDrop6To4BogonsAddressesEnabled, logInspectionSettingSeverityClippingAgentEventStoreLevelMin, platformSettingScanCacheConcurrencyMax, antiMalwareSettingSyslogConfigId, firewallSettingAntiEvasionTcpPawsWindowPolicy, firewallSettingReconnaissanceDetectTcpXmasAttackEnabled, applicationControlSettingRulesetMode, antiMalwareSettingSmartProtectionGlobalServerUseProxyEnabled, webReputationSettingSmartProtectionLocalServerAllowOffDomainGlobal, integrityMonitoringSettingCombinedModeProtectionSource, firewallSettingEngineOptionCloseWaitTimeout, platformSettingScanOpenPortListId, platformSettingAgentSelfProtectionPasswordEnabled, firewallSettingEngineOptionAckTimeout, firewallSettingEventLogFileCachedEntriesStaleTime, firewallSettingCombinedModeProtectionSource, platformSettingAgentEventsSendInterval, platformSettingInactiveAgentCleanupOverrideEnabled, firewallSettingFailureResponseEngineSystem, platformSettingRelayState, firewallSettingEngineOptionDropEvasiveRetransmitEnabled, activityMonitoringSettingIndicatorEnabled, intrusionPreventionSettingEngineOptionFragmentedIpTimeout, firewallSettingAntiEvasionCheckTcpZeroFlags, webReputationSettingSmartProtectionGlobalServerUseProxyEnabled, intrusionPreventionSettingNsxSecurityTaggingPreventModeLevel, firewallSettingReconnaissanceNotifyTcpXmasAttackEnabled, firewallSettingEngineOptionUdpTimeout, webReputationSettingSmartProtectionLocalServerEnabled, firewallSettingEngineOptionTcpMssLimit, firewallSettingEngineOptionColdStartTimeout, firewallSettingEngineOptionEstablishedTimeout, antiMalwareSettingIdentifiedFilesSpaceMaxMbytes, firewallSettingEngineOptionAllowNullIpEnabled, platformSettingNotificationsSuppressPopupsEnabled, firewallSettingAntiEvasionCheckTcpRstFinFlags, firewallSettingEngineOptionDisconnectTimeout, firewallSettingEngineOptionCloseTimeout, firewallSettingEngineOptionTunnelDepthMaxExceededAction, firewallSettingReconnaissanceDetectTcpNullScanEnabled, platformSettingSmartProtectionAntiMalwareGlobalServerProxyId, firewallSettingEngineOptionFilterIpv4Tunnels, webReputationSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionLogOnePacketPeriod, firewallSettingEngineOptionFilterIpv6Tunnels, firewallSettingAntiEvasionCheckTcpCongestionFlags, platformSettingHeartbeatMissedAlertThreshold, intrusionPreventionSettingEngineOptionsEnabled, firewallSettingEngineOptionConnectionsNumUdpMax, integrityMonitoringSettingAutoApplyRecommendationsEnabled, firewallSettingEngineOptionTunnelDepthMax, firewallSettingEngineOptionDropUnknownSslProtocolEnabled, antiMalwareSettingNsxSecurityTaggingValue, intrusionPreventionSettingLogDataRuleFirstMatchEnabled, firewallSettingEngineOptionLoggingPolicy, platformSettingTroubleshootingLoggingLevel, antiMalwareSettingVirtualApplianceOnDemandScanCacheEntriesMax, webReputationSettingCombinedModeProtectionSource, firewallSettingEngineOptionClosingTimeout, firewallSettingAntiEvasionCheckPaws, intrusionPreventionSettingAutoApplyRecommendationsEnabled, firewallSettingReconnaissanceDetectFingerprintProbeEnabled, antiMalwareSettingNsxSecurityTaggingRemoveOnCleanScanEnabled, firewallSettingEngineOptionLogPacketLengthMax, firewallSettingEngineOptionDropTeredoAnomaliesEnabled, webReputationSettingSecurityLevel, firewallSettingEngineOptionDropIpv6SiteLocalAddressesEnabled, activityMonitoringSettingActivityEnabled, firewallSettingEngineOptionStrictTerodoPortCheckEnabled, webReputationSettingBlockedUrlKeywords, webReputationSettingSyslogConfigId, firewallSettingFailureResponsePacketSanityCheck, firewallSettingNetworkEngineMode, firewallSettingEventLogFileSizeMax, antiMalwareSettingMalwareScanMultithreadedProcessingEnabled, firewallSettingReconnaissanceDetectTcpSynFinScanEnabled, firewallSettingEngineOptionDropIpZeroPayloadEnabled, firewallSettingEngineOptionBlockIpv6Agent8AndEarlierEnabled, intrusionPreventionSettingEngineOptionFragmentedIpPacketSendIcmpEnabled, antiMalwareSettingPredictiveMachineLearningExceptions, firewallSettingEngineOptionLogEventsPerSecondMax, firewallSettingEngineOptionSslSessionTime, antiMalwareSettingBehaviorMonitoringScanExclusionList, antiMalwareSettingSmartProtectionGlobalServerEnabled, firewallSettingEngineOptionLogOnePacketWithinPeriodEnabled, firewallSettingEngineOptionGenerateConnectionEventsIcmpEnabled, platformSettingHeartbeatInactiveVmOfflineAlertEnabled, webReputationSettingSmartProtectionWebReputationGlobalServerProxyId, antiMalwareSettingNsxSecurityTaggingEnabled, firewallSettingAntiEvasionCheckFragmentedPackets, firewallSettingEngineOptionConnectionsNumIcmpMax, firewallSettingAntiEvasionCheckTcpSplitHandshake, antiMalwareSettingCombinedModeProtectionSource, firewallSettingEngineOptionEventNodesMax, webReputationSettingMonitorPortListId, applicationControlSettingSyslogConfigId, firewallSettingAntiEvasionCheckOutNoConnection, firewallSettingEngineOptionBlockIpv6Agent9AndLaterEnabled, integrityMonitoringSettingVirtualApplianceOptimizationScanCacheEntriesMax, firewallSettingReconnaissanceNotifyTcpNullScanEnabled, firewallSettingEngineOptionIgnoreStatusCode1, firewallSettingEngineOptionIgnoreStatusCode0, firewallSettingEngineOptionIgnoreStatusCode2, firewallSettingEngineOptionSslSessionSize, antiMalwareSettingScanCacheRealTimeConfigId, platformSettingRecommendationOngoingScansInterval, platformSettingSmartProtectionGlobalServerUseProxyEnabled, firewallSettingInterfaceLimitOneActiveEnabled, firewallSettingAntiEvasionCheckTcpChecksum, firewallSettingEngineOptionDropIpv6ExtType0Enabled, antiMalwareSettingScanFileSizeMaxMbytes, firewallSettingEngineOptionGenerateConnectionEventsTcpEnabled, antiMalwareSettingFileHashSizeMaxMbytes, firewallSettingEventLogFileCachedEntriesLifeTime, platformSettingSmartProtectionGlobalServerProxyId, logInspectionSettingAutoApplyRecommendationsEnabled, antiMalwareSettingConnectedThreatDefenseSuspiciousFileDdanSubmissionEnabled, webReputationSettingBlockingPageLink, firewallSettingSyslogConfigId, platformSettingAgentCommunicationsDirection, integrityMonitoringSettingScanCacheConfigId, antiMalwareSettingDocumentExploitProtectionRuleExceptions, firewallSettingAntiEvasionCheckTcpSynWithData, antiMalwareSettingFileHashEnabled, firewallSettingReconnaissanceBlockFingerprintProbeDuration, firewallSettingEngineOptionDropIpv6BogonsAddressesEnabled, firewallSettingEngineOptionBootStartTimeout, firewallSettingEngineOptionConnectionsNumTcpMax, firewallSettingAntiEvasionSecurityPosture, firewallSettingInterfacePatterns, firewallSettingInterfaceIsolationEnabled, antiMalwareSettingVirtualApplianceRealTimeScanCacheEntriesMax, firewallSettingEventsOutOfAllowedPolicyEnabled, firewallSettingAntiEvasionCheckEvasiveRetransmit, firewallSettingEngineOptionIcmpTimeout, integrityMonitoringSettingSyslogConfigId, firewallSettingEngineOptionConnectionCleanupTimeout, antiMalwareSettingSmartProtectionLocalServerAllowOffDomainGlobal, firewallSettingReconnaissanceNotifyTcpSynFinScanEnabled, firewallSettingEngineOptionErrorTimeout, webReputationSettingAllowedUrls, firewallSettingReconnaissanceNotifyNetworkOrPortScanEnabled, firewallSettingEngineOptionFinWait1Timeout, firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled, activityMonitoringSettingSyslogConfigId, firewallSettingAntiEvasionCheckTcpSynRstFlags, antiMalwareSettingSpywareApprovedList, firewallSettingAntiEvasionCheckTcpUrgentFlags, intrusionPreventionSettingNsxSecurityTaggingDetectModeLevel, intrusionPreventionSettingEngineOptionFragmentedIpUnconcernedMacAddressBypassEnabled, firewallSettingEngineOptionLogAllPacketDataEnabled, firewallSettingAntiEvasionCheckTcpSynFinFlags, platformSettingHeartbeatInterval, firewallSettingEngineOptionFragmentSizeMin, antiMalwareSettingSmartProtectionServerConnectionLostWarningEnabled, firewallSettingReconnaissanceBlockNetworkOrPortScanDuration, integrityMonitoringSettingContentHashAlgorithm, antiMalwareSettingSmartScanState, firewallSettingConfigPackageExceedsAlertMaxEnabled, platformSettingEnvironmentVariableOverrides, firewallSettingEngineOptionFragmentOffsetMin, antiMalwareSettingSmartProtectionLocalServerUrls, firewallSettingEngineOptionSynRcvdTimeout, firewallSettingEventLogFileCachedEntriesNum, firewallSettingEngineOptionForceAllowIcmpType3Code4, firewallSettingReconnaissanceBlockTcpNullScanDuration, platformSettingSmartProtectionGlobalServerEnabled, integrityMonitoringSettingRealtimeEnabled, firewallSettingEngineOptionLastAckTimeout, firewallSettingReconnaissanceExcludeIpListId, platformSettingAgentSelfProtectionEnabled, firewallSettingEngineOptionDropIpv6ReservedAddressesEnabled, firewallSettingAntiEvasionCheckFinNoConnection, firewallSettingEngineOptionDebugPacketNumMax, firewallSettingEngineOptionBypassCiscoWaasConnectionsEnabled, firewallSettingReconnaissanceEnabled, platformSettingHeartbeatLocalTimeShiftAlertThreshold, antiMalwareSettingFileHashMd5Enabled, firewallSettingReconnaissanceDetectNetworkOrPortScanEnabled, firewallSettingEngineOptionSilentTcpConnectionDropEnabled, firewallSettingEngineOptionBlockSameSrcDstIpEnabled, firewallSettingEngineOptionForceAllowDhcpDns, firewallSettingReconnaissanceIncludeIpListId, firewallSettingEngineOptionsEnabled, firewallSettingReconnaissanceBlockTcpSynFinScanDuration, webReputationSettingSecurityBlockUntestedPagesEnabled, webReputationSettingAllowedUrlDomains, firewallSettingEventLogFileIgnoreSourceIpListId, firewallSettingEngineOptionDropIpv6FragmentsLowerThanMinMtuEnabled, platformSettingAutoAssignNewIntrusionPreventionRulesEnabled, firewallSettingAntiEvasionCheckRstNoConnection, webReputationSettingBlockedUrls, platformSettingCombinedModeNetworkGroupProtectionSource, webReputationSettingAlertingEnabled, antiMalwareSettingNsxSecurityTaggingOnRemediationFailureEnabled, integrityMonitoringSettingCpuUsageLevel, platformSettingAutoUpdateAntiMalwareEngineEnabled, intrusionPreventionSettingCombinedModeProtectionSource. | Required |
overrides | Show the value only if defined for the current policy. Possible values are: true, false. Default is false. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.PolicySettings.policyId | integer | Policy Id of a Setting |
TrendMicro.PolicySettings.name | string | Name of a Setting |
TrendMicro.PolicySettings.value | string | Value of a Setting |
#
Command Example!trendmicro-reset-policy-setting name=firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled policy_id=105
#
Context Example#
Human Readable Output#
The Policy Setting
Policy Id Name Value 105 firewallSettingEngineOptionGenerateConnectionEventsUdpEnabled false
#
trendmicro-list-policiesList all existing policies
#
Base Commandtrendmicro-list-policies
#
InputArgument Name | Description | Required |
---|---|---|
overrides | Show only overrides defined for the current policy. Possible values are: true, false. Default is false. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
TrendMicro.Policies.parentID | integer | ID of the parent policy |
TrendMicro.Policies.name | string | Name of the policy |
TrendMicro.Policies.description | string | Description of the policy |
TrendMicro.Policies.recommendationScanMode | string | Enable or disable ongoing recommendation scans for computers assigned this policy |
TrendMicro.Policies.autoRequiresUpdate | string | Automatically update computers assigned this policy when the configuration changes |
#
Command Example!trendmicro-list-policies