summaryrefslogtreecommitdiffstats
path: root/collections-debian-merged/ansible_collections/ibm/qradar/docs
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-14 20:03:01 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-14 20:03:01 +0000
commita453ac31f3428614cceb99027f8efbdb9258a40b (patch)
treef61f87408f32a8511cbd91799f9cececb53e0374 /collections-debian-merged/ansible_collections/ibm/qradar/docs
parentInitial commit. (diff)
downloadansible-upstream.tar.xz
ansible-upstream.zip
Adding upstream version 2.10.7+merged+base+2.10.8+dfsg.upstream/2.10.7+merged+base+2.10.8+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'collections-debian-merged/ansible_collections/ibm/qradar/docs')
-rw-r--r--collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.deploy_module.rst86
-rw-r--r--collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.log_source_management_module.rst184
-rw-r--r--collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.offense_action_module.rst182
-rw-r--r--collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.offense_info_module.rst333
-rw-r--r--collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.offense_note_module.rst94
-rw-r--r--collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.qradar_httpapi.rst43
-rw-r--r--collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.rule_info_module.rst158
-rw-r--r--collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.rule_module.rst128
8 files changed, 1208 insertions, 0 deletions
diff --git a/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.deploy_module.rst b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.deploy_module.rst
new file mode 100644
index 00000000..060f6453
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.deploy_module.rst
@@ -0,0 +1,86 @@
+.. _ibm.qradar.deploy_module:
+
+
+*****************
+ibm.qradar.deploy
+*****************
+
+**Trigger a qradar configuration deployment**
+
+
+Version added: 1.0.0
+
+.. contents::
+ :local:
+ :depth: 1
+
+
+Synopsis
+--------
+- This module allows for INCREMENTAL or FULL deployments
+
+
+
+
+Parameters
+----------
+
+.. raw:: html
+
+ <table border=0 cellpadding=0 class="documentation-table">
+ <tr>
+ <th colspan="1">Parameter</th>
+ <th>Choices/<font color="blue">Defaults</font></th>
+ <th width="100%">Comments</th>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>type</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li><div style="color: blue"><b>INCREMENTAL</b>&nbsp;&larr;</div></li>
+ <li>FULL</li>
+ </ul>
+ </td>
+ <td>
+ <div>Type of deployment</div>
+ </td>
+ </tr>
+ </table>
+ <br/>
+
+
+Notes
+-----
+
+.. note::
+ - This module does not support check mode because the QRadar REST API does not offer stateful inspection of configuration deployments
+
+
+
+Examples
+--------
+
+.. code-block:: yaml+jinja
+
+ - name: run an incremental deploy
+ ibm.qradar.deploy:
+ type: INCREMENTAL
+
+
+
+
+Status
+------
+
+
+Authors
+~~~~~~~
+
+- Ansible Security Automation Team (@maxamillion) <https://github.com/ansible-security>
diff --git a/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.log_source_management_module.rst b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.log_source_management_module.rst
new file mode 100644
index 00000000..9c9bc4e4
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.log_source_management_module.rst
@@ -0,0 +1,184 @@
+.. _ibm.qradar.log_source_management_module:
+
+
+********************************
+ibm.qradar.log_source_management
+********************************
+
+**Manage Log Sources in QRadar**
+
+
+Version added: 1.0.0
+
+.. contents::
+ :local:
+ :depth: 1
+
+
+Synopsis
+--------
+- This module allows for addition, deletion, or modification of Log Sources in QRadar
+
+
+
+
+Parameters
+----------
+
+.. raw:: html
+
+ <table border=0 cellpadding=0 class="documentation-table">
+ <tr>
+ <th colspan="1">Parameter</th>
+ <th>Choices/<font color="blue">Defaults</font></th>
+ <th width="100%">Comments</th>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>description</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ / <span style="color: red">required</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Description of log source</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>identifier</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ / <span style="color: red">required</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Log Source Identifier (Typically IP Address or Hostname of log source)</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>name</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ / <span style="color: red">required</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Name of Log Source</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>protocol_type_id</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">integer</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Type of protocol by id, as defined in QRadar Log Source Types Documentation</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>state</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ / <span style="color: red">required</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li>present</li>
+ <li>absent</li>
+ </ul>
+ </td>
+ <td>
+ <div>Add or remove a log source.</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>type_id</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">integer</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Type of resource by id, as defined in QRadar Log Source Types Documentation</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>type_name</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Type of resource by name</div>
+ </td>
+ </tr>
+ </table>
+ <br/>
+
+
+Notes
+-----
+
+.. note::
+ - Either ``type`` or ``type_id`` is required
+
+
+
+Examples
+--------
+
+.. code-block:: yaml+jinja
+
+ - name: Add a snort log source to IBM QRadar
+ ibm.qradar.log_source_management:
+ name: "Snort logs"
+ type_name: "Snort Open Source IDS"
+ state: present
+ description: "Snort IDS remote logs from rsyslog"
+ identifier: "192.168.1.101"
+
+
+
+
+Status
+------
+
+
+Authors
+~~~~~~~
+
+- Ansible Security Automation Team (@maxamillion) <https://github.com/ansible-security>
diff --git a/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.offense_action_module.rst b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.offense_action_module.rst
new file mode 100644
index 00000000..2fde5b4e
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.offense_action_module.rst
@@ -0,0 +1,182 @@
+.. _ibm.qradar.offense_action_module:
+
+
+*************************
+ibm.qradar.offense_action
+*************************
+
+**Take action on a QRadar Offense**
+
+
+Version added: 1.0.0
+
+.. contents::
+ :local:
+ :depth: 1
+
+
+Synopsis
+--------
+- This module allows to assign, protect, follow up, set status, and assign closing reason to QRadar Offenses
+
+
+
+
+Parameters
+----------
+
+.. raw:: html
+
+ <table border=0 cellpadding=0 class="documentation-table">
+ <tr>
+ <th colspan="1">Parameter</th>
+ <th>Choices/<font color="blue">Defaults</font></th>
+ <th width="100%">Comments</th>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>assigned_to</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Assign to an user, the QRadar username should be provided</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>closing_reason</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Assign a predefined closing reason here, by name.</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>closing_reason_id</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">integer</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Assign a predefined closing reason here, by id.</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>follow_up</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">boolean</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li>no</li>
+ <li>yes</li>
+ </ul>
+ </td>
+ <td>
+ <div>Set or unset the flag to follow up on a QRadar Offense</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>id</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">integer</span>
+ / <span style="color: red">required</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>ID of Offense</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>protected</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">boolean</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li>no</li>
+ <li>yes</li>
+ </ul>
+ </td>
+ <td>
+ <div>Set or unset the flag to protect a QRadar Offense</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>status</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li>open</li>
+ <li>OPEN</li>
+ <li>hidden</li>
+ <li>HIDDEN</li>
+ <li>closed</li>
+ <li>CLOSED</li>
+ </ul>
+ </td>
+ <td>
+ <div>One of &quot;open&quot;, &quot;hidden&quot; or &quot;closed&quot;. (Either all lower case or all caps)</div>
+ </td>
+ </tr>
+ </table>
+ <br/>
+
+
+Notes
+-----
+
+.. note::
+ - Requires one of ``name`` or ``id`` be provided
+ - Only one of ``closing_reason`` or ``closing_reason_id`` can be provided
+
+
+
+
+
+
+
+Status
+------
+
+
+Authors
+~~~~~~~
+
+- Ansible Security Automation Team (@maxamillion) <https://github.com/ansible-security>
diff --git a/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.offense_info_module.rst b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.offense_info_module.rst
new file mode 100644
index 00000000..a36d77dd
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.offense_info_module.rst
@@ -0,0 +1,333 @@
+.. _ibm.qradar.offense_info_module:
+
+
+***********************
+ibm.qradar.offense_info
+***********************
+
+**Obtain information about one or many QRadar Offenses, with filter options**
+
+
+Version added: 1.0.0
+
+.. contents::
+ :local:
+ :depth: 1
+
+
+Synopsis
+--------
+- This module allows to obtain information about one or many QRadar Offenses, with filter options
+
+
+
+
+Parameters
+----------
+
+.. raw:: html
+
+ <table border=0 cellpadding=0 class="documentation-table">
+ <tr>
+ <th colspan="1">Parameter</th>
+ <th>Choices/<font color="blue">Defaults</font></th>
+ <th width="100%">Comments</th>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>assigned_to</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Obtain only information of Offenses assigned to a certain user</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>closing_reason</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Obtain only information of Offenses that were closed by a specific closing reason</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>closing_reason_id</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">integer</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Obtain only information of Offenses that were closed by a specific closing reason ID</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>follow_up</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">boolean</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li>no</li>
+ <li>yes</li>
+ </ul>
+ </td>
+ <td>
+ <div>Obtain only information of Offenses that are marked with the follow up flag</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>id</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">integer</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Obtain only information of the Offense with provided ID</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>name</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Obtain only information of the Offense that matches the provided name</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>protected</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">boolean</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li>no</li>
+ <li>yes</li>
+ </ul>
+ </td>
+ <td>
+ <div>Obtain only information of Offenses that are protected</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>status</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li><div style="color: blue"><b>open</b>&nbsp;&larr;</div></li>
+ <li>OPEN</li>
+ <li>hidden</li>
+ <li>HIDDEN</li>
+ <li>closed</li>
+ <li>CLOSED</li>
+ </ul>
+ </td>
+ <td>
+ <div>Obtain only information of Offenses of a certain status</div>
+ </td>
+ </tr>
+ </table>
+ <br/>
+
+
+Notes
+-----
+
+.. note::
+ - You may provide many filters and they will all be applied, except for ``id`` as that will return only
+
+
+
+Examples
+--------
+
+.. code-block:: yaml+jinja
+
+ - name: Get list of all currently OPEN IBM QRadar Offenses
+ ibm.qradar.offense_info:
+ status: OPEN
+ register: offense_list
+
+ - name: display offense information for debug purposes
+ debug:
+ var: offense_list
+
+
+
+Return Values
+-------------
+Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module:
+
+.. raw:: html
+
+ <table border=0 cellpadding=0 class="documentation-table">
+ <tr>
+ <th colspan="3">Key</th>
+ <th>Returned</th>
+ <th width="100%">Description</th>
+ </tr>
+ <tr>
+ <td colspan="3">
+ <div class="ansibleOptionAnchor" id="return-"></div>
+ <b>offenses</b>
+ <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
+ <div style="font-size: small">
+ <span style="color: purple">list</span>
+ / <span style="color: purple">elements=dictionary</span>
+ </div>
+ </td>
+ <td>always</td>
+ <td>
+ <div>Information</div>
+ <br/>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder">&nbsp;</td>
+ <td colspan="2">
+ <div class="ansibleOptionAnchor" id="return-"></div>
+ <b>qradar_offenses</b>
+ <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
+ <div style="font-size: small">
+ <span style="color: purple">complex</span>
+ </div>
+ </td>
+ <td>always</td>
+ <td>
+ <div>IBM QRadar Offenses found based on provided filters</div>
+ <br/>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder">&nbsp;</td>
+ <td class="elbow-placeholder">&nbsp;</td>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="return-"></div>
+ <b>name</b>
+ <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>always</td>
+ <td>
+ <div>Name of the service.</div>
+ <br/>
+ <div style="font-size: smaller"><b>Sample:</b></div>
+ <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">arp-ethers.service</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder">&nbsp;</td>
+ <td class="elbow-placeholder">&nbsp;</td>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="return-"></div>
+ <b>source</b>
+ <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>always</td>
+ <td>
+ <div>Init system of the service. One of <code>systemd</code>, <code>sysv</code>, <code>upstart</code>.</div>
+ <br/>
+ <div style="font-size: smaller"><b>Sample:</b></div>
+ <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">sysv</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder">&nbsp;</td>
+ <td class="elbow-placeholder">&nbsp;</td>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="return-"></div>
+ <b>state</b>
+ <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>always</td>
+ <td>
+ <div>State of the service. Either <code>running</code>, <code>stopped</code>, or <code>unknown</code>.</div>
+ <br/>
+ <div style="font-size: smaller"><b>Sample:</b></div>
+ <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">running</div>
+ </td>
+ </tr>
+ <tr>
+ <td class="elbow-placeholder">&nbsp;</td>
+ <td class="elbow-placeholder">&nbsp;</td>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="return-"></div>
+ <b>status</b>
+ <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>systemd systems or RedHat/SUSE flavored sysvinit/upstart</td>
+ <td>
+ <div>State of the service. Either <code>enabled</code>, <code>disabled</code>, or <code>unknown</code>.</div>
+ <br/>
+ <div style="font-size: smaller"><b>Sample:</b></div>
+ <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">enabled</div>
+ </td>
+ </tr>
+
+
+ </table>
+ <br/><br/>
+
+
+Status
+------
+
+
+Authors
+~~~~~~~
+
+- Ansible Security Automation Team (@maxamillion) <https://github.com/ansible-security>
diff --git a/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.offense_note_module.rst b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.offense_note_module.rst
new file mode 100644
index 00000000..796b3fa7
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.offense_note_module.rst
@@ -0,0 +1,94 @@
+.. _ibm.qradar.offense_note_module:
+
+
+***********************
+ibm.qradar.offense_note
+***********************
+
+**Create or update a QRadar Offense Note**
+
+
+Version added: 1.0.0
+
+.. contents::
+ :local:
+ :depth: 1
+
+
+Synopsis
+--------
+- This module allows to create a QRadar Offense note
+
+
+
+
+Parameters
+----------
+
+.. raw:: html
+
+ <table border=0 cellpadding=0 class="documentation-table">
+ <tr>
+ <th colspan="1">Parameter</th>
+ <th>Choices/<font color="blue">Defaults</font></th>
+ <th width="100%">Comments</th>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>id</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">integer</span>
+ / <span style="color: red">required</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Offense ID to operate on</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>note_text</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ / <span style="color: red">required</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>The note&#x27;s text contents</div>
+ </td>
+ </tr>
+ </table>
+ <br/>
+
+
+
+
+Examples
+--------
+
+.. code-block:: yaml+jinja
+
+ - name: Add a note to QRadar Offense ID 1
+ ibm.qradar.offense_note:
+ id: 1
+ note_text: This an example note entry that should be made on offense id 1
+
+
+
+
+Status
+------
+
+
+Authors
+~~~~~~~
+
+- Ansible Security Automation Team (@maxamillion) <https://github.com/ansible-security>
diff --git a/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.qradar_httpapi.rst b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.qradar_httpapi.rst
new file mode 100644
index 00000000..c80094b0
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.qradar_httpapi.rst
@@ -0,0 +1,43 @@
+.. _ibm.qradar.qradar_httpapi:
+
+
+*****************
+ibm.qradar.qradar
+*****************
+
+**HttpApi Plugin for IBM QRadar**
+
+
+Version added: 1.0
+
+.. contents::
+ :local:
+ :depth: 1
+
+
+Synopsis
+--------
+- This HttpApi plugin provides methods to connect to IBM QRadar over a HTTP(S)-based api.
+
+
+
+
+
+
+
+
+
+
+
+Status
+------
+
+
+Authors
+~~~~~~~
+
+- Ansible Security Automation Team
+
+
+.. hint::
+ Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up.
diff --git a/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.rule_info_module.rst b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.rule_info_module.rst
new file mode 100644
index 00000000..04558269
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.rule_info_module.rst
@@ -0,0 +1,158 @@
+.. _ibm.qradar.rule_info_module:
+
+
+********************
+ibm.qradar.rule_info
+********************
+
+**Obtain information about one or many QRadar Rules, with filter options**
+
+
+Version added: 1.0.0
+
+.. contents::
+ :local:
+ :depth: 1
+
+
+Synopsis
+--------
+- This module obtains information about one or many QRadar Rules, with filter options
+
+
+
+
+Parameters
+----------
+
+.. raw:: html
+
+ <table border=0 cellpadding=0 class="documentation-table">
+ <tr>
+ <th colspan="1">Parameter</th>
+ <th>Choices/<font color="blue">Defaults</font></th>
+ <th width="100%">Comments</th>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>id</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">integer</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Obtain only information of the Rule with provided ID</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>name</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Obtain only information of the Rule that matches the provided name</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>origin</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li>SYSTEM</li>
+ <li>OVERRIDE</li>
+ <li>USER</li>
+ </ul>
+ </td>
+ <td>
+ <div>Obtain only information of Rules that are of a certain origin</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>owner</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Obtain only information of Rules owned by a certain user</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>type</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li>EVENT</li>
+ <li>FLOW</li>
+ <li>COMMON</li>
+ <li>USER</li>
+ </ul>
+ </td>
+ <td>
+ <div>Obtain only information for the Rules of a certain type</div>
+ </td>
+ </tr>
+ </table>
+ <br/>
+
+
+Notes
+-----
+
+.. note::
+ - You may provide many filters and they will all be applied, except for ``id`` as that will return only the Rule identified by the unique ID provided.
+
+
+
+Examples
+--------
+
+.. code-block:: yaml+jinja
+
+ - name: Get information about the Rule named "Custom Company DDoS Rule"
+ ibm.qradar.rule_info:
+ name: "Custom Company DDoS Rule"
+ register: custom_ddos_rule_info
+
+ - name: debugging output of the custom_ddos_rule_info registered variable
+ debug:
+ var: custom_ddos_rule_info
+
+
+
+
+Status
+------
+
+
+Authors
+~~~~~~~
+
+- Ansible Security Automation Team (@maxamillion) <https://github.com/ansible-security>"
diff --git a/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.rule_module.rst b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.rule_module.rst
new file mode 100644
index 00000000..fd127dc5
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/ibm/qradar/docs/ibm.qradar.rule_module.rst
@@ -0,0 +1,128 @@
+.. _ibm.qradar.rule_module:
+
+
+***************
+ibm.qradar.rule
+***************
+
+**Manage state of QRadar Rules, with filter options**
+
+
+Version added: 1.0.0
+
+.. contents::
+ :local:
+ :depth: 1
+
+
+Synopsis
+--------
+- Manage state of QRadar Rules, with filter options
+
+
+
+
+Parameters
+----------
+
+.. raw:: html
+
+ <table border=0 cellpadding=0 class="documentation-table">
+ <tr>
+ <th colspan="1">Parameter</th>
+ <th>Choices/<font color="blue">Defaults</font></th>
+ <th width="100%">Comments</th>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>id</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">integer</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Manage state of a QRadar Rule by ID</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>name</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Manage state of a QRadar Rule by name</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>owner</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ </div>
+ </td>
+ <td>
+ </td>
+ <td>
+ <div>Manage ownership of a QRadar Rule</div>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="1">
+ <div class="ansibleOptionAnchor" id="parameter-"></div>
+ <b>state</b>
+ <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+ <div style="font-size: small">
+ <span style="color: purple">string</span>
+ / <span style="color: red">required</span>
+ </div>
+ </td>
+ <td>
+ <ul style="margin: 0; padding: 0"><b>Choices:</b>
+ <li>enabled</li>
+ <li>disabled</li>
+ <li>absent</li>
+ </ul>
+ </td>
+ <td>
+ <div>Manage state of a QRadar Rule</div>
+ </td>
+ </tr>
+ </table>
+ <br/>
+
+
+
+
+Examples
+--------
+
+.. code-block:: yaml+jinja
+
+ - name: Enable Rule 'Ansible Example DDoS Rule'
+ qradar_rule:
+ name: 'Ansible Example DDOS Rule'
+ state: enabled
+
+
+
+
+Status
+------
+
+
+Authors
+~~~~~~~
+
+- Ansible Security Automation Team (@maxamillion) <https://github.com/ansible-security>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-13 04:15:23 +0000