summaryrefslogtreecommitdiffstats
path: root/ansible_collections/ibm/qradar/plugins/modules
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-05 16:18:34 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-05 16:18:34 +0000
commit3667197efb7b18ec842efd504785965911f8ac4b (patch)
tree0b986a4bc6879d080b100666a97cdabbc9ca1f28 /ansible_collections/ibm/qradar/plugins/modules
parentAdding upstream version 9.5.1+dfsg. (diff)
downloadansible-upstream/10.0.0+dfsg.tar.xz
ansible-upstream/10.0.0+dfsg.zip
Adding upstream version 10.0.0+dfsg.upstream/10.0.0+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/ibm/qradar/plugins/modules')
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/deploy.py17
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/log_source_management.py64
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/offense_action.py39
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/offense_info.py28
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/offense_note.py25
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/qradar_analytics_rules.py6
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/qradar_deploy.py17
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/qradar_log_source_management.py64
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/qradar_log_sources_management.py3
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/qradar_offense_action.py39
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/qradar_offense_info.py28
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/qradar_offense_note.py25
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/qradar_rule.py59
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/qradar_rule_info.py24
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/rule.py59
-rw-r--r--ansible_collections/ibm/qradar/plugins/modules/rule_info.py24
16 files changed, 253 insertions, 268 deletions
diff --git a/ansible_collections/ibm/qradar/plugins/modules/deploy.py b/ansible_collections/ibm/qradar/plugins/modules/deploy.py
index dc41acd99..40bb41244 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/deploy.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/deploy.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -37,22 +38,19 @@ EXAMPLES = """
type: INCREMENTAL
"""
-from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils._text import to_text
+from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
- QRadarRequest,
-)
+from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest
def main():
-
argspec = dict(
type=dict(
choices=["INCREMENTAL", "FULL"],
required=False,
default="INCREMENTAL",
- )
+ ),
)
module = AnsibleModule(argument_spec=argspec, supports_check_mode=False)
@@ -63,12 +61,11 @@ def main():
)
qradar_return_data = qradar_request.post_by_path(
- "api/staged_config/deploy_status"
+ "api/staged_config/deploy_status",
)
if "message" in qradar_return_data and (
- to_text("No changes to deploy")
- in to_text(qradar_return_data["message"])
+ to_text("No changes to deploy") in to_text(qradar_return_data["message"])
):
module.exit_json(
msg="No changes to deploy",
@@ -78,7 +75,7 @@ def main():
else:
module.exit_json(
msg="Successfully initiated {0} deployment.".format(
- module.params["type"]
+ module.params["type"],
),
qradar_return_data=qradar_return_data,
changed=True,
diff --git a/ansible_collections/ibm/qradar/plugins/modules/log_source_management.py b/ansible_collections/ibm/qradar/plugins/modules/log_source_management.py
index fa793a596..18f2a7ecd 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/log_source_management.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/log_source_management.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -73,31 +74,31 @@ EXAMPLES = """
identifier: "192.168.1.101"
"""
-from ansible.module_utils.basic import AnsibleModule
-from ansible.module_utils._text import to_text
+import json
+from ansible.module_utils._text import to_text
+from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.six.moves.urllib.parse import quote
+
from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
QRadarRequest,
find_dict_in_list,
)
-import json
-
def set_log_source_values(module, qradar_request):
if module.params["type_name"]:
code, query_response = qradar_request.get(
"/api/config/event_sources/log_source_management/log_source_types?filter={0}".format(
- quote('name="{0}"'.format(module.params["type_name"]))
- )
+ quote('name="{0}"'.format(module.params["type_name"])),
+ ),
)
log_source_type_found = query_response[0]
if module.params["type_id"]:
code, query_response = qradar_request.get(
"/api/config/event_sources/log_source_management/log_source_types?filter={0}".format(
- quote('name="{0}"'.format(module.params["type_name"]))
- )
+ quote('name="{0}"'.format(module.params["type_name"])),
+ ),
)
code, log_source_type_found = query_response[0]
if log_source_type_found:
@@ -105,7 +106,7 @@ def set_log_source_values(module, qradar_request):
module.params["type_id"] = log_source_type_found["id"]
else:
module.fail_json(
- msg="Incompatible type provided, please consult QRadar Documentation for Log Source Types"
+ msg="Incompatible type provided, please consult QRadar Documentation for Log Source Types",
)
if module.params["protocol_type_id"]:
@@ -116,25 +117,24 @@ def set_log_source_values(module, qradar_request):
)
if not found_dict_in_list:
module.fail_json(
- msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types"
+ msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types",
)
else:
# Set it to the default as provided by the QRadar Instance
- module.params["protocol_type_id"] = log_source_type_found[
- "protocol_types"
- ][0]["protocol_id"]
+ module.params["protocol_type_id"] = log_source_type_found["protocol_types"][0][
+ "protocol_id"
+ ]
module.params["protocol_parameters"] = [
{
"id": module.params["protocol_type_id"],
"name": "identifier",
"value": module.params["identifier"],
- }
+ },
]
def main():
-
argspec = dict(
name=dict(required=True, type="str"),
state=dict(choices=["present", "absent"], required=True),
@@ -159,12 +159,11 @@ def main():
code, log_source_exists = qradar_request.get(
"/api/config/event_sources/log_source_management/log_sources?filter={0}".format(
- quote('name="{0}"'.format(module.params["name"]))
- )
+ quote('name="{0}"'.format(module.params["name"])),
+ ),
)
if log_source_exists:
-
if module.params["state"] == "present":
(
existing_log_source_protocol_identifier,
@@ -178,8 +177,7 @@ def main():
set_log_source_values(module, qradar_request)
comparison_map = [
- existing_log_source_protocol_identifier["value"]
- == module.params["identifier"],
+ existing_log_source_protocol_identifier["value"] == module.params["identifier"],
log_source_exists[0]["name"] == module.params["name"],
log_source_exists[0]["type_id"] == module.params["type_id"],
to_text(log_source_exists[0]["description"])
@@ -189,17 +187,15 @@ def main():
if all(comparison_map):
module.exit_json(changed=False, msg="Nothing to do.")
else:
- log_source_exists[0]["protocol_parameters"][
- _elspi_index
- ] = module.params["protocol_parameters"][0]
+ log_source_exists[0]["protocol_parameters"][_elspi_index] = module.params[
+ "protocol_parameters"
+ ][0]
log_source_exists[0]["name"] = module.params["name"]
log_source_exists[0]["type_id"] = module.params["type_id"]
- log_source_exists[0]["description"] = module.params[
- "description"
- ]
+ log_source_exists[0]["description"] = module.params["description"]
if module.check_mode:
qradar_return_data = {
- "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE"
+ "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE",
}
else:
code, qradar_return_data = qradar_request.create_update(
@@ -209,7 +205,7 @@ def main():
module.exit_json(
msg="Successfully updated log source: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -218,18 +214,18 @@ def main():
if module.params["state"] == "absent":
if module.check_mode:
qradar_return_data = {
- "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE"
+ "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE",
}
else:
code, qradar_return_data = qradar_request.delete(
"/api/config/event_sources/log_source_management/log_sources/{0}".format(
- log_source_exists[0]["id"]
- )
+ log_source_exists[0]["id"],
+ ),
)
module.exit_json(
msg="Successfully deleted log source: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -239,7 +235,7 @@ def main():
set_log_source_values(module, qradar_request)
if module.check_mode:
qradar_return_data = {
- "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE"
+ "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE",
}
else:
code, qradar_return_data = qradar_request.create_update(
@@ -249,7 +245,7 @@ def main():
module.exit_json(
msg="Successfully created log source: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data=qradar_return_data,
changed=True,
diff --git a/ansible_collections/ibm/qradar/plugins/modules/offense_action.py b/ansible_collections/ibm/qradar/plugins/modules/offense_action.py
index 784f1e7b1..4944f4627 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/offense_action.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/offense_action.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -72,8 +73,8 @@ author: Ansible Security Automation Team (@maxamillion) <https://github.com/ansi
EXAMPLES = """
"""
-from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils._text import to_text
+from ansible.module_utils.basic import AnsibleModule
from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
QRadarRequest,
@@ -82,7 +83,6 @@ from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
def main():
-
argspec = dict(
# name=dict(required=False, type='str'),
# id=dict(required=False, type='str'),
@@ -118,7 +118,7 @@ def main():
# found_offense = qradar_request.get('/api/siem/offenses?filter={0}'.format(module.params['name']))
code, found_offense = qradar_request.get(
- "/api/siem/offenses/{0}".format(module.params["id"])
+ "/api/siem/offenses/{0}".format(module.params["id"]),
)
if found_offense:
@@ -127,43 +127,40 @@ def main():
post_strs = []
if module.params["status"] and (
- to_text(found_offense["status"])
- != to_text(module.params["status"])
+ to_text(found_offense["status"]) != to_text(module.params["status"])
):
post_strs.append(
- "status={0}".format(to_text(module.params["status"]))
+ "status={0}".format(to_text(module.params["status"])),
)
if module.params["assigned_to"] and (
- to_text(found_offense["assigned_to"])
- != to_text(module.params["assigned_to"])
+ to_text(found_offense["assigned_to"]) != to_text(module.params["assigned_to"])
):
post_strs.append(
- "assigned_to={0}".format(module.params["assigned_to"])
+ "assigned_to={0}".format(module.params["assigned_to"]),
)
if module.params["closing_reason_id"] and (
- found_offense["closing_reason_id"]
- != module.params["closing_reason_id"]
+ found_offense["closing_reason_id"] != module.params["closing_reason_id"]
):
post_strs.append(
"closing_reason_id={0}".format(
- module.params["closing_reason_id"]
- )
+ module.params["closing_reason_id"],
+ ),
)
if module.params["follow_up"] and (
found_offense["follow_up"] != module.params["follow_up"]
):
post_strs.append(
- "follow_up={0}".format(module.params["follow_up"])
+ "follow_up={0}".format(module.params["follow_up"]),
)
if module.params["protected"] and (
found_offense["protected"] != module.params["protected"]
):
post_strs.append(
- "protected={0}".format(module.params["protected"])
+ "protected={0}".format(module.params["protected"]),
)
if post_strs:
@@ -175,25 +172,27 @@ def main():
qradar_return_data = qradar_request.post_by_path(
"api/siem/offenses/{0}?{1}".format(
- module.params["id"], "&".join(post_strs)
- )
+ module.params["id"],
+ "&".join(post_strs),
+ ),
)
# FIXME - handle the scenario in which we can search by name and this isn't a required param anymore
module.exit_json(
msg="Successfully updated Offense ID: {0}".format(
- module.params["id"]
+ module.params["id"],
),
qradar_return_data=qradar_return_data,
changed=True,
)
else:
module.exit_json(
- msg="No changes necessary. Nothing to do.", changed=False
+ msg="No changes necessary. Nothing to do.",
+ changed=False,
)
else:
# FIXME - handle the scenario in which we can search by name and this isn't a required param anymore
module.fail_json(
- msg="Unable to find Offense ID: {0}".format(module.params["id"])
+ msg="Unable to find Offense ID: {0}".format(module.params["id"]),
)
diff --git a/ansible_collections/ibm/qradar/plugins/modules/offense_info.py b/ansible_collections/ibm/qradar/plugins/modules/offense_info.py
index 1ead8a1ae..1b5ae67c7 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/offense_info.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/offense_info.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -113,10 +114,10 @@ EXAMPLES = """
var: offense_list
"""
-from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils._text import to_text
-
+from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.six.moves.urllib.parse import quote
+
from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
QRadarRequest,
find_dict_in_list,
@@ -125,7 +126,6 @@ from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
def main():
-
argspec = dict(
id=dict(required=False, type="int"),
name=dict(required=False, type="str"),
@@ -158,7 +158,7 @@ def main():
if module.params["id"]:
code, offenses = qradar_request.get(
- "/api/siem/offenses/{0}".format(module.params["id"])
+ "/api/siem/offenses/{0}".format(module.params["id"]),
)
else:
@@ -166,43 +166,45 @@ def main():
if module.params["status"]:
query_strs.append(
- quote("status={0}".format(to_text(module.params["status"])))
+ quote("status={0}".format(to_text(module.params["status"]))),
)
if module.params["assigned_to"]:
query_strs.append(
- quote("assigned_to={0}".format(module.params["assigned_to"]))
+ quote("assigned_to={0}".format(module.params["assigned_to"])),
)
if module.params["closing_reason_id"]:
query_strs.append(
quote(
"closing_reason_id={0}".format(
- module.params["closing_reason_id"]
- )
- )
+ module.params["closing_reason_id"],
+ ),
+ ),
)
if module.params["follow_up"] is not None:
query_strs.append(
- quote("follow_up={0}".format(module.params["follow_up"]))
+ quote("follow_up={0}".format(module.params["follow_up"])),
)
if module.params["protected"] is not None:
query_strs.append(
- quote("protected={0}".format(module.params["protected"]))
+ quote("protected={0}".format(module.params["protected"])),
)
if query_strs:
code, offenses = qradar_request.get(
- "/api/siem/offenses?filter={0}".format("&".join(query_strs))
+ "/api/siem/offenses?filter={0}".format("&".join(query_strs)),
)
else:
code, offenses = qradar_request.get("/api/siem/offenses")
if module.params["name"]:
named_offense = find_dict_in_list(
- offenses, "description", module.params["name"]
+ offenses,
+ "description",
+ module.params["name"],
)
if named_offense:
offenses = named_offense
diff --git a/ansible_collections/ibm/qradar/plugins/modules/offense_note.py b/ansible_collections/ibm/qradar/plugins/modules/offense_note.py
index 53b6ec95c..2cda42c69 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/offense_note.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/offense_note.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -53,27 +54,25 @@ EXAMPLES = """
"""
from ansible.module_utils.basic import AnsibleModule
-
from ansible.module_utils.six.moves.urllib.parse import quote
-from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
- QRadarRequest,
-)
+
+from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest
def set_offense_values(module, qradar_request):
if module.params["closing_reason"]:
code, found_closing_reason = qradar_request.get(
"/api/siem/offense_closing_reasons?filter={0}".format(
- quote('text="{0}"'.format(module.params["closing_reason"]))
- )
+ quote('text="{0}"'.format(module.params["closing_reason"])),
+ ),
)
if found_closing_reason:
module.params["closing_reason_id"] = found_closing_reason[0]["id"]
else:
module.fail_json(
"Unable to find closing_reason text: {0}".format(
- module.params["closing_reason"]
- )
+ module.params["closing_reason"],
+ ),
)
if module.params["status"]:
@@ -81,7 +80,6 @@ def set_offense_values(module, qradar_request):
def main():
-
argspec = dict(
# state=dict(required=False, choices=["present", "absent"], type='str', default="present"),
id=dict(required=True, type="int"),
@@ -104,7 +102,7 @@ def main():
"/api/siem/offenses/{0}/notes?filter={1}".format(
module.params["id"],
quote('note_text="{0}"'.format(module.params["note_text"])),
- )
+ ),
)
# if module.params['state'] == 'present':
@@ -115,7 +113,8 @@ def main():
note = found_notes[0]
if note["note_text"] == module.params["note_text"]:
module.exit_json(
- msg="No changes necessary. Nothing to do.", changed=False
+ msg="No changes necessary. Nothing to do.",
+ changed=False,
)
else:
if module.check_mode:
@@ -133,7 +132,7 @@ def main():
)
module.exit_json(
msg="Successfully created Offense Note ID: {0}".format(
- qradar_return_data["id"]
+ qradar_return_data["id"],
),
qradar_return_data=qradar_return_data,
changed=False,
@@ -155,7 +154,7 @@ def main():
)
module.exit_json(
msg="Successfully created Offense Note ID: {0}".format(
- qradar_return_data["id"]
+ qradar_return_data["id"],
),
qradar_return_data=qradar_return_data,
changed=True,
diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_analytics_rules.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_analytics_rules.py
index 8f65069f5..812b15e51 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/qradar_analytics_rules.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_analytics_rules.py
@@ -4,6 +4,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -123,7 +124,7 @@ EXAMPLES = """
# Using GATHERED state
# --------------------
-- name: Get information about the Rule named "Ansible Example DDOS Rule"
+- name: Get information about the Rule named "Ansible Example DDOS Rule"
ibm.qradar.qradar_analytics_rules:
config:
name: "Ansible Example DDOS Rule"
@@ -148,7 +149,7 @@ EXAMPLES = """
# owner: admin
# type: EVENT
-- name: Get information about the Rule with ID 100443
+- name: Get information about the Rule with ID 100443
ibm.qradar.qradar_analytics_rules:
config:
id: 100443
@@ -262,7 +263,6 @@ EXAMPLES = """
# origin: USER
# owner: admin
# type: EVENT
-
"""
RETURN = """
diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_deploy.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_deploy.py
index dc41acd99..40bb41244 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/qradar_deploy.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_deploy.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -37,22 +38,19 @@ EXAMPLES = """
type: INCREMENTAL
"""
-from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils._text import to_text
+from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
- QRadarRequest,
-)
+from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest
def main():
-
argspec = dict(
type=dict(
choices=["INCREMENTAL", "FULL"],
required=False,
default="INCREMENTAL",
- )
+ ),
)
module = AnsibleModule(argument_spec=argspec, supports_check_mode=False)
@@ -63,12 +61,11 @@ def main():
)
qradar_return_data = qradar_request.post_by_path(
- "api/staged_config/deploy_status"
+ "api/staged_config/deploy_status",
)
if "message" in qradar_return_data and (
- to_text("No changes to deploy")
- in to_text(qradar_return_data["message"])
+ to_text("No changes to deploy") in to_text(qradar_return_data["message"])
):
module.exit_json(
msg="No changes to deploy",
@@ -78,7 +75,7 @@ def main():
else:
module.exit_json(
msg="Successfully initiated {0} deployment.".format(
- module.params["type"]
+ module.params["type"],
),
qradar_return_data=qradar_return_data,
changed=True,
diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_log_source_management.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_log_source_management.py
index fa793a596..18f2a7ecd 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/qradar_log_source_management.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_log_source_management.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -73,31 +74,31 @@ EXAMPLES = """
identifier: "192.168.1.101"
"""
-from ansible.module_utils.basic import AnsibleModule
-from ansible.module_utils._text import to_text
+import json
+from ansible.module_utils._text import to_text
+from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.six.moves.urllib.parse import quote
+
from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
QRadarRequest,
find_dict_in_list,
)
-import json
-
def set_log_source_values(module, qradar_request):
if module.params["type_name"]:
code, query_response = qradar_request.get(
"/api/config/event_sources/log_source_management/log_source_types?filter={0}".format(
- quote('name="{0}"'.format(module.params["type_name"]))
- )
+ quote('name="{0}"'.format(module.params["type_name"])),
+ ),
)
log_source_type_found = query_response[0]
if module.params["type_id"]:
code, query_response = qradar_request.get(
"/api/config/event_sources/log_source_management/log_source_types?filter={0}".format(
- quote('name="{0}"'.format(module.params["type_name"]))
- )
+ quote('name="{0}"'.format(module.params["type_name"])),
+ ),
)
code, log_source_type_found = query_response[0]
if log_source_type_found:
@@ -105,7 +106,7 @@ def set_log_source_values(module, qradar_request):
module.params["type_id"] = log_source_type_found["id"]
else:
module.fail_json(
- msg="Incompatible type provided, please consult QRadar Documentation for Log Source Types"
+ msg="Incompatible type provided, please consult QRadar Documentation for Log Source Types",
)
if module.params["protocol_type_id"]:
@@ -116,25 +117,24 @@ def set_log_source_values(module, qradar_request):
)
if not found_dict_in_list:
module.fail_json(
- msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types"
+ msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types",
)
else:
# Set it to the default as provided by the QRadar Instance
- module.params["protocol_type_id"] = log_source_type_found[
- "protocol_types"
- ][0]["protocol_id"]
+ module.params["protocol_type_id"] = log_source_type_found["protocol_types"][0][
+ "protocol_id"
+ ]
module.params["protocol_parameters"] = [
{
"id": module.params["protocol_type_id"],
"name": "identifier",
"value": module.params["identifier"],
- }
+ },
]
def main():
-
argspec = dict(
name=dict(required=True, type="str"),
state=dict(choices=["present", "absent"], required=True),
@@ -159,12 +159,11 @@ def main():
code, log_source_exists = qradar_request.get(
"/api/config/event_sources/log_source_management/log_sources?filter={0}".format(
- quote('name="{0}"'.format(module.params["name"]))
- )
+ quote('name="{0}"'.format(module.params["name"])),
+ ),
)
if log_source_exists:
-
if module.params["state"] == "present":
(
existing_log_source_protocol_identifier,
@@ -178,8 +177,7 @@ def main():
set_log_source_values(module, qradar_request)
comparison_map = [
- existing_log_source_protocol_identifier["value"]
- == module.params["identifier"],
+ existing_log_source_protocol_identifier["value"] == module.params["identifier"],
log_source_exists[0]["name"] == module.params["name"],
log_source_exists[0]["type_id"] == module.params["type_id"],
to_text(log_source_exists[0]["description"])
@@ -189,17 +187,15 @@ def main():
if all(comparison_map):
module.exit_json(changed=False, msg="Nothing to do.")
else:
- log_source_exists[0]["protocol_parameters"][
- _elspi_index
- ] = module.params["protocol_parameters"][0]
+ log_source_exists[0]["protocol_parameters"][_elspi_index] = module.params[
+ "protocol_parameters"
+ ][0]
log_source_exists[0]["name"] = module.params["name"]
log_source_exists[0]["type_id"] = module.params["type_id"]
- log_source_exists[0]["description"] = module.params[
- "description"
- ]
+ log_source_exists[0]["description"] = module.params["description"]
if module.check_mode:
qradar_return_data = {
- "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE"
+ "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE",
}
else:
code, qradar_return_data = qradar_request.create_update(
@@ -209,7 +205,7 @@ def main():
module.exit_json(
msg="Successfully updated log source: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -218,18 +214,18 @@ def main():
if module.params["state"] == "absent":
if module.check_mode:
qradar_return_data = {
- "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE"
+ "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE",
}
else:
code, qradar_return_data = qradar_request.delete(
"/api/config/event_sources/log_source_management/log_sources/{0}".format(
- log_source_exists[0]["id"]
- )
+ log_source_exists[0]["id"],
+ ),
)
module.exit_json(
msg="Successfully deleted log source: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -239,7 +235,7 @@ def main():
set_log_source_values(module, qradar_request)
if module.check_mode:
qradar_return_data = {
- "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE"
+ "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE",
}
else:
code, qradar_return_data = qradar_request.create_update(
@@ -249,7 +245,7 @@ def main():
module.exit_json(
msg="Successfully created log source: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data=qradar_return_data,
changed=True,
diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_log_sources_management.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_log_sources_management.py
index e5ba46a0b..646795cd7 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/qradar_log_sources_management.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_log_sources_management.py
@@ -4,6 +4,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -253,7 +254,7 @@ EXAMPLES = """
- name: "Apache HTTP Server logs"
type_name: "Apache HTTP Server"
description: "REPLACED Apache HTTP Server remote logs from rsyslog"
- identifier: "192.0.2.1"
+ identifier: "192.0.2.1"
# RUN output:
# -----------
diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_action.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_action.py
index 784f1e7b1..4944f4627 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_action.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_action.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -72,8 +73,8 @@ author: Ansible Security Automation Team (@maxamillion) <https://github.com/ansi
EXAMPLES = """
"""
-from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils._text import to_text
+from ansible.module_utils.basic import AnsibleModule
from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
QRadarRequest,
@@ -82,7 +83,6 @@ from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
def main():
-
argspec = dict(
# name=dict(required=False, type='str'),
# id=dict(required=False, type='str'),
@@ -118,7 +118,7 @@ def main():
# found_offense = qradar_request.get('/api/siem/offenses?filter={0}'.format(module.params['name']))
code, found_offense = qradar_request.get(
- "/api/siem/offenses/{0}".format(module.params["id"])
+ "/api/siem/offenses/{0}".format(module.params["id"]),
)
if found_offense:
@@ -127,43 +127,40 @@ def main():
post_strs = []
if module.params["status"] and (
- to_text(found_offense["status"])
- != to_text(module.params["status"])
+ to_text(found_offense["status"]) != to_text(module.params["status"])
):
post_strs.append(
- "status={0}".format(to_text(module.params["status"]))
+ "status={0}".format(to_text(module.params["status"])),
)
if module.params["assigned_to"] and (
- to_text(found_offense["assigned_to"])
- != to_text(module.params["assigned_to"])
+ to_text(found_offense["assigned_to"]) != to_text(module.params["assigned_to"])
):
post_strs.append(
- "assigned_to={0}".format(module.params["assigned_to"])
+ "assigned_to={0}".format(module.params["assigned_to"]),
)
if module.params["closing_reason_id"] and (
- found_offense["closing_reason_id"]
- != module.params["closing_reason_id"]
+ found_offense["closing_reason_id"] != module.params["closing_reason_id"]
):
post_strs.append(
"closing_reason_id={0}".format(
- module.params["closing_reason_id"]
- )
+ module.params["closing_reason_id"],
+ ),
)
if module.params["follow_up"] and (
found_offense["follow_up"] != module.params["follow_up"]
):
post_strs.append(
- "follow_up={0}".format(module.params["follow_up"])
+ "follow_up={0}".format(module.params["follow_up"]),
)
if module.params["protected"] and (
found_offense["protected"] != module.params["protected"]
):
post_strs.append(
- "protected={0}".format(module.params["protected"])
+ "protected={0}".format(module.params["protected"]),
)
if post_strs:
@@ -175,25 +172,27 @@ def main():
qradar_return_data = qradar_request.post_by_path(
"api/siem/offenses/{0}?{1}".format(
- module.params["id"], "&".join(post_strs)
- )
+ module.params["id"],
+ "&".join(post_strs),
+ ),
)
# FIXME - handle the scenario in which we can search by name and this isn't a required param anymore
module.exit_json(
msg="Successfully updated Offense ID: {0}".format(
- module.params["id"]
+ module.params["id"],
),
qradar_return_data=qradar_return_data,
changed=True,
)
else:
module.exit_json(
- msg="No changes necessary. Nothing to do.", changed=False
+ msg="No changes necessary. Nothing to do.",
+ changed=False,
)
else:
# FIXME - handle the scenario in which we can search by name and this isn't a required param anymore
module.fail_json(
- msg="Unable to find Offense ID: {0}".format(module.params["id"])
+ msg="Unable to find Offense ID: {0}".format(module.params["id"]),
)
diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_info.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_info.py
index 1ead8a1ae..1b5ae67c7 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_info.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_info.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -113,10 +114,10 @@ EXAMPLES = """
var: offense_list
"""
-from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils._text import to_text
-
+from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.six.moves.urllib.parse import quote
+
from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
QRadarRequest,
find_dict_in_list,
@@ -125,7 +126,6 @@ from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
def main():
-
argspec = dict(
id=dict(required=False, type="int"),
name=dict(required=False, type="str"),
@@ -158,7 +158,7 @@ def main():
if module.params["id"]:
code, offenses = qradar_request.get(
- "/api/siem/offenses/{0}".format(module.params["id"])
+ "/api/siem/offenses/{0}".format(module.params["id"]),
)
else:
@@ -166,43 +166,45 @@ def main():
if module.params["status"]:
query_strs.append(
- quote("status={0}".format(to_text(module.params["status"])))
+ quote("status={0}".format(to_text(module.params["status"]))),
)
if module.params["assigned_to"]:
query_strs.append(
- quote("assigned_to={0}".format(module.params["assigned_to"]))
+ quote("assigned_to={0}".format(module.params["assigned_to"])),
)
if module.params["closing_reason_id"]:
query_strs.append(
quote(
"closing_reason_id={0}".format(
- module.params["closing_reason_id"]
- )
- )
+ module.params["closing_reason_id"],
+ ),
+ ),
)
if module.params["follow_up"] is not None:
query_strs.append(
- quote("follow_up={0}".format(module.params["follow_up"]))
+ quote("follow_up={0}".format(module.params["follow_up"])),
)
if module.params["protected"] is not None:
query_strs.append(
- quote("protected={0}".format(module.params["protected"]))
+ quote("protected={0}".format(module.params["protected"])),
)
if query_strs:
code, offenses = qradar_request.get(
- "/api/siem/offenses?filter={0}".format("&".join(query_strs))
+ "/api/siem/offenses?filter={0}".format("&".join(query_strs)),
)
else:
code, offenses = qradar_request.get("/api/siem/offenses")
if module.params["name"]:
named_offense = find_dict_in_list(
- offenses, "description", module.params["name"]
+ offenses,
+ "description",
+ module.params["name"],
)
if named_offense:
offenses = named_offense
diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_note.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_note.py
index 53b6ec95c..2cda42c69 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_note.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_note.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -53,27 +54,25 @@ EXAMPLES = """
"""
from ansible.module_utils.basic import AnsibleModule
-
from ansible.module_utils.six.moves.urllib.parse import quote
-from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
- QRadarRequest,
-)
+
+from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest
def set_offense_values(module, qradar_request):
if module.params["closing_reason"]:
code, found_closing_reason = qradar_request.get(
"/api/siem/offense_closing_reasons?filter={0}".format(
- quote('text="{0}"'.format(module.params["closing_reason"]))
- )
+ quote('text="{0}"'.format(module.params["closing_reason"])),
+ ),
)
if found_closing_reason:
module.params["closing_reason_id"] = found_closing_reason[0]["id"]
else:
module.fail_json(
"Unable to find closing_reason text: {0}".format(
- module.params["closing_reason"]
- )
+ module.params["closing_reason"],
+ ),
)
if module.params["status"]:
@@ -81,7 +80,6 @@ def set_offense_values(module, qradar_request):
def main():
-
argspec = dict(
# state=dict(required=False, choices=["present", "absent"], type='str', default="present"),
id=dict(required=True, type="int"),
@@ -104,7 +102,7 @@ def main():
"/api/siem/offenses/{0}/notes?filter={1}".format(
module.params["id"],
quote('note_text="{0}"'.format(module.params["note_text"])),
- )
+ ),
)
# if module.params['state'] == 'present':
@@ -115,7 +113,8 @@ def main():
note = found_notes[0]
if note["note_text"] == module.params["note_text"]:
module.exit_json(
- msg="No changes necessary. Nothing to do.", changed=False
+ msg="No changes necessary. Nothing to do.",
+ changed=False,
)
else:
if module.check_mode:
@@ -133,7 +132,7 @@ def main():
)
module.exit_json(
msg="Successfully created Offense Note ID: {0}".format(
- qradar_return_data["id"]
+ qradar_return_data["id"],
),
qradar_return_data=qradar_return_data,
changed=False,
@@ -155,7 +154,7 @@ def main():
)
module.exit_json(
msg="Successfully created Offense Note ID: {0}".format(
- qradar_return_data["id"]
+ qradar_return_data["id"],
),
qradar_return_data=qradar_return_data,
changed=True,
diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_rule.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_rule.py
index f99bab134..f3f975ae0 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/qradar_rule.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_rule.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -57,17 +58,15 @@ EXAMPLES = """
state: enabled
"""
-from ansible.module_utils.basic import AnsibleModule
+import json
+from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.six.moves.urllib.parse import quote
-from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
- QRadarRequest,
-)
-import json
+from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest
-def main():
+def main():
argspec = dict(
id=dict(required=False, type="int"),
name=dict(required=False, type="str"),
@@ -98,14 +97,14 @@ def main():
if module.params["id"]:
code, module.params["rule"] = qradar_request.get(
- "/api/analytics/rules/{0}".format(module.params["id"])
+ "/api/analytics/rules/{0}".format(module.params["id"]),
)
elif module.params["name"]:
code, rules = qradar_request.get(
"/api/analytics/rules?filter={0}".format(
- quote('"{0}"'.format(module.params["name"]))
- )
+ quote('"{0}"'.format(module.params["name"])),
+ ),
)
if rules:
module.params["rule"] = rules[0]
@@ -118,7 +117,7 @@ def main():
if module.params["id"]:
module.exit_json(
msg="No change needed for rule ID: {0}".format(
- module.params["id"]
+ module.params["id"],
),
qradar_return_data={},
changed=False,
@@ -126,7 +125,7 @@ def main():
if module.params["name"]:
module.exit_json(
msg="Successfully enabled rule named: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data={},
changed=False,
@@ -137,14 +136,14 @@ def main():
qradar_return_data = qradar_request.post_by_path(
"api/analytics/rules/{0}".format(
- module.params["rule"]["id"]
+ module.params["rule"]["id"],
),
data=json.dumps(module.params["rule"]),
)
if module.params["id"]:
module.exit_json(
msg="Successfully enabled rule ID: {0}".format(
- module.params["id"]
+ module.params["id"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -152,7 +151,7 @@ def main():
if module.params["name"]:
module.exit_json(
msg="Successfully enabled rule named: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -161,14 +160,14 @@ def main():
if module.params["id"]:
module.fail_json(
msg="Unable to find rule ID: {0}".format(
- module.params["id"]
- )
+ module.params["id"],
+ ),
)
if module.params["name"]:
module.fail_json(
msg='Unable to find rule named: "{0}"'.format(
- module.params["name"]
- )
+ module.params["name"],
+ ),
)
elif module.params["state"] == "disabled":
@@ -178,7 +177,7 @@ def main():
if module.params["id"]:
module.exit_json(
msg="No change needed for rule ID: {0}".format(
- module.params["id"]
+ module.params["id"],
),
qradar_return_data={},
changed=False,
@@ -186,7 +185,7 @@ def main():
if module.params["name"]:
module.exit_json(
msg="Successfully enabled rule named: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data={},
changed=False,
@@ -197,14 +196,14 @@ def main():
qradar_return_data = qradar_request.post_by_path(
"api/analytics/rules/{0}".format(
- module.params["rule"]["id"]
+ module.params["rule"]["id"],
),
data=json.dumps(module.params["rule"]),
)
if module.params["id"]:
module.exit_json(
msg="Successfully disabled rule ID: {0}".format(
- module.params["id"]
+ module.params["id"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -212,7 +211,7 @@ def main():
if module.params["name"]:
module.exit_json(
msg="Successfully disabled rule named: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -221,25 +220,25 @@ def main():
if module.params["id"]:
module.fail_json(
msg="Unable to find rule ID: {0}".format(
- module.params["id"]
- )
+ module.params["id"],
+ ),
)
if module.params["name"]:
module.fail_json(
msg='Unable to find rule named: "{0}"'.format(
- module.params["name"]
- )
+ module.params["name"],
+ ),
)
elif module.params["state"] == "absent":
if module.params["rule"]:
code, qradar_return_data = qradar_request.delete(
- "/api/analytics/rules/{0}".format(module.params["rule"]["id"])
+ "/api/analytics/rules/{0}".format(module.params["rule"]["id"]),
)
if module.params["id"]:
module.exit_json(
msg="Successfully deleted rule ID: {0}".format(
- module.params["id"]
+ module.params["id"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -247,7 +246,7 @@ def main():
if module.params["name"]:
module.exit_json(
msg="Successfully deleted rule named: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data=qradar_return_data,
changed=True,
diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_rule_info.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_rule_info.py
index d5c92453a..833e7584f 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/qradar_rule_info.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_rule_info.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -70,17 +71,14 @@ EXAMPLES = """
var: custom_ddos_rule_info
"""
-from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils._text import to_text
-
+from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.six.moves.urllib.parse import quote
-from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
- QRadarRequest,
-)
+from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest
-def main():
+def main():
argspec = dict(
id=dict(required=False, type="int"),
name=dict(required=False, type="str"),
@@ -91,7 +89,9 @@ def main():
type="str",
),
origin=dict(
- required=False, choices=["SYSTEM", "OVERRIDE", "USER"], type="str"
+ required=False,
+ choices=["SYSTEM", "OVERRIDE", "USER"],
+ type="str",
),
)
@@ -105,7 +105,7 @@ def main():
if module.params["id"]:
code, rules = qradar_request.get(
- "/api/analytics/rules/{0}".format(module.params["id"])
+ "/api/analytics/rules/{0}".format(module.params["id"]),
)
else:
@@ -113,12 +113,12 @@ def main():
if module.params["name"]:
query_strs.append(
- quote('name="{0}"'.format(to_text(module.params["name"])))
+ quote('name="{0}"'.format(to_text(module.params["name"]))),
)
if module.params["owner"]:
query_strs.append(
- quote("owner={0}".format(module.params["owner"]))
+ quote("owner={0}".format(module.params["owner"])),
)
if module.params["type"]:
@@ -126,12 +126,12 @@ def main():
if module.params["origin"]:
query_strs.append(
- quote("origin={0}".format(module.params["origin"]))
+ quote("origin={0}".format(module.params["origin"])),
)
if query_strs:
code, rules = qradar_request.get(
- "/api/analytics/rules?filter={0}".format("&".join(query_strs))
+ "/api/analytics/rules?filter={0}".format("&".join(query_strs)),
)
else:
code, rules = qradar_request.get("/api/analytics/rules")
diff --git a/ansible_collections/ibm/qradar/plugins/modules/rule.py b/ansible_collections/ibm/qradar/plugins/modules/rule.py
index f99bab134..f3f975ae0 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/rule.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/rule.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -57,17 +58,15 @@ EXAMPLES = """
state: enabled
"""
-from ansible.module_utils.basic import AnsibleModule
+import json
+from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.six.moves.urllib.parse import quote
-from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
- QRadarRequest,
-)
-import json
+from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest
-def main():
+def main():
argspec = dict(
id=dict(required=False, type="int"),
name=dict(required=False, type="str"),
@@ -98,14 +97,14 @@ def main():
if module.params["id"]:
code, module.params["rule"] = qradar_request.get(
- "/api/analytics/rules/{0}".format(module.params["id"])
+ "/api/analytics/rules/{0}".format(module.params["id"]),
)
elif module.params["name"]:
code, rules = qradar_request.get(
"/api/analytics/rules?filter={0}".format(
- quote('"{0}"'.format(module.params["name"]))
- )
+ quote('"{0}"'.format(module.params["name"])),
+ ),
)
if rules:
module.params["rule"] = rules[0]
@@ -118,7 +117,7 @@ def main():
if module.params["id"]:
module.exit_json(
msg="No change needed for rule ID: {0}".format(
- module.params["id"]
+ module.params["id"],
),
qradar_return_data={},
changed=False,
@@ -126,7 +125,7 @@ def main():
if module.params["name"]:
module.exit_json(
msg="Successfully enabled rule named: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data={},
changed=False,
@@ -137,14 +136,14 @@ def main():
qradar_return_data = qradar_request.post_by_path(
"api/analytics/rules/{0}".format(
- module.params["rule"]["id"]
+ module.params["rule"]["id"],
),
data=json.dumps(module.params["rule"]),
)
if module.params["id"]:
module.exit_json(
msg="Successfully enabled rule ID: {0}".format(
- module.params["id"]
+ module.params["id"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -152,7 +151,7 @@ def main():
if module.params["name"]:
module.exit_json(
msg="Successfully enabled rule named: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -161,14 +160,14 @@ def main():
if module.params["id"]:
module.fail_json(
msg="Unable to find rule ID: {0}".format(
- module.params["id"]
- )
+ module.params["id"],
+ ),
)
if module.params["name"]:
module.fail_json(
msg='Unable to find rule named: "{0}"'.format(
- module.params["name"]
- )
+ module.params["name"],
+ ),
)
elif module.params["state"] == "disabled":
@@ -178,7 +177,7 @@ def main():
if module.params["id"]:
module.exit_json(
msg="No change needed for rule ID: {0}".format(
- module.params["id"]
+ module.params["id"],
),
qradar_return_data={},
changed=False,
@@ -186,7 +185,7 @@ def main():
if module.params["name"]:
module.exit_json(
msg="Successfully enabled rule named: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data={},
changed=False,
@@ -197,14 +196,14 @@ def main():
qradar_return_data = qradar_request.post_by_path(
"api/analytics/rules/{0}".format(
- module.params["rule"]["id"]
+ module.params["rule"]["id"],
),
data=json.dumps(module.params["rule"]),
)
if module.params["id"]:
module.exit_json(
msg="Successfully disabled rule ID: {0}".format(
- module.params["id"]
+ module.params["id"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -212,7 +211,7 @@ def main():
if module.params["name"]:
module.exit_json(
msg="Successfully disabled rule named: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -221,25 +220,25 @@ def main():
if module.params["id"]:
module.fail_json(
msg="Unable to find rule ID: {0}".format(
- module.params["id"]
- )
+ module.params["id"],
+ ),
)
if module.params["name"]:
module.fail_json(
msg='Unable to find rule named: "{0}"'.format(
- module.params["name"]
- )
+ module.params["name"],
+ ),
)
elif module.params["state"] == "absent":
if module.params["rule"]:
code, qradar_return_data = qradar_request.delete(
- "/api/analytics/rules/{0}".format(module.params["rule"]["id"])
+ "/api/analytics/rules/{0}".format(module.params["rule"]["id"]),
)
if module.params["id"]:
module.exit_json(
msg="Successfully deleted rule ID: {0}".format(
- module.params["id"]
+ module.params["id"],
),
qradar_return_data=qradar_return_data,
changed=True,
@@ -247,7 +246,7 @@ def main():
if module.params["name"]:
module.exit_json(
msg="Successfully deleted rule named: {0}".format(
- module.params["name"]
+ module.params["name"],
),
qradar_return_data=qradar_return_data,
changed=True,
diff --git a/ansible_collections/ibm/qradar/plugins/modules/rule_info.py b/ansible_collections/ibm/qradar/plugins/modules/rule_info.py
index d5c92453a..833e7584f 100644
--- a/ansible_collections/ibm/qradar/plugins/modules/rule_info.py
+++ b/ansible_collections/ibm/qradar/plugins/modules/rule_info.py
@@ -6,6 +6,7 @@
from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
DOCUMENTATION = """
@@ -70,17 +71,14 @@ EXAMPLES = """
var: custom_ddos_rule_info
"""
-from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils._text import to_text
-
+from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.six.moves.urllib.parse import quote
-from ansible_collections.ibm.qradar.plugins.module_utils.qradar import (
- QRadarRequest,
-)
+from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest
-def main():
+def main():
argspec = dict(
id=dict(required=False, type="int"),
name=dict(required=False, type="str"),
@@ -91,7 +89,9 @@ def main():
type="str",
),
origin=dict(
- required=False, choices=["SYSTEM", "OVERRIDE", "USER"], type="str"
+ required=False,
+ choices=["SYSTEM", "OVERRIDE", "USER"],
+ type="str",
),
)
@@ -105,7 +105,7 @@ def main():
if module.params["id"]:
code, rules = qradar_request.get(
- "/api/analytics/rules/{0}".format(module.params["id"])
+ "/api/analytics/rules/{0}".format(module.params["id"]),
)
else:
@@ -113,12 +113,12 @@ def main():
if module.params["name"]:
query_strs.append(
- quote('name="{0}"'.format(to_text(module.params["name"])))
+ quote('name="{0}"'.format(to_text(module.params["name"]))),
)
if module.params["owner"]:
query_strs.append(
- quote("owner={0}".format(module.params["owner"]))
+ quote("owner={0}".format(module.params["owner"])),
)
if module.params["type"]:
@@ -126,12 +126,12 @@ def main():
if module.params["origin"]:
query_strs.append(
- quote("origin={0}".format(module.params["origin"]))
+ quote("origin={0}".format(module.params["origin"])),
)
if query_strs:
code, rules = qradar_request.get(
- "/api/analytics/rules?filter={0}".format("&".join(query_strs))
+ "/api/analytics/rules?filter={0}".format("&".join(query_strs)),
)
else:
code, rules = qradar_request.get("/api/analytics/rules")
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 00:25:10 +0000