CONFIG SECURITYINSPECTION CONFIG ALARM LIST

Level

base+asq

History

Appears in 9.0.0
context appears in 9.1.0
Added extended parameter and added tokens longmsg and signatures in response in 9.1.0
id appears in 9.1.0

Description

Per configuration alarm listing

Remark

if extended=0 or not specified, the command will not show the longmsg and signatures tokens

Usage

index=<securityinspection_index>
[category=<cat_id>] [context=<context_id>] [classification=<classification_id>] [id=<id>] [extended=0|1]

[start=<int>] [limit=<int>] [dir=<ASC|Description>] [search=<pattern>] [searchfield=<token>] [sort=<token>] [refresh=<0|1>]

Returns

protocol=<proto> context=protocol|<asq_context_name> id=<alarmid> action=(block|pass) level=(major|minor|ignore) dump=(0|1) new=(0|1) origin=(user|profile_template|config_template|new) [legacy=(0|1)] [email=on emailduration=<seconds> emailcount=<int>] [blacklist=on blduration=<minutes>] msg=<alarm message> [longmsg=<detailed message>] [modify=(0|1)] [sensible=(0|1)] category=(<empty string>|<cat_id[,cat_id]...>) classification=<classification_id> [resource=<resource name>] [signatures=<number of variants>]

Format

section_line

Example

config securityinspection config alarm list index=1
[Alarm]
protocol=http context=protocol id=53 action=block level=major dump=0 new=0 origin=profile_template msg="Invalid HTTP protocol" modify=1 sensible=1
protocol=http context=http:client id=28 action=block level=minor dump=0 new=0 origin=config_template msg="Apache: chunked encoding vulnerability" modify=1 sensible=0 legacy=1 category="0,3" classification=1 resource="apache" CACHE_CATEGORY alarms