CONFIG SECURITYINSPECTION COMMON ALARM NEW CONFIG

Level

base+asq

History

Appears in 3.0

Description

List new alarms configuration

Usage

index=<securityinspection_index>
[category=<cat_id>] [classification=<classification_id>] [extended=0|1] [start=<int>] [limit=<int>]

Returns

protocol=<proto> context=protocol|<asq_context_name> id=<alarmid> action=(block|pass) level=(major|minor|ignore) dump=(0|1) new=(0|1) origin=(user|profile_template|config_template|new) [legacy=(0|1)] [email=on emailduration=<seconds> emailcount=<int>] [blacklist=on blduration=<minutes>] msg=<alarm message> [longmsg=<detailed message>] [modify=(0|1)] [sensible=(0|1)] category=(<empty string>|<cat_id[,cat_id]...>) classification=<classification_id> [resource=<resource name>] [signatures=<number of variants>]

Format

section_line CACHE_CATEGORY alarms