CONFIG PROTOCOL PROFILE ALARM SHOW
Level
base,asq
History
Appears in Netasq 9.0.0
Added extended parameter and added tokens longmsg and signatures in response in Netasq 9.1.0
reaction split to blacklist and email in Netasq 9.1.0
comment appears in Netasq 9.1.0
qid appears in 2.0.0
Description
Dump the alarm configuration for this protocol
Remark
if extended=0 or not specified, the command will not show the longmsg and signatures tokens
Usage
index=<profile index> [context=(protocol|<ASQ context name>)] [extended=0|1]
Returns
context=<asq_context_name> id=<alarmid> action=(block|pass) level=(major|minor|ignore) dump=(0|1) new=(0|1) origin=(user|profile_template|config_template|new) [qid=<queue name>] [email=on emailduration=<seconds> emailcount=<int>] [blacklist=on blduration=<minutes>] msg=<alarm message> modify=(0|1) sensible=(0|1) legacy=(0|1) category=<category> comment="<comment>" [longmsg=<detailed message>] [signatures=<number of variants>]
Format
section_line
Example
config protocol http profile alarm show index=1
[Alarm]
context=http:url:decoded id=48 action=block level=major dump=0 new=1 origin=profile_template msg="Windows : cmd.exe use or access attempt" modify=1 sensible=0 legacy=1 category="" comment=""
context=protocol id=53 action=block level=major dump=0 new=0 origin=profile_template msg="Invalid HTTP protocol" modify=1 sensible=1 legacy=1 category="" comment=""
context=http:client id=49 action=block level=major dump=0 new=1 origin=profile_template msg="Malware : PonyDOS botnet detected" modify=1 sensible=0 legacy=1 category="" comment=""