az network firewall policy intrusion-detection

Note

This reference is part of the azure-firewall extension for the Azure CLI (version 2.15.0 or higher). The extension will automatically install the first time you run an az network firewall policy intrusion-detection command. Learn more about extensions.

Manage intrusion signature rules and bypass rules.

Commands

az network firewall policy intrusion-detection add

Add overrided intrusion signature or a bypass rule for intrusion detection.

az network firewall policy intrusion-detection list

List all intrusion detection configuration.

az network firewall policy intrusion-detection remove

Remove overrided intrusion signature or a bypass rule.

az network firewall policy intrusion-detection add

Add overrided intrusion signature or a bypass rule for intrusion detection.

az network firewall policy intrusion-detection add --policy-name
                                                   --resource-group
                                                   [--mode {Alert, Deny, Off}]
                                                   [--rule-description]
                                                   [--rule-dest-addresses]
                                                   [--rule-dest-ip-groups]
                                                   [--rule-dest-ports]
                                                   [--rule-name]
                                                   [--rule-protocol {ANY, ICMP, TCP, UDP}]
                                                   [--rule-src-addresses]
                                                   [--rule-src-ip-groups]
                                                   [--signature-id]

Required Parameters

--policy-name

The name of the Firewall Policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--mode

The signature state.

accepted values: Alert, Deny, Off
--rule-description

Description of the bypass traffic rule.

--rule-dest-addresses

Space-separated list of destination IP addresses or ranges for this rule.

--rule-dest-ip-groups

Space-separated list of destination IpGroups for this rule.

--rule-dest-ports

Space-separated list of destination ports or ranges.

--rule-name

Name of the bypass traffic rule.

--rule-protocol

The rule bypass protocol.

accepted values: ANY, ICMP, TCP, UDP
--rule-src-addresses

Space-separated list of source IP addresses or ranges for this rule.

--rule-src-ip-groups

Space-separated list of source IpGroups for this rule.

--signature-id

Signature id.

az network firewall policy intrusion-detection list

List all intrusion detection configuration.

az network firewall policy intrusion-detection list --policy-name
                                                    --resource-group

Required Parameters

--policy-name

The name of the Firewall Policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

az network firewall policy intrusion-detection remove

Remove overrided intrusion signature or a bypass rule.

az network firewall policy intrusion-detection remove --policy-name
                                                      --resource-group
                                                      [--rule-name]
                                                      [--signature-id]

Required Parameters

--policy-name

The name of the Firewall Policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--rule-name

Name of the bypass traffic rule.

--signature-id

Signature id.