az network firewall policy intrusion-detection
Note
This reference is part of the azure-firewall extension for the Azure CLI (version 2.15.0 or higher). The extension will automatically install the first time you run an az network firewall policy intrusion-detection command. Learn more about extensions.
Manage intrusion signature rules and bypass rules.
Commands
| az network firewall policy intrusion-detection add |
Add overrided intrusion signature or a bypass rule for intrusion detection. |
| az network firewall policy intrusion-detection list |
List all intrusion detection configuration. |
| az network firewall policy intrusion-detection remove |
Remove overrided intrusion signature or a bypass rule. |
az network firewall policy intrusion-detection add
Add overrided intrusion signature or a bypass rule for intrusion detection.
az network firewall policy intrusion-detection add --policy-name
--resource-group
[--mode {Alert, Deny, Off}]
[--rule-description]
[--rule-dest-addresses]
[--rule-dest-ip-groups]
[--rule-dest-ports]
[--rule-name]
[--rule-protocol {ANY, ICMP, TCP, UDP}]
[--rule-src-addresses]
[--rule-src-ip-groups]
[--signature-id]Required Parameters
The name of the Firewall Policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The signature state.
Description of the bypass traffic rule.
Space-separated list of destination IP addresses or ranges for this rule.
Space-separated list of destination IpGroups for this rule.
Space-separated list of destination ports or ranges.
Name of the bypass traffic rule.
The rule bypass protocol.
Space-separated list of source IP addresses or ranges for this rule.
Space-separated list of source IpGroups for this rule.
Signature id.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network firewall policy intrusion-detection list
List all intrusion detection configuration.
az network firewall policy intrusion-detection list --policy-name
--resource-groupRequired Parameters
The name of the Firewall Policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network firewall policy intrusion-detection remove
Remove overrided intrusion signature or a bypass rule.
az network firewall policy intrusion-detection remove --policy-name
--resource-group
[--rule-name]
[--signature-id]Required Parameters
The name of the Firewall Policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Name of the bypass traffic rule.
Signature id.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
الملاحظات
إرسال الملاحظات وعرضها المتعلقة بـ