sva.sentinelone.sentinelone_path_exclusions module – Manage SentinelOne Path Exclusions
Note
This module is part of the sva.sentinelone collection (version 2.0.5).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install sva.sentinelone.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: sva.sentinelone.sentinelone_path_exclusions.
New in sva.sentinelone 1.0.0
Synopsis
This module is able to create, update and delete path exclusions in SentinelOne
Requirements
The below requirements are needed on the host that executes this module.
deepdiff >= 5.6
Parameters
Parameter |
Comments |
|---|---|
Insert your management console URL |
|
A short description to describe the exclusion Default: |
|
Exclusion Function to exclude os_path for alerts and mitigation Choices:
|
|
Exclusion Function to exclude os_path for Binary Vaults Choices:
|
|
Set this option to set the scope to group level A list with groupnames which the exclusions are to be attached Default: |
|
If yes, the exclusion will scope subfolders as well. Is ignored if os_path is not a folder (does not end with / (linux) or (windows)) Choices:
|
|
Defines the exclusion mode for this exclusion. Required if state=present Choices:
|
|
Os path of the exclusion. If the path a folder, the path must end with / (linux) or (windows) |
|
Define the operating system for the exclusion. Required if state=present Choices:
|
|
Name of the site in SentinelOne |
|
Select the state of exclusion Choices:
|
|
SentinelOne API auth token to authenticate at the management API |
Notes
Note
Python module deepdiff. Tested with version >=5.6. Lower version may work too
Currently only supported in single-account management consoles
Currently not applicable for account level exclusions
Currently not applicable for MacOS
Examples
---
- name: Create exclusion in site scope
sva.sentinelone.sentinelone_path_exclusions:
console_url: "https://XXXXX.sentinelone.net"
token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
site_name: "test"
os_path: "C:\\Test1234\\"
mode: "performance_focus"
os_type: "windows"
- name: Create exclusion in single group
sva.sentinelone.sentinelone_path_exclusions:
console_url: "https://XXXXX.sentinelone.net"
token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
site_name: "test"
groups: "MariaDB"
os_path: "C:\\Test1234\\"
mode: "interoperability_extended"
os_type: "windows"
- name: Create exclusion in multiple groups
sva.sentinelone.sentinelone_path_exclusions:
state: "present"
console_url: "https://XXXXX.sentinelone.net"
token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
site_name: "test"
groups:
- "MariaDB"
- "MaxDB"
os_path: "C:\\Test1234\\"
mode: "performance_focus_extended"
os_type: "windows"
- name: Create exclusion in multiple groups and disable automatic upload to Binary Vault
sva.sentinelone.sentinelone_path_exclusions:
state: "present"
console_url: "https://XXXXX.sentinelone.net"
token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
site_name: "test"
groups:
- "MariaDB"
- "MaxDB"
include_subfolders: true
os_path: "C:\\Test1234\\"
mode: "performance_focus_extended"
os_type: "windows"
ef_binary_vault: true
- name: Delete exclusion in site scope
sva.sentinelone.sentinelone_path_exclusions:
state: "absent"
console_url: "https://XXXXX.sentinelone.net"
token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
site_name: "msd"
os_path: "C:\\Test1234\\"
- name: Delete exclusion in group scope
sva.sentinelone.sentinelone_path_exclusions:
state: "absent"
console_url: "https://XXXXX.sentinelone.net"
token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
site_name: "msd"
groups:
- "MariaDB"
- "MaxDB"
os_path: "C:\\Test1234\\"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Get basic infos about the changes made Returned: on success Sample: |
|
Get detailed infos about the changes made Returned: on success Sample: |