Get-B1ThreatFeeds¶
SYNOPSIS¶
Use this cmdlet to retrieve information on all Threat Feed objects for the account
SYNTAX¶
Get-B1ThreatFeeds [[-Name] <String>] [[-Limit] <Int32>] [[-Offset] <Int32>] [[-Fields] <String[]>] [-Strict]
[[-CustomFilters] <Object>] [-CaseSensitive] [<CommonParameters>]
DESCRIPTION¶
Use this cmdlet to retrieve information on all Threat Feed objects for the account. BloxOne Cloud provides predefined threat intelligence feeds based on your subscription. The Plus subscription offers a few more feeds than the Standard subscription. The Advanced subscription offers a few more feeds than the Plus subscription. A threat feed subscription for RPZ updates offers protection against malicious hostnames.
EXAMPLES¶
EXAMPLE 1¶
Get-B1ThreatFeeds -Name "AntiMalware" | ft -AutoSize
confidence_level description
---------------- -----------
HIGH Suspicious/malicious as destinations: Enables protection against known malicious hostname threats that can take action on or control of your systems, such as Malware Command & Control, Malware Download, and active Phishing sites.
MEDIUM Suspicious/malicious as destinations: Enables protection against known malicious or compromised IP addresses. These are known to host threats that can take action on or control of your systems, such as Malware Command & Control, Malware Download, and active Phishing si…
LOW Suspicious/malicious as destinations: An extension of the AntiMalware IP feed that contains recently expired Malware IP's with an extended time-to-live (TTL) applied. The extended time-to-live (TTL) provides an extended reach of protection for the DNS FW, but may also …
LOW Suspicious/malicious as destinations: An extension of the Base and AntiMalware feed that contains recently expired hostname
PARAMETERS¶
-Name¶
Use this parameter to filter the list of Subnets by Name
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 1
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Limit¶
Use this parameter to limit the quantity of results. The default number of results is 1000.
Type: Int32
Parameter Sets: (All)
Aliases:
Required: False
Position: 2
Default value: 1000
Accept pipeline input: False
Accept wildcard characters: False
-Offset¶
Use this parameter to offset the results by the value entered for the purpose of pagination
Type: Int32
Parameter Sets: (All)
Aliases:
Required: False
Position: 3
Default value: 0
Accept pipeline input: False
Accept wildcard characters: False
-Fields¶
Specify a list of fields to return. The default is to return all fields.
Type: String[]
Parameter Sets: (All)
Aliases:
Required: False
Position: 4
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Strict¶
Use strict filter matching. By default, filters are searched using wildcards where possible. Using strict matching will only return results matching exactly what is entered in the applicable parameters.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False
-CustomFilters¶
Accepts either an Object, ArrayList or String containing one or more custom filters. See here for usage: https://ibps.readthedocs.io/en/latest/#-customfilters
Type: Object
Parameter Sets: (All)
Aliases:
Required: False
Position: 5
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-CaseSensitive¶
Use Case Sensitive matching. By default, case-insensitive matching both for -Strict matching and regex matching.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False
CommonParameters¶
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.