netscaler.adc.botprofile module – Configuration for Bot profile resource.

Note

This module is part of the netscaler.adc collection (version 2.6.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netscaler.adc.

To use it in a playbook, specify: netscaler.adc.botprofile.

New in netscaler.adc 2.0.0

Synopsis

  • Configuration for Bot profile resource.

Parameters

Parameter

Comments

api_path

string

Base NITRO API path.

Define only in case of an ADM service proxy call

Default: "nitro/v1/config"

bot_enable_black_list

any

Enable black-list bot detection.

Choices:

  • "ON"

  • "OFF"

bot_enable_ip_reputation

any

Enable IP-reputation bot detection.

Choices:

  • "ON"

  • "OFF"

bot_enable_rate_limit

any

Enable rate-limit bot detection.

Choices:

  • "ON"

  • "OFF"

bot_enable_tps

any

Enable TPS.

Choices:

  • "ON"

  • "OFF"

bot_enable_white_list

any

Enable white-list bot detection.

Choices:

  • "ON"

  • "OFF"

botprofile_blacklist_binding

dictionary

Bindings for botprofile_blacklist_binding resource

binding_members

list / elements=dictionary

List of binding members

Default: []

mode

string

The mode in which to configure the bindings.

If mode is set to desired, the bindings will be added or removed from the target NetScaler ADCs as necessary to match the bindings specified in the state.

If mode is set to bind, the specified bindings will be added to the resource. The existing bindings in the target ADCs will not be modified.

If mode is set to unbind, the specified bindings will be removed from the resource. The existing bindings in the target ADCs will not be modified.

Choices:

  • "desired" ← (default)

  • "bind"

  • "unbind"

botprofile_captcha_binding

dictionary

Bindings for botprofile_captcha_binding resource

binding_members

list / elements=dictionary

List of binding members

Default: []

mode

string

The mode in which to configure the bindings.

If mode is set to desired, the bindings will be added or removed from the target NetScaler ADCs as necessary to match the bindings specified in the state.

If mode is set to bind, the specified bindings will be added to the resource. The existing bindings in the target ADCs will not be modified.

If mode is set to unbind, the specified bindings will be removed from the resource. The existing bindings in the target ADCs will not be modified.

Choices:

  • "desired" ← (default)

  • "bind"

  • "unbind"

botprofile_ipreputation_binding

dictionary

Bindings for botprofile_ipreputation_binding resource

binding_members

list / elements=dictionary

List of binding members

Default: []

mode

string

The mode in which to configure the bindings.

If mode is set to desired, the bindings will be added or removed from the target NetScaler ADCs as necessary to match the bindings specified in the state.

If mode is set to bind, the specified bindings will be added to the resource. The existing bindings in the target ADCs will not be modified.

If mode is set to unbind, the specified bindings will be removed from the resource. The existing bindings in the target ADCs will not be modified.

Choices:

  • "desired" ← (default)

  • "bind"

  • "unbind"

botprofile_kmdetectionexpr_binding

dictionary

Bindings for botprofile_kmdetectionexpr_binding resource

binding_members

list / elements=dictionary

List of binding members

Default: []

mode

string

The mode in which to configure the bindings.

If mode is set to desired, the bindings will be added or removed from the target NetScaler ADCs as necessary to match the bindings specified in the state.

If mode is set to bind, the specified bindings will be added to the resource. The existing bindings in the target ADCs will not be modified.

If mode is set to unbind, the specified bindings will be removed from the resource. The existing bindings in the target ADCs will not be modified.

Choices:

  • "desired" ← (default)

  • "bind"

  • "unbind"

botprofile_logexpression_binding

dictionary

Bindings for botprofile_logexpression_binding resource

binding_members

list / elements=dictionary

List of binding members

Default: []

mode

string

The mode in which to configure the bindings.

If mode is set to desired, the bindings will be added or removed from the target NetScaler ADCs as necessary to match the bindings specified in the state.

If mode is set to bind, the specified bindings will be added to the resource. The existing bindings in the target ADCs will not be modified.

If mode is set to unbind, the specified bindings will be removed from the resource. The existing bindings in the target ADCs will not be modified.

Choices:

  • "desired" ← (default)

  • "bind"

  • "unbind"

botprofile_ratelimit_binding

dictionary

Bindings for botprofile_ratelimit_binding resource

binding_members

list / elements=dictionary

List of binding members

Default: []

mode

string

The mode in which to configure the bindings.

If mode is set to desired, the bindings will be added or removed from the target NetScaler ADCs as necessary to match the bindings specified in the state.

If mode is set to bind, the specified bindings will be added to the resource. The existing bindings in the target ADCs will not be modified.

If mode is set to unbind, the specified bindings will be removed from the resource. The existing bindings in the target ADCs will not be modified.

Choices:

  • "desired" ← (default)

  • "bind"

  • "unbind"

botprofile_tps_binding

dictionary

Bindings for botprofile_tps_binding resource

binding_members

list / elements=dictionary

List of binding members

Default: []

mode

string

The mode in which to configure the bindings.

If mode is set to desired, the bindings will be added or removed from the target NetScaler ADCs as necessary to match the bindings specified in the state.

If mode is set to bind, the specified bindings will be added to the resource. The existing bindings in the target ADCs will not be modified.

If mode is set to unbind, the specified bindings will be removed from the resource. The existing bindings in the target ADCs will not be modified.

Choices:

  • "desired" ← (default)

  • "bind"

  • "unbind"

botprofile_trapinsertionurl_binding

dictionary

Bindings for botprofile_trapinsertionurl_binding resource

binding_members

list / elements=dictionary

List of binding members

Default: []

mode

string

The mode in which to configure the bindings.

If mode is set to desired, the bindings will be added or removed from the target NetScaler ADCs as necessary to match the bindings specified in the state.

If mode is set to bind, the specified bindings will be added to the resource. The existing bindings in the target ADCs will not be modified.

If mode is set to unbind, the specified bindings will be removed from the resource. The existing bindings in the target ADCs will not be modified.

Choices:

  • "desired" ← (default)

  • "bind"

  • "unbind"

botprofile_whitelist_binding

dictionary

Bindings for botprofile_whitelist_binding resource

binding_members

list / elements=dictionary

List of binding members

Default: []

mode

string

The mode in which to configure the bindings.

If mode is set to desired, the bindings will be added or removed from the target NetScaler ADCs as necessary to match the bindings specified in the state.

If mode is set to bind, the specified bindings will be added to the resource. The existing bindings in the target ADCs will not be modified.

If mode is set to unbind, the specified bindings will be removed from the resource. The existing bindings in the target ADCs will not be modified.

Choices:

  • "desired" ← (default)

  • "bind"

  • "unbind"

clientipexpression

any

Expression to get the client IP.

comment

any

Any comments about the purpose of profile, or other useful information about the profile.

devicefingerprint

any

Enable device-fingerprint bot detection

Choices:

  • "ON"

  • "OFF"

devicefingerprintaction

any

Action to be taken for device-fingerprint based bot detection.

Choices:

  • "NONE"

  • "LOG"

  • "DROP"

  • "REDIRECT"

  • "RESET"

  • "MITIGATION"

devicefingerprintmobile

any

Enabling bot device fingerprint protection for mobile clients

Choices:

  • "NONE"

  • "Android"

  • "iOS"

dfprequestlimit

any

Number of requests to allow without bot session cookie if device fingerprint is enabled

errorurl

any

URL that Bot protection uses as the Error URL.

headlessbrowserdetection

any

Enable Headless Browser detection.

Choices:

  • "ON"

  • "OFF"

kmdetection

any

Enable keyboard-mouse based bot detection.

Choices:

  • "ON"

  • "OFF"

kmeventspostbodylimit

any

Size of the KM data send by the browser, needs to be processed on ADC

kmjavascriptname

any

Name of the JavaScript file that the Bot Management feature will insert in the response for keyboard-mouse based detection.

Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) hash (#), space ( ), at (@), equals (=), colon (:), and underscore characters.

The following requirement applies only to the Citrix ADC CLI:

If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, “my javascript file name” or ‘my javascript file name’).

managed_netscaler_instance_id

string

added in netscaler.adc 2.6.0

The ID of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_ip

string

added in netscaler.adc 2.6.0

The IP of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_name

string

added in netscaler.adc 2.6.0

The name of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_password

string

added in netscaler.adc 2.6.0

The password of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

managed_netscaler_instance_username

string

added in netscaler.adc 2.6.0

The username of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

name

any

Name for the profile. Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.), pound (#), space ( ), at (@), equals (=), colon (:), and underscore (_) characters. Cannot be changed after the profile is added.

The following requirement applies only to the Citrix ADC CLI:

If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, “my profile” or ‘my profile’).

netscaler_console_as_proxy_server

boolean

added in netscaler.adc 2.6.0

The IP address of the NetScaler ADC appliance acting as a proxy server.

Define only in case of an ADM service proxy call

Choices:

  • false ← (default)

  • true

nitro_auth_token

string

The authentication token provided by a login operation.

nitro_pass

string

The password with which to authenticate to the NetScaler ADC node.

nitro_protocol

string

Which protocol to use when accessing the nitro API objects.

Choices:

  • "http"

  • "https" ← (default)

nitro_user

string

The username with which to authenticate to the NetScaler ADC node.

nsip

string / required

The ip address of the NetScaler ADC appliance where the nitro API calls will be made.

The port can be specified with the colon (:). E.g. 192.168.1.1:555.

save_config

boolean

If true the module will save the configuration on the NetScaler ADC node if it makes any changes.

The module will not save the configuration on the NetScaler ADC node if it made no changes.

Choices:

  • false ← (default)

  • true

sessioncookiename

any

Name of the SessionCookie that the Bot Management feature uses for tracking.

Must begin with a letter or number, and can consist of from 1 to 31 letters, numbers, and the hyphen (-) and underscore (_) symbols.

The following requirement applies only to the Citrix ADC CLI:

If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, “my cookie name” or ‘my cookie name’).

sessiontimeout

any

Timeout, in seconds, after which a user session is terminated.

signature

any

Name of object containing bot static signature details.

signaturemultipleuseragentheaderaction

any

Actions to be taken if multiple User-Agent headers are seen in a request (Applicable if Signature check is enabled). Log action should be combined with other actions

Choices:

  • "CHECKLAST"

  • "LOG"

  • "DROP"

  • "REDIRECT"

  • "RESET"

signaturenouseragentheaderaction

any

Actions to be taken if no User-Agent header in the request (Applicable if Signature check is enabled).

Choices:

  • "NONE"

  • "LOG"

  • "DROP"

  • "REDIRECT"

  • "RESET"

spoofedreqaction

any

Actions to be taken on a spoofed request (A request spoofing good bot user agent string).

Choices:

  • "NONE"

  • "LOG"

  • "DROP"

  • "REDIRECT"

  • "RESET"

state

string

The state of the resource being configured by the module on the NetScaler ADC node.

When present, the resource will be added/updated configured according to the module’s parameters.

When absent, the resource will be deleted from the NetScaler ADC node.

When unset, the resource will be unset on the NetScaler ADC node.

Choices:

  • "present" ← (default)

  • "absent"

  • "unset"

trap

any

Enable trap bot detection.

Choices:

  • "ON"

  • "OFF"

trapaction

any

Action to be taken for bot trap based bot detection.

Choices:

  • "NONE"

  • "LOG"

  • "DROP"

  • "REDIRECT"

  • "RESET"

trapurl

any

URL that Bot protection uses as the Trap URL.

validate_certs

boolean

If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.

Choices:

  • false

  • true ← (default)

verboseloglevel

any

Bot verbose Logging. Based on the log level, ADC will log additional information whenever client is detected as a bot.

Choices:

  • "NONE"

  • "HTTP_FULL_HEADER"

Notes

Note

Examples

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

changed

boolean

Indicates if any change is made by the module

Returned: always

Sample: true

diff

dictionary

Dictionary of before and after changes

Returned: always

Sample: {"after": {"key2": "pqr"}, "before": {"key1": "xyz"}, "prepared": "changes done"}

diff_list

list / elements=string

List of differences between the actual configured object and the configuration specified in the module

Returned: when changed

Sample: ["Attribute `key1` differs. Desired: (<class 'str'>) XYZ. Existing: (<class 'str'>) PQR"]

failed

boolean

Indicates if the module failed or not

Returned: always

Sample: false

loglines

list / elements=string

list of logged messages by the module

Returned: always

Sample: ["message 1", "message 2"]

Authors

  • Sumanth Lingappa (@sumanth-lingappa)