Set DPIRule to default state

[sudofez]

Is there a way to set a DPIRule back to it's default state? I'm working on setting new rules to alert only for x amount of time during pre-prod testing and switching them back to their default state after I observe the rule impact.

Is this possible through the API or will I have to store the rule state in a DB or file somewhere before I switch the detectOnly boolean?

Something like this is what I'm after:

function setTempDetect($rules){

    foreach($r in $rules){

        if((New-TimeSpan -Start $r.Issued -End (Get-Date)).Days -le 7){
               $r.detectOnly = $true
        }
        else{
               $r.DetectOnly = setDefaultState($r) #<-----
            }
    }
}

[andresark]

It seems the updated API would allow for this use case, check the "detectOnly" field: https://automation.deepsecurity.trendmicro.com/article/11_3/api-reference?platform=on-premise#operation/modifyIntrusionPreventionRuleOnPolicy