Welcome to Fortinet FortiAnalyzer Ansible Collection documentation v0.0.1!
The FortiAnalyzer Ansible Collection provides Ansible modules for configuring FortiAnalyzer devices.
FortiAnalyzer Galaxy Versions Mapping
| FMG version | Galaxy Version | Release date | Path to Install |
|---|---|---|---|
| unified | 0.0.1 latest |
2021/8/5 | ansible-galaxy collection install fortinet.fortianalyzer:0.0.1 |
Note: Use -f option (i.e.
ansible-galaxy collection install -f fortinet.fortianalyzer:x.x.x) to
renew your existing local installation.
Install FortiAnalyzer Ansible Galaxy
This document explains how to install the FortiAnalyzer Ansible Galaxy Collection.
Install Python3
- Follow steps in https://www.python.org/ to install Python3 on your host.
Install Ansible Core
- Follow instructions in https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html to install Ansible
- The Ansible core version requirement: >= 2.9.0
Install Galaxy Collection
you can install the latest collection by default via command
ansible-galaxy collection install fortinet.fortianalyzer.
Run Your First Playbook
This document explains how to run your first FortiAnalyzer Ansible playbook.
With FortiAnalyzer Galaxy collection, you are always recommended to run
FortiAnalyzer module in httpapi manner. The first step is to prepare your
host inventory with which you can use ansible-vault to encrypt or
decrypt your secrets for the sake of confidentiality.
Prepare host inventory
in our case we create a file named hosts:
[fortianalyzers]
fortianalyzer01 ansible_host=192.168.190.130 ansible_user="admin" ansible_password="password"
fortianalyzer02 ansible_host=192.168.190.131 ansible_user="admin" ansible_password="password"
[fortianalyzers:vars]
ansible_network_os=fortinet.fortianalyzer.fortianalyzer
Write the playbook
An Example
in the example: test.yml we are going to create a script on FortiAnalyzer:
- hosts: fortianalyzers
connection: httpapi
collections:
- fortinet.fortianalyzer
vars:
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Alert console
faz_cli_system_global:
cli_system_global:
language: english
Parameter Usages
there are several mandatory options in the example:
- adom :
adomis the administrative domain that an API is going to run inside. In most cases,globalorrootis what you need. - state :
stateis indicating the action the module is going to take. by givingpresent, the module will create or update the object, whileabsenttells the module to delete the object in the FortiAnalyzer. - other module specific parameters are defined differently, you can find their usages in each module page.
Run the playbook
ansible-playbook -i hosts test.yml
you can also observe the verbose output by adding option at the tail:
-vvv.
Error Handling
By convention, Ansible task can fail when a non-zero rc code is
passed to. FortiAnalyzer Ansible modules follows that convention and
provides additional error handing mechanisms, which makes it simple and
flexible enough for us to deal with well defined error codes in
requests.
There are three types of mechanisms we can employ in fortianalyzer ansible modules.
rc_succeeded
This is a parameter introduced in fortianalyzer modules for those who
want not to fail the task for a specific response_code, its type is
a interger list, which means we can define more than one rc code.
One example of rc_succeeded is as below:
#cat test.yml
- name: Create and Execute script
hosts: fortianalyzer01
gather_facts: no
connection: httpapi
collections:
- fortinet.fortianalyzer
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
script_name: 'demo script'
tasks:
- name: fmgr_pkg_firewall_dospolicy
fmgr_pkg_firewall_dospolicy:
workspace_locking_adom: 'root'
adom: root
pkg: demopackage1
state: present
pkg_firewall_dospolicy:
comments: 'Just a comment'
policyid: '123'
rc_succeeded: [ -9001 ]
#ansible-playbook -i host -vvv test.yml
ok: [fortianalyzer01] => {
"changed": false,
"invocation": {
"module_args": {
"adom": "root",
"pkg": "demopackage1",
"pkg_firewall_dospolicy": {
"anomaly": null,
"comments": "Just a comment",
"dstaddr": null,
"interface": null,
"policyid": 123,
"service": null,
"srcaddr": null,
"status": null
},
"rc_failed": null,
"rc_succeeded": [
-9001
],
"state": "present",
"workspace_locking_adom": "root",
"workspace_locking_timeout": 300
}
},
"meta": {
"request_url": "/pm/config/adom/root/pkg/demopackage1/firewall/DoS-policy",
"response_code": -9001,
"response_message": "firewall/DoS-policy/123/status : invalid value - prop[status]: binary option empty or invalid, argc(0)",
"result_code_overriding": "rc code:-9001 is overridden to success"
},
"rc": -9001
}
In normal case, an reponse code -9001 definitely causes a failure, rc_succeeded allows us to skip the error
rc_failed
Like rc_succeeded, rc_failed is the rc code list for
fortianalyzer module to override the conditions to fail.
An example of rc_failed is we actually want to fail the task that is
deleting a non-existing object.
#cat test.yml
- name: Create and Execute script
hosts: fortianalyzer01
gather_facts: no
connection: httpapi
collections:
- fortinet.fortianalyzer
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
script_name: 'demo script'
tasks:
- name: create the script
fmgr_dvmdb_script:
workspace_locking_adom: 'root'
state: absent
adom: root
dvmdb_script:
name: 'demoscript'
rc_failed:
- -3
#ansible-playbook -i host -vvv test.yml
fatal: [fortianalyzer01]: FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"invocation": {
"module_args": {
"adom": "root",
"dvmdb_script": {
"content": "native content",
"desc": "script created via Ansible",
"filter_build": null,
"filter_device": null,
"filter_hostname": null,
"filter_ostype": null,
"filter_osver": null,
"filter_platform": null,
"filter_serial": null,
"modification_time": null,
"name": "demoscript",
"script_schedule": null,
"target": null,
"type": "cli"
},
"rc_failed": [
-3
],
"rc_succeeded": null,
"state": "absent",
"workspace_locking_adom": "root",
"workspace_locking_timeout": 300
}
},
"meta": {
"response_code": -3,
"response_message": "object not exist",
"result_code_overriding": "rc code:-3 is overridden to failure"
},
"rc": 0
}
By default, a response_code -3 of deleting an object will not cause the
task failure, but it tells the truth that the object doesn’t exist and
we might want to fail the task in this case, rc_failed can help us do
the work.
failed_when
failed_when is Ansible native failure detection mechanism, it’s more
flexible and can be combined with our fortianalyzer ansible modules.
For more information of failed_when, please visit
page.
Precedence of Three Mechanisms
In general, failed_when takes precedence over the other two, while
rc_failed has precedece over rc_succeeded.
we can specify more than one condition statement, and the one with highest precedence will be chosen to calculate the failure or success result.
Frequently Asked Questions (FAQ)
- TABLE OF CONTENTS:
Modules For Policy Package.
Unlike other modules, There are three modules in FortiManager Ansible collection as the result of seperate API backends:
fmgr_pm_pkg- update or delete a package, no matter whether it isadomspecific orglobal.fmgr_pm_pkg_adom- create or update aadomspecific package.fmgr_pm_pkg_global- create or update aglobalpackage.
Create/Update An ADOM-specific Policy Package
- name: create a package in a adom
fmgr_pm_pkg_adom:
adom: 'root'
pm_pkg_adom:
name: 'adom.root.package0'
type: 'pkg'
Note: you are not allowed to modify the name of the package with module fmgr_pm_pkg_adom.
Create/Update A Global Policy Package
- name: create a package in a adom
fmgr_pm_pkg_global:
pm_pkg_global:
name: 'global.package0'
type: 'pkg'
Note: you are not allowed to modify the name of the package with module fmgr_pm_pkg_global.
Rename A Policy Package
- name: policy package
fmgr_pm_pkg:
adom: "root"
pkg_path: 'adom.root.package0'
state: 'present'
pm_pkg:
name: 'adom.root.package1'
- name: policy package
fmgr_pm_pkg:
adom: "global"
pkg_path: 'global.package0'
state: 'present'
pm_pkg:
name: 'global.package1'
Remove A Policy Package
- name: policy package
fmgr_pm_pkg:
adom: "root"
pkg_path: 'adom.root.package0'
state: 'absent'
pm_pkg:
name: 'adom.root.package0'
- name: policy package
fmgr_pm_pkg:
adom: "global"
pkg_path: 'global.package0'
state: 'absent'
pm_pkg:
name: 'global.package0'
What You Need To Know About Logging.
FortiManager Ansible has requests and intermediate data stored in a log file /tmp/fortimanager.ansible.log to ease troubleshooting.
Prior to 2.0.3, the log file is always created under that path; since 2.0.3, logging is only enabled by setting enable_log option for a task,
it means you will no longer see the log file by default since 2.0.3 unless you turn it on explicitly.
What Is Workspace Locking?
FortiManager supports multi-workspace mode, workspace guarantees you that you are operating in an administrative domain explusively so that no other users will not preempt you as long as you lock the workspace in advance.
To enable workspace locking on FortiManager 6.0.x, you usually also enable multi-adom status. Here are cli commands:
FMG-VM64 # config system global
(global)# set adom-status enable
(global)# set workspace-mode workflow
(global)# end
FMG-VM64 #
also you are able to enable workspace mode via module fmgr_system_global:
- name: Enable Workspace Mode
fmgr_system_global:
system_global:
adom-status: enable
workspace-mode: workflow
After workspace mode is enabled, you must assign the adom to workspace_locking_adom and a time value to workspace_locking_timeout optionally to
complete a successful task.
workspace_locking_adom- The adom you are going to access and lock, eitherglobalor a custom adom.workspace_locking_timeout- the ansible task will poll and wait for the adom to be unlocked if it was locked by other users, the parameter is the maximum seconds to wait before reporting failure, default value is 300 seconds.
here is an example to put the locking directives in tasks:
- name: create a package in a adom
fmgr_pm_pkg_adom:
workspace_locking_adom: 'root'
workspace_locking_timeout: 300
adom: 'root'
pm_pkg_adom:
name: 'adom.root.package0'
type: 'pkg'
Note: as ansible tasks terminates normally, the lock will be released automatically.
Caveat: if any tasks are interrupted, e.g. inputing a CTRL + ^C, you will no longer be able to use Ansible to access FMG anymore unless the previous session expires, in case of immediate access, you have to disable workspace mode via CLI console.
How To Deal With Task Result?
See Error Handling for more.
When to Use Parameter bypass_validation?
You are not encouraged to use bypass_validation except that you are sure something is wrong with the parameter definition and you want to fix them on you own immediately.
by setting bypass_validation to True, the content of parameters is not examined, thus enabling you to send any parameters to FortiManager backend server.
To use this parameter, you are likely to look up the defnition for an API on fortiapi spec page.
How To Monitor FortiManager Task?
There are lots of FortiManager APIs which return a task identifier. the task itself is running in the remote FortiManager server. you must poll the task periodically to see whether the task terminates or goes wrong.
an example is to add a fortigate device to fortimanager, the task may last for minutes, you can find the full playbook on Search Playbooks page . the snippet is very straightforward:
- name: poll the task
fmgr_fact:
facts:
selector: 'task_task'
params:
task: '{{installing_task.meta.response_data.taskid}}'
register: taskinfo
until: taskinfo.meta.response_data.percent == 100
retries: 30
delay: 5
failed_when: taskinfo.meta.response_data.state == 'error' and 'devsnexist' not in taskinfo.meta.response_data.line[0].detail
until- the condition to quit polling, this is the condition to quit normallyretries- how many times you want to try to check the status of running task.delay- checking frequency: 1/delay.failed_when- failing condition in which you regard the task a failure, this is the condition to quit abnormally
Get Help
Technical and Commuity Support
You can get support from Fortinet Technical Assistance Center.
For Ansible common issue, you can also get support from the community
Filing issues.
You can get support from the community engineering team via filing an issue in git issues page
Object Oriented Modules
The modules in this category are invoking add/update/delete methods to manipulate FortiManager managed objects.
faz_cli_fmupdate_analyzer_virusreport – Send virus detection notification to FortiGuard.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_analyzer_virusreport | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_analyzer_virusreport - Send virus detection notification to FortiGuard. type: dict
- status - Enable/disable sending virus detection notification to FortiGuard (default = enable). type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Send virus detection notification to FortiGuard.
faz_cli_fmupdate_analyzer_virusreport:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_analyzer_virusreport:
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_avips_advancedlog – Enable/disable logging of FortiGuard antivirus and IPS update packages received by FortiManager’s built-in FortiGuard.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_avips_advancedlog | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_avips_advancedlog - Enable/disable logging of FortiGuard antivirus and IPS update packages received by FortiManagers built-in FortiGuard. type: dict
- log-fortigate - Enable/disable logging of FortiGuard antivirus and IPS service updates of FortiGate devices (default = disable). type: str choices: [disable, enable] default: disable more...
- log-server - Enable/disable logging of update packages received by the build-in FortiGuard server (default = disable). type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Enable/disable logging of FortiGuard antivirus and IPS update packages received by FortiManagers built-in FortiGuard.
faz_cli_fmupdate_avips_advancedlog:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_avips_advancedlog:
log-fortigate: <value in [disable, enable]>
log-server: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_avips_webproxy – Configure the web proxy for use with FortiGuard antivirus and IPS updates.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_avips_webproxy | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_avips_webproxy - Configure the web proxy for use with FortiGuard antivirus and IPS updates. type: dict
- address - web proxy address. type: str more...
- mode - Web proxy mode type: str choices: [proxy, tunnel] default: tunnel more...
- password - No description for the parameter type: str more...
- port - The port number of the web proxy (1 - 65535, default = 80). type: int default: 80 more...
- status - Enable/disable connections through the web proxy (default = disable). type: str choices: [disable, enable] default: disable more...
- username - The user name used for authentication. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure the web proxy for use with FortiGuard antivirus and IPS updates.
faz_cli_fmupdate_avips_webproxy:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_avips_webproxy:
address: <value of string>
mode: <value in [proxy, tunnel]>
password: <value of string>
port: <value of integer>
status: <value in [disable, enable]>
username: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_customurllist – Configure the URL database for rating and filtering.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_customurllist | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_customurllist - Configure the URL database for rating and filtering. type: dict
- db_selection - No description for the parameter type: array choices: [both, custom-url, fortiguard-db] more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure the URL database for rating and filtering.
faz_cli_fmupdate_customurllist:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_customurllist:
db_selection:
- both
- custom-url
- fortiguard-db
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_diskquota – Configure disk space available for use by the Upgrade Manager.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_diskquota | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_diskquota - Configure disk space available for use by the Upgrade Manager. type: dict
- value - Configure the size of the Upgrade Manager disk quota, in megabytes. type: int default: 51200 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure disk space available for use by the Upgrade Manager.
faz_cli_fmupdate_diskquota:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_diskquota:
value: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_fctservices – Configure FortiGuard to provide services to FortiClient installations.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_fctservices | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_fctservices - Configure FortiGuard to provide services to FortiClient installations. type: dict
- port - Configure the port number on which the built-in FortiGuard should provide updates to FortiClient installations (1 - 65535, default = 80). type: int default: 80 more...
- status - Enable/disable built-in FortiGuard service to FortiClient installations (default = enable). type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure FortiGuard to provide services to FortiClient installations.
faz_cli_fmupdate_fctservices:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_fctservices:
port: <value of integer>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_fdssetting – Configure FortiGuard settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_fdssetting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_fdssetting - Configure FortiGuard settings. type: dict
- User-Agent - Configure the user agent string. type: str default: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) more...
- fds-clt-ssl-protocol - The SSL protocols version for connecting fds server (default = tlsv1. type: str choices: [sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3] default: tlsv1.2 more...
- fds-ssl-protocol - The SSL protocols version for receiving fgt connection (default = tlsv1. type: str choices: [sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3] default: tlsv1.2 more...
- fmtr-log - fmtr log level type: str choices: [emergency, alert, critical, error, warn, notice, info, debug, disable] default: info more...
- fortiguard-anycast - Enable/disable use of FortiGuards anycast network type: str choices: [disable, enable] default: disable more...
- fortiguard-anycast-source - Configure which of Fortinets servers to provide FortiGuard services in FortiGuards anycast network. type: str choices: [fortinet, aws] default: fortinet more...
- linkd-log - The linkd log level (default = info). type: str choices: [emergency, alert, critical, error, warn, notice, info, debug, disable] default: info more...
- max-av-ips-version - The maximum number of downloadable, full version AV/IPS packages (1 - 1000, default = 20). type: int default: 20 more...
- max-work - The maximum number of worker processing download requests (1 - 32, default = 1). type: int default: 1 more...
- push-override type: dict
- ip - External or virtual IP address of the NAT device that will forward push messages to the FortiManager unit. type: str default: 0.0.0.0 more...
- port - Receiving port number on the NAT device (1 - 65535, default = 9443). type: int default: 9443 more...
- status - Enable/disable push updates for clients (default = disable). type: str choices: [disable, enable] default: disable more...
- push-override-to-client type: dict
- announce-ip - No description for the parameter type: array more...
- status - Enable/disable push updates (default = disable). type: str choices: [disable, enable] default: disable more...
- send_report - send report/fssi to fds server. type: str choices: [disable, enable] default: enable more...
- send_setup - forward setup to fds server. type: str choices: [disable, enable] default: disable more...
- server-override type: dict
- servlist - No description for the parameter type: array
more...
- id - Override server ID (1 - 10). type: int default: 0 more...
- ip - IPv4 address of the override server. type: str default: 0.0.0.0 more...
- ip6 - IPv6 address of the override server. type: str default: :: more...
- port - Port number to use when contacting FortiGuard (1 - 65535, default = 443). type: int default: 443 more...
- service-type - Override service type. type: str choices: [fct, fds] default: fds more...
- status - Override status. type: str choices: [disable, enable] default: disable more...
- system-support-fct - No description for the parameter type: array choices: [4.x, 5.0, 5.2, 5.4, 5.6, 6.0, 6.2, 6.4] more...
- system-support-fgt - No description for the parameter type: array choices: [5.4, 5.6, 6.0, 6.2, 6.4, 7.0] more...
- system-support-fml - No description for the parameter type: array choices: [4.x, 5.x, 6.x] more...
- system-support-fsa - No description for the parameter type: array choices: [1.x, 2.x, 3.x, 4.x] more...
- system-support-fsw - No description for the parameter type: array choices: [4.x, 5.0, 5.2, 5.4, 5.6, 6.0, 6.2, 6.4] more...
- umsvc-log - The um_service log level (default = info). type: str choices: [emergency, alert, critical, error, warn, notice, info, debug, disable] default: info more...
- unreg-dev-option - set the option for unregister devices type: str choices: [ignore, svc-only, add-service] default: add-service more...
- update-schedule type: dict
- day - Configure the day the update will occur, if the freqnecy is weekly (Sunday - Saturday, default = Monday). type: str choices: [Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday] default: Monday more...
- frequency - Configure update frequency: every - time interval, daily - once a day, weekly - once a week (default = every). type: str choices: [every, daily, weekly] default: every more...
- status - Enable/disable scheduled updates. type: str choices: [disable, enable] default: enable more...
- time - No description for the parameter type: str more...
- wanip-query-mode - public ip query mode type: str choices: [disable, ipify] default: disable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure FortiGuard settings.
faz_cli_fmupdate_fdssetting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_fdssetting:
User-Agent: <value of string>
fds-clt-ssl-protocol: <value in [sslv3, tlsv1.0, tlsv1.1, ...]>
fds-ssl-protocol: <value in [sslv3, tlsv1.0, tlsv1.1, ...]>
fmtr-log: <value in [emergency, alert, critical, ...]>
fortiguard-anycast: <value in [disable, enable]>
fortiguard-anycast-source: <value in [fortinet, aws]>
linkd-log: <value in [emergency, alert, critical, ...]>
max-av-ips-version: <value of integer>
max-work: <value of integer>
push-override:
ip: <value of string>
port: <value of integer>
status: <value in [disable, enable]>
push-override-to-client:
announce-ip:
-
id: <value of integer>
ip: <value of string>
port: <value of integer>
status: <value in [disable, enable]>
send_report: <value in [disable, enable]>
send_setup: <value in [disable, enable]>
server-override:
servlist:
-
id: <value of integer>
ip: <value of string>
ip6: <value of string>
port: <value of integer>
service-type: <value in [fct, fds]>
status: <value in [disable, enable]>
system-support-fct:
- 4.x
- 5.0
- 5.2
- 5.4
- 5.6
- 6.0
- 6.2
- 6.4
system-support-fgt:
- 5.4
- 5.6
- 6.0
- 6.2
- 6.4
- 7.0
system-support-fml:
- 4.x
- 5.x
- 6.x
system-support-fsa:
- 1.x
- 2.x
- 3.x
- 4.x
system-support-fsw:
- 4.x
- 5.0
- 5.2
- 5.4
- 5.6
- 6.0
- 6.2
- 6.4
umsvc-log: <value in [emergency, alert, critical, ...]>
unreg-dev-option: <value in [ignore, svc-only, add-service]>
update-schedule:
day: <value in [Sunday, Monday, Tuesday, ...]>
frequency: <value in [every, daily, weekly]>
status: <value in [disable, enable]>
time: <value of string>
wanip-query-mode: <value in [disable, ipify]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_fdssetting_pushoverride – Enable/disable push updates, and override the default IP address and port used by FortiGuard to send antivirus and IPS push messages for clients.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_fdssetting_pushoverride | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_fdssetting_pushoverride - Enable/disable push updates, and override the default IP address and port used by FortiGuard to send antivirus and IPS push messages for... type: dict
- ip - External or virtual IP address of the NAT device that will forward push messages to the FortiManager unit. type: str default: 0.0.0.0 more...
- port - Receiving port number on the NAT device (1 - 65535, default = 9443). type: int default: 9443 more...
- status - Enable/disable push updates for clients (default = disable). type: str choices: [disable, enable] default: disable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Enable/disable push updates, and override the default IP address and port used by FortiGuard to send antivirus and IPS push messages for...
faz_cli_fmupdate_fdssetting_pushoverride:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_fdssetting_pushoverride:
ip: <value of string>
port: <value of integer>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_fdssetting_pushoverridetoclient – Enable/disable push updates, and override the default IP address and port used by FortiGuard to send antivirus and IPS push messages for clients.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_fdssetting_pushoverridetoclient | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_fdssetting_pushoverridetoclient - Enable/disable push updates, and override the default IP address and port used by FortiGuard to send antivirus and IPS push messages for... type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Enable/disable push updates, and override the default IP address and port used by FortiGuard to send antivirus and IPS push messages for...
faz_cli_fmupdate_fdssetting_pushoverridetoclient:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_fdssetting_pushoverridetoclient:
announce-ip:
-
id: <value of integer>
ip: <value of string>
port: <value of integer>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_fdssetting_pushoverridetoclient_announceip – Announce IP addresses for the device.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_fdssetting_pushoverridetoclient_announceip | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_fmupdate_fdssetting_pushoverridetoclient_announceip - Announce IP addresses for the device. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Announce IP addresses for the device.
faz_cli_fmupdate_fdssetting_pushoverridetoclient_announceip:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_fmupdate_fdssetting_pushoverridetoclient_announceip:
id: <value of integer>
ip: <value of string>
port: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_fdssetting_serveroverride – Server override configure.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_fdssetting_serveroverride | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_fdssetting_serveroverride - Server override configure. type: dict
- servlist - No description for the parameter type: array
more...
- id - Override server ID (1 - 10). type: int default: 0 more...
- ip - IPv4 address of the override server. type: str default: 0.0.0.0 more...
- ip6 - IPv6 address of the override server. type: str default: :: more...
- port - Port number to use when contacting FortiGuard (1 - 65535, default = 443). type: int default: 443 more...
- service-type - Override service type. type: str choices: [fct, fds] default: fds more...
- status - Override status. type: str choices: [disable, enable] default: disable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Server override configure.
faz_cli_fmupdate_fdssetting_serveroverride:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_fdssetting_serveroverride:
servlist:
-
id: <value of integer>
ip: <value of string>
ip6: <value of string>
port: <value of integer>
service-type: <value in [fct, fds]>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_fdssetting_serveroverride_servlist – Override server.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_fdssetting_serveroverride_servlist | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_fmupdate_fdssetting_serveroverride_servlist - Override server. type: dict
- id - Override server ID (1 - 10). type: int default: 0 more...
- ip - IPv4 address of the override server. type: str default: 0.0.0.0 more...
- ip6 - IPv6 address of the override server. type: str default: :: more...
- port - Port number to use when contacting FortiGuard (1 - 65535, default = 443). type: int default: 443 more...
- service-type - Override service type. type: str choices: [fct, fds] default: fds more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Override server.
faz_cli_fmupdate_fdssetting_serveroverride_servlist:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_fmupdate_fdssetting_serveroverride_servlist:
id: <value of integer>
ip: <value of string>
ip6: <value of string>
port: <value of integer>
service-type: <value in [fct, fds]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_fdssetting_updateschedule – Configure the schedule when built-in FortiGuard retrieves antivirus and IPS updates.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_fdssetting_updateschedule | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_fdssetting_updateschedule - Configure the schedule when built-in FortiGuard retrieves antivirus and IPS updates. type: dict
- day - Configure the day the update will occur, if the freqnecy is weekly (Sunday - Saturday, default = Monday). type: str choices: [Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday] default: Monday more...
- frequency - Configure update frequency: every - time interval, daily - once a day, weekly - once a week (default = every). type: str choices: [every, daily, weekly] default: every more...
- status - Enable/disable scheduled updates. type: str choices: [disable, enable] default: enable more...
- time - No description for the parameter type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure the schedule when built-in FortiGuard retrieves antivirus and IPS updates.
faz_cli_fmupdate_fdssetting_updateschedule:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_fdssetting_updateschedule:
day: <value in [Sunday, Monday, Tuesday, ...]>
frequency: <value in [every, daily, weekly]>
status: <value in [disable, enable]>
time: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_fwmsetting – Configure firmware management settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_fwmsetting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_fwmsetting - Configure firmware management settings. type: dict
- auto-scan-fgt-disk - auto scan fgt disk if needed. type: str choices: [disable, enable] default: enable more...
- check-fgt-disk - check fgt disk before upgrade image. type: str choices: [disable, enable] default: enable more...
- fds-failover-fmg - using fmg local image file is download from fds fails. type: str choices: [disable, enable] default: enable more...
- fds-image-timeout - timer for fgt download image from fortiguard (300-3600s default=1800) type: int default: 1800 more...
- multiple-steps-interval - waiting time between multiple steps upgrade (30-180s, default=60) type: int default: 60 more...
- max-fds-retry - The retries when fgt download from fds fail (5-20, default=10) type: int default: 5 more...
- skip-disk-check - skip disk check when upgrade image. type: str choices: [disable, enable] default: disable more...
- immx-source - Configure which of IMMX file to be used for choosing upgrade pach. type: str choices: [fmg, fgt, cloud] default: fmg more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure firmware management settings.
faz_cli_fmupdate_fwmsetting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_fwmsetting:
auto-scan-fgt-disk: <value in [disable, enable]>
check-fgt-disk: <value in [disable, enable]>
fds-failover-fmg: <value in [disable, enable]>
fds-image-timeout: <value of integer>
multiple-steps-interval: <value of integer>
max-fds-retry: <value of integer>
skip-disk-check: <value in [disable, enable]>
immx-source: <value in [fmg, fgt, cloud]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_multilayer – Configure multilayer mode.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_multilayer | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_multilayer - Configure multilayer mode. type: dict
- webspam-rating - Enable/disable URL/Antispam rating service (default = enable). type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure multilayer mode.
faz_cli_fmupdate_multilayer:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_multilayer:
webspam-rating: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_publicnetwork – Enable/disable access to the public FortiGuard.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_publicnetwork | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_publicnetwork - Enable/disable access to the public FortiGuard. type: dict
- status - Enable/disable public network (default = enable). type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Enable/disable access to the public FortiGuard.
faz_cli_fmupdate_publicnetwork:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_publicnetwork:
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_serveraccesspriorities – Configure priorities for FortiGate units accessing antivirus updates and web filtering services.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_serveraccesspriorities | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_serveraccesspriorities - Configure priorities for FortiGate units accessing antivirus updates and web filtering services. type: dict
- access-public - Enable/disable FortiGates to Access Public FortiGuard Servers when Private Servers are Unavailable (default = disable). type: str choices: [disable, enable] default: disable more...
- av-ips - Enable/disable Antivirus and IPS Update Service for Private Server(default = disable). type: str choices: [disable, enable] default: disable more...
- private-server - No description for the parameter type: array
more...
- id - Private server ID (1 - 10). type: int default: 0 more...
- ip - IPv4 address of the FortiManager unit or private server. type: str default: 0.0.0.0 more...
- ip6 - IPv6 address of the FortiManager unit or private server. type: str default: :: more...
- time_zone - Time zone of the private server (-24 = local time zone, default = -24). type: int default: -24 more...
- web-spam - Enable/disable Web Filter and Email Filter Update Service for Private Server (default = enable). type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure priorities for FortiGate units accessing antivirus updates and web filtering services.
faz_cli_fmupdate_serveraccesspriorities:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_serveraccesspriorities:
access-public: <value in [disable, enable]>
av-ips: <value in [disable, enable]>
private-server:
-
id: <value of integer>
ip: <value of string>
ip6: <value of string>
time_zone: <value of integer>
web-spam: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_serveraccesspriorities_privateserver – Configure multiple FortiManager units and private servers.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_serveraccesspriorities_privateserver | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_fmupdate_serveraccesspriorities_privateserver - Configure multiple FortiManager units and private servers. type: dict
- id - Private server ID (1 - 10). type: int default: 0 more...
- ip - IPv4 address of the FortiManager unit or private server. type: str default: 0.0.0.0 more...
- ip6 - IPv6 address of the FortiManager unit or private server. type: str default: :: more...
- time_zone - Time zone of the private server (-24 = local time zone, default = -24). type: int default: -24 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure multiple FortiManager units and private servers.
faz_cli_fmupdate_serveraccesspriorities_privateserver:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_fmupdate_serveraccesspriorities_privateserver:
id: <value of integer>
ip: <value of string>
ip6: <value of string>
time_zone: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_serveroverridestatus – Configure strict/loose server override.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_serveroverridestatus | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_serveroverridestatus - Configure strict/loose server override. type: dict
- mode - Server override mode (default = loose). type: str choices: [strict, loose] default: loose more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure strict/loose server override.
faz_cli_fmupdate_serveroverridestatus:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_serveroverridestatus:
mode: <value in [strict, loose]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_service – Enable/disable services provided by the built-in FortiGuard.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_service | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_service - Enable/disable services provided by the built-in FortiGuard. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Enable/disable services provided by the built-in FortiGuard.
faz_cli_fmupdate_service:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_service:
avips: <value in [disable, enable]>
query-geoip: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_webspam_fgdsetting – Configure the FortiGuard run parameters.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_webspam_fgdsetting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_webspam_fgdsetting - Configure the FortiGuard run parameters. type: dict
- as-cache - Antispam service maximum memory usage in megabytes (Maximum = Physical memory-1024, 0: no limit, default = 300). type: int default: 300 more...
- as-log - Antispam log setting (default = nospam). type: str choices: [disable, nospam, all] default: nospam more...
- as-preload - Enable/disable preloading antispam database to memory (default = disable). type: str choices: [disable, enable] default: disable more...
- av-cache - Antivirus service maximum memory usage, in megabytes (100 - 500, default = 300). type: int default: 300 more...
- av-log - Antivirus log setting (default = novirus). type: str choices: [disable, novirus, all] default: novirus more...
- av-preload - Enable/disable preloading antivirus database to memory (default = disable). type: str choices: [disable, enable] default: disable more...
- av2-cache - Antispam service maximum memory usage in megabytes (Maximum = Physical memory-1024, 0: no limit, default = 800). type: int default: 800 more...
- av2-log - Outbreak prevention log setting (default = noav2). type: str choices: [disable, noav2, all] default: noav2 more...
- av2-preload - Enable/disable preloading outbreak prevention database to memory (default = disable). type: str choices: [disable, enable] default: disable more...
- eventlog-query - Enable/disable record query to event-log besides fgd-log (default = disable). type: str choices: [disable, enable] default: disable more...
- fgd-pull-interval - Fgd pull interval setting, in minutes (1 - 1440, default = 10). type: int default: 10 more...
- fq-cache - File query service maximum memory usage, in megabytes (100 - 500, default = 300). type: int default: 300 more...
- fq-log - File query log setting (default = nofilequery). type: str choices: [disable, nofilequery, all] default: nofilequery more...
- fq-preload - Enable/disable preloading file query database to memory (default = disable). type: str choices: [disable, enable] default: disable more...
- linkd-log - Linkd log setting (default = debug). type: str choices: [emergency, alert, critical, error, warn, notice, info, debug, disable] default: debug more...
- max-client-worker - max worker for tcp client connection (0~16: 0 means use cpu number up to 4). type: int default: 0 more...
- max-log-quota - Maximum log quota setting, in megabytes (100 - 20480, default = 6144). type: int default: 6144 more...
- max-unrated-site - Maximum number of unrated site in memory, in kilobytes(10 - 5120, default = 500). type: int default: 500 more...
- restrict-as1-dbver - Restrict system update to indicated antispam(1) database version (character limit = 127). type: str more...
- restrict-as2-dbver - Restrict system update to indicated antispam(2) database version (character limit = 127). type: str more...
- restrict-as4-dbver - Restrict system update to indicated antispam(4) database version (character limit = 127). type: str more...
- restrict-av-dbver - Restrict system update to indicated antivirus database version (character limit = 127). type: str more...
- restrict-av2-dbver - Restrict system update to indicated outbreak prevention database version (character limit = 127). type: str more...
- restrict-fq-dbver - Restrict system update to indicated file query database version (character limit = 127). type: str more...
- restrict-wf-dbver - Restrict system update to indicated web filter database version (character limit = 127). type: str more...
- server-override type: dict
- servlist - No description for the parameter type: array
more...
- id - Override server ID (1 - 10). type: int default: 0 more...
- ip - IPv4 address of the override server. type: str default: 0.0.0.0 more...
- ip6 - IPv6 address of the override server. type: str default: :: more...
- port - Port number to use when contacting FortiGuard (1 - 65535, default = 443). type: int default: 443 more...
- service-type - Override service type. type: str choices: [fgd, fgc, fsa] more...
- status - Override status. type: str choices: [disable, enable] default: disable more...
- stat-log-interval - Statistic log interval setting, in minutes (1 - 1440, default = 60). type: int default: 60 more...
- stat-sync-interval - Synchronization interval for statistic of unrated site in minutes (1 - 60, default = 60). type: int default: 60 more...
- update-interval - FortiGuard database update wait time if not enough delta files, in hours (2 - 24, default = 6). type: int default: 6 more...
- update-log - Enable/disable update log setting (default = enable). type: str choices: [disable, enable] default: enable more...
- wf-cache - Web filter service maximum memory usage, in megabytes (maximum = Physical memory-1024, 0 = no limit, default = 600). type: int default: 0 more...
- wf-dn-cache-expire-time - Web filter DN cache expire time, in minutes (1 - 1440, 0 = never, default = 30). type: int default: 30 more...
- wf-dn-cache-max-number - Maximum number of Web filter DN cache (0 = disable, default = 10000). type: int default: 10000 more...
- wf-log - Web filter log setting (default = nour1) type: str choices: [disable, nourl, all] default: nourl more...
- wf-preload - Enable/disable preloading the web filter database into memory (default = disable). type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure the FortiGuard run parameters.
faz_cli_fmupdate_webspam_fgdsetting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_webspam_fgdsetting:
as-cache: <value of integer>
as-log: <value in [disable, nospam, all]>
as-preload: <value in [disable, enable]>
av-cache: <value of integer>
av-log: <value in [disable, novirus, all]>
av-preload: <value in [disable, enable]>
av2-cache: <value of integer>
av2-log: <value in [disable, noav2, all]>
av2-preload: <value in [disable, enable]>
eventlog-query: <value in [disable, enable]>
fgd-pull-interval: <value of integer>
fq-cache: <value of integer>
fq-log: <value in [disable, nofilequery, all]>
fq-preload: <value in [disable, enable]>
linkd-log: <value in [emergency, alert, critical, ...]>
max-client-worker: <value of integer>
max-log-quota: <value of integer>
max-unrated-site: <value of integer>
restrict-as1-dbver: <value of string>
restrict-as2-dbver: <value of string>
restrict-as4-dbver: <value of string>
restrict-av-dbver: <value of string>
restrict-av2-dbver: <value of string>
restrict-fq-dbver: <value of string>
restrict-wf-dbver: <value of string>
server-override:
servlist:
-
id: <value of integer>
ip: <value of string>
ip6: <value of string>
port: <value of integer>
service-type: <value in [fgd, fgc, fsa]>
status: <value in [disable, enable]>
stat-log-interval: <value of integer>
stat-sync-interval: <value of integer>
update-interval: <value of integer>
update-log: <value in [disable, enable]>
wf-cache: <value of integer>
wf-dn-cache-expire-time: <value of integer>
wf-dn-cache-max-number: <value of integer>
wf-log: <value in [disable, nourl, all]>
wf-preload: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_webspam_fgdsetting_serveroverride – Server override configure.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_webspam_fgdsetting_serveroverride | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_webspam_fgdsetting_serveroverride - Server override configure. type: dict
- servlist - No description for the parameter type: array
more...
- id - Override server ID (1 - 10). type: int default: 0 more...
- ip - IPv4 address of the override server. type: str default: 0.0.0.0 more...
- ip6 - IPv6 address of the override server. type: str default: :: more...
- port - Port number to use when contacting FortiGuard (1 - 65535, default = 443). type: int default: 443 more...
- service-type - Override service type. type: str choices: [fgd, fgc, fsa] more...
- status - Override status. type: str choices: [disable, enable] default: disable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Server override configure.
faz_cli_fmupdate_webspam_fgdsetting_serveroverride:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_webspam_fgdsetting_serveroverride:
servlist:
-
id: <value of integer>
ip: <value of string>
ip6: <value of string>
port: <value of integer>
service-type: <value in [fgd, fgc, fsa]>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_webspam_fgdsetting_serveroverride_servlist – Override server.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_webspam_fgdsetting_serveroverride_servlist | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_fmupdate_webspam_fgdsetting_serveroverride_servlist - Override server. type: dict
- id - Override server ID (1 - 10). type: int default: 0 more...
- ip - IPv4 address of the override server. type: str default: 0.0.0.0 more...
- ip6 - IPv6 address of the override server. type: str default: :: more...
- port - Port number to use when contacting FortiGuard (1 - 65535, default = 443). type: int default: 443 more...
- service-type - Override service type. type: str choices: [fgd, fgc, fsa] more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Override server.
faz_cli_fmupdate_webspam_fgdsetting_serveroverride_servlist:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_fmupdate_webspam_fgdsetting_serveroverride_servlist:
id: <value of integer>
ip: <value of string>
ip6: <value of string>
port: <value of integer>
service-type: <value in [fgd, fgc, fsa]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_fmupdate_webspam_webproxy – Configure the web proxy for use with FortiGuard antivirus and IPS updates.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_fmupdate_webspam_webproxy | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_fmupdate_webspam_webproxy - Configure the web proxy for use with FortiGuard antivirus and IPS updates. type: dict
- address - web proxy address. type: str more...
- mode - Web proxy mode type: str choices: [proxy, tunnel] default: tunnel more...
- password - No description for the parameter type: str more...
- port - The port number of the web proxy (1 - 65535, default = 80). type: int default: 80 more...
- status - Enable/disable connections through the web proxy (default = disable). type: str choices: [disable, enable] default: disable more...
- username - The user name used for authentication. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure the web proxy for use with FortiGuard antivirus and IPS updates.
faz_cli_fmupdate_webspam_webproxy:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_fmupdate_webspam_webproxy:
address: <value of string>
mode: <value in [proxy, tunnel]>
password: <value of string>
port: <value of integer>
status: <value in [disable, enable]>
username: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_metafields_system_admin_user
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_metafields_system_admin_user | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_metafields_system_admin_user - no description type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: no description
faz_cli_metafields_system_admin_user:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_metafields_system_admin_user:
importance: <value in [optional, required]>
length: <value of integer>
name: <value of string>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_group – User group.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_group | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_admin_group - User group. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: User group.
faz_cli_system_admin_group:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_admin_group:
member:
-
name: <value of string>
name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_group_member – Group members.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_group_member | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- group - The parameter in requested url type: str required: true
- cli_system_admin_group_member - Group members. type: dict
- name - Group member name. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Group members.
faz_cli_system_admin_group_member:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
group: <your own value>
state: <value in [present, absent]>
cli_system_admin_group_member:
name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_ldap – LDAP server entry configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_ldap | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_admin_ldap - LDAP server entry configuration. type: dict
- adom - No description for the parameter type: array
more...
- adom-name - Admin domain names. type: str more...
- adom-attr - Attribute used to retrieve adom type: str more...
- attributes - Attributes used for group searching. type: str default: member,uniquemember,memberuid more...
- ca-cert - CA certificate name. type: str more...
- cnid - Common Name Identifier (default = CN). type: str default: cn more...
- connect-timeout - LDAP connection timeout (msec). type: int default: 500 more...
- dn - Distinguished Name. type: str more...
- filter - Filter used for group searching. type: str default: (objectclass=*) more...
- group - Full base DN used for group searching. type: str more...
- memberof-attr - Attribute used to retrieve memeberof. type: str more...
- name - LDAP server entry name. type: str more...
- password - No description for the parameter type: str more...
- port - Port number of LDAP server (default = 389). type: int default: 389 more...
- profile-attr - Attribute used to retrieve admin profile. type: str more...
- secondary-server - {
- secure - SSL connection. type: str choices: [disable, starttls, ldaps] default: disable more...
- server - {
- tertiary-server - {
- type - Type of LDAP binding. type: str choices: [simple, anonymous, regular] default: simple more...
- username - Username (full DN) for initial binding. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: LDAP server entry configuration.
faz_cli_system_admin_ldap:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_admin_ldap:
adom:
-
adom-name: <value of string>
adom-attr: <value of string>
attributes: <value of string>
ca-cert: <value of string>
cnid: <value of string>
connect-timeout: <value of integer>
dn: <value of string>
filter: <value of string>
group: <value of string>
memberof-attr: <value of string>
name: <value of string>
password: <value of string>
port: <value of integer>
profile-attr: <value of string>
secondary-server: <value of string>
secure: <value in [disable, starttls, ldaps]>
server: <value of string>
tertiary-server: <value of string>
type: <value in [simple, anonymous, regular]>
username: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_ldap_adom – Admin domain.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_ldap_adom | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- ldap - The parameter in requested url type: str required: true
- cli_system_admin_ldap_adom - Admin domain. type: dict
- adom-name - Admin domain names. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Admin domain.
faz_cli_system_admin_ldap_adom:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
ldap: <your own value>
state: <value in [present, absent]>
cli_system_admin_ldap_adom:
adom-name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_profile – Admin profile.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_profile | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_admin_profile - Admin profile. type: dict
- adom-lock - ADOM locking type: str choices: [none, read, read-write] default: none more...
- adom-switch - Administrator domain. type: str choices: [none, read, read-write] default: none more...
- allow-to-install - Enable/disable the restricted user to install objects to the devices. type: str choices: [disable, enable] default: enable more...
- change-password - Enable/disable the user to change self password. type: str choices: [disable, enable] default: disable more...
- datamask - Enable/disable data masking. type: str choices: [disable, enable] default: disable more...
- datamask-custom-fields - No description for the parameter type: array
more...
- field-category - No description for the parameter type: array choices: [log, fortiview, alert, ueba, all] more...
- field-name - Field name. type: str more...
- field-status - Field status. type: str choices: [disable, enable] default: enable more...
- field-type - Field type. type: str choices: [string, ip, mac, email, unknown] default: string more...
- datamask-custom-priority - Prioritize custom fields. type: str choices: [disable, enable] default: disable more...
- datamask-fields - No description for the parameter type: array choices: [user, srcip, srcname, srcmac, dstip, dstname, email, message, domain] more...
- datamask-key - No description for the parameter type: str more...
- datamask-unmasked-time - Time in days without data masking. type: int default: 0 more...
- description - Description. type: str more...
- device-ap - Manage AP. type: str choices: [none, read, read-write] default: none more...
- device-forticlient - Manage FortiClient. type: str choices: [none, read, read-write] default: none more...
- device-fortiswitch - Manage FortiSwitch. type: str choices: [none, read, read-write] default: none more...
- device-manager - Device manager. type: str choices: [none, read, read-write] default: none more...
- device-op - Device add/delete/edit. type: str choices: [none, read, read-write] default: none more...
- device-policy-package-lock - Device/Policy Package locking type: str choices: [none, read, read-write] default: none more...
- device-wan-link-load-balance - Manage WAN link load balance. type: str choices: [none, read, read-write] default: none more...
- event-management - Event management. type: str choices: [none, read, read-write] default: none more...
- fortirecorder-setting - FortiRecorder settings. type: str choices: [none, read, read-write] default: none more...
- log-viewer - Log viewer. type: str choices: [none, read, read-write] default: none more...
- profileid - Profile ID. type: str more...
- realtime-monitor - Realtime monitor. type: str choices: [none, read, read-write] default: none more...
- report-viewer - Report viewer. type: str choices: [none, read, read-write] default: none more...
- scope - Scope. type: str choices: [global, adom] default: global more...
- super-user-profile - Enable/disable super user profile type: str choices: [disable, enable] default: disable more...
- system-setting - System setting. type: str choices: [none, read, read-write] default: none more...
- execute-playbook - Execute playbook. type: str choices: [none, read, read-write] default: none more...
- extension-access - Manage extension access. type: str choices: [none, read, read-write] default: none more...
- fabric-viewer - Fabric viewer. type: str choices: [none, read, read-write] default: none more...
- run-report - Run reports. type: str choices: [none, read, read-write] default: none more...
- script-access - Script access. type: str choices: [none, read, read-write] default: none more...
- triage-events - Triage events. type: str choices: [none, read, read-write] default: none more...
- update-incidents - Create/update incidents. type: str choices: [none, read, read-write] default: none more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Admin profile.
faz_cli_system_admin_profile:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_admin_profile:
adom-lock: <value in [none, read, read-write]>
adom-switch: <value in [none, read, read-write]>
allow-to-install: <value in [disable, enable]>
change-password: <value in [disable, enable]>
datamask: <value in [disable, enable]>
datamask-custom-fields:
-
field-category:
- log
- fortiview
- alert
- ueba
- all
field-name: <value of string>
field-status: <value in [disable, enable]>
field-type: <value in [string, ip, mac, ...]>
datamask-custom-priority: <value in [disable, enable]>
datamask-fields:
- user
- srcip
- srcname
- srcmac
- dstip
- dstname
- email
- message
- domain
datamask-key: <value of string>
datamask-unmasked-time: <value of integer>
description: <value of string>
device-ap: <value in [none, read, read-write]>
device-forticlient: <value in [none, read, read-write]>
device-fortiswitch: <value in [none, read, read-write]>
device-manager: <value in [none, read, read-write]>
device-op: <value in [none, read, read-write]>
device-policy-package-lock: <value in [none, read, read-write]>
device-wan-link-load-balance: <value in [none, read, read-write]>
event-management: <value in [none, read, read-write]>
fortirecorder-setting: <value in [none, read, read-write]>
log-viewer: <value in [none, read, read-write]>
profileid: <value of string>
realtime-monitor: <value in [none, read, read-write]>
report-viewer: <value in [none, read, read-write]>
scope: <value in [global, adom]>
super-user-profile: <value in [disable, enable]>
system-setting: <value in [none, read, read-write]>
execute-playbook: <value in [none, read, read-write]>
extension-access: <value in [none, read, read-write]>
fabric-viewer: <value in [none, read, read-write]>
run-report: <value in [none, read, read-write]>
script-access: <value in [none, read, read-write]>
triage-events: <value in [none, read, read-write]>
update-incidents: <value in [none, read, read-write]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_profile_datamaskcustomfields – Customized datamask fields.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_profile_datamaskcustomfields | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- profile - The parameter in requested url type: str required: true
- cli_system_admin_profile_datamaskcustomfields - Customized datamask fields. type: dict
- field-category - No description for the parameter type: array choices: [log, fortiview, alert, ueba, all] more...
- field-name - Field name. type: str more...
- field-status - Field status. type: str choices: [disable, enable] default: enable more...
- field-type - Field type. type: str choices: [string, ip, mac, email, unknown] default: string more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Customized datamask fields.
faz_cli_system_admin_profile_datamaskcustomfields:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
profile: <your own value>
state: <value in [present, absent]>
cli_system_admin_profile_datamaskcustomfields:
field-category:
- log
- fortiview
- alert
- ueba
- all
field-name: <value of string>
field-status: <value in [disable, enable]>
field-type: <value in [string, ip, mac, ...]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_radius – Configure radius.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_radius | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_admin_radius - Configure radius. type: dict
- auth-type - Authentication protocol. type: str choices: [any, pap, chap, mschap2] default: any more...
- name - Name. type: str more...
- nas-ip - NAS IP address and called station ID. type: str default: 0.0.0.0 more...
- port - Server port. type: int default: 1812 more...
- secondary-secret - No description for the parameter type: str more...
- secondary-server - Secondary server name/IP. type: str more...
- secret - No description for the parameter type: str more...
- server - Server name/IP. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure radius.
faz_cli_system_admin_radius:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_admin_radius:
auth-type: <value in [any, pap, chap, ...]>
name: <value of string>
nas-ip: <value of string>
port: <value of integer>
secondary-secret: <value of string>
secondary-server: <value of string>
secret: <value of string>
server: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_setting – Admin setting.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_setting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_admin_setting - Admin setting. type: dict
- access-banner - Enable/disable access banner. type: str choices: [disable, enable] default: disable more...
- admin-https-redirect - Enable/disable redirection of HTTP admin traffic to HTTPS. type: str choices: [disable, enable] default: enable more...
- admin-login-max - Maximum number admin users logged in at one time (1 - 256). type: int default: 256 more...
- admin_server_cert - HTTPS & Web Service server certificate. type: str default: server.crt more...
- banner-message - Banner message. type: str more...
- gui-theme - Color scheme to use for the administration GUI. type: str choices: [blue, green, red, melongene, spring, summer, autumn, winter, space, calla-lily, binary-tunnel, diving, dreamy, technology, landscape, twilight, canyon, northern-light, astronomy, fish, penguin, panda, polar-bear, parrot, cave, mountain, zebra, contrast-dark, circuit-board, mars, blue-sea] default: blue more...
- http_port - HTTP port. type: int default: 80 more...
- https_port - HTTPS port. type: int default: 443 more...
- idle_timeout - Idle timeout (1 - 480 min). type: int default: 15 more...
- objects-force-deletion - Enable/disable used objects force deletion. type: str choices: [disable, enable] default: enable more...
- shell-access - Enable/disable shell access. type: str choices: [disable, enable] default: disable more...
- shell-password - No description for the parameter type: str more...
- show-add-multiple - Show add multiple button. type: str choices: [disable, enable] default: disable more...
- show-checkbox-in-table - Show checkboxs in tables on GUI. type: str choices: [disable, enable] default: disable more...
- show-device-import-export - Enable/disable import/export of ADOM, device, and group lists. type: str choices: [disable, enable] default: disable more...
- show-fct-manager - Enable/disable FCT manager. type: str choices: [disable, enable] default: disable more...
- show-hostname - Enable/disable hostname display in the GUI login page. type: str choices: [disable, enable] default: disable more...
- show-log-forwarding - Show log forwarding tab in regular mode. type: str choices: [disable, enable] default: enable more...
- unreg_dev_opt - Action to take when unregistered device connects to FortiAnalyzer. type: str choices: [add_no_service, ignore, add_allow_service] default: add_allow_service more...
- webadmin_language - Web admin language. type: str choices: [auto_detect, english, simplified_chinese, traditional_chinese, japanese, korean, spanish] default: auto_detect more...
- idle_timeout_api - Idle timeout for API sessions (1 - 28800 sec). type: int default: 900 more...
- idle_timeout_gui - Idle timeout for GUI sessions (60 - 28800 sec). type: int default: 900 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Admin setting.
faz_cli_system_admin_setting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_admin_setting:
access-banner: <value in [disable, enable]>
admin-https-redirect: <value in [disable, enable]>
admin-login-max: <value of integer>
admin_server_cert: <value of string>
banner-message: <value of string>
gui-theme: <value in [blue, green, red, ...]>
http_port: <value of integer>
https_port: <value of integer>
idle_timeout: <value of integer>
objects-force-deletion: <value in [disable, enable]>
shell-access: <value in [disable, enable]>
shell-password: <value of string>
show-add-multiple: <value in [disable, enable]>
show-checkbox-in-table: <value in [disable, enable]>
show-device-import-export: <value in [disable, enable]>
show-fct-manager: <value in [disable, enable]>
show-hostname: <value in [disable, enable]>
show-log-forwarding: <value in [disable, enable]>
unreg_dev_opt: <value in [add_no_service, ignore, add_allow_service]>
webadmin_language: <value in [auto_detect, english, simplified_chinese, ...]>
idle_timeout_api: <value of integer>
idle_timeout_gui: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_tacacs – TACACS+ server entry configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_tacacs | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_admin_tacacs - TACACS+ server entry configuration. type: dict
- authen-type - Authentication type. type: str choices: [auto, ascii, pap, chap, mschap] default: auto more...
- authorization - Enable/disable TACACS+ authorization. type: str choices: [disable, enable] default: disable more...
- key - No description for the parameter type: str more...
- name - TACACS+ server entry name. type: str more...
- port - Port number of TACACS+ server. type: int default: 49 more...
- secondary-key - No description for the parameter type: str more...
- secondary-server - {
- server - {
- tertiary-key - No description for the parameter type: str more...
- tertiary-server - {
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: TACACS+ server entry configuration.
faz_cli_system_admin_tacacs:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_admin_tacacs:
authen-type: <value in [auto, ascii, pap, ...]>
authorization: <value in [disable, enable]>
key: <value of string>
name: <value of string>
port: <value of integer>
secondary-key: <value of string>
secondary-server: <value of string>
server: <value of string>
tertiary-key: <value of string>
tertiary-server: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_user – Admin user.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_user | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_admin_user - Admin user. type: dict
- adom - No description for the parameter type: array
more...
- adom-name - Admin domain names. type: str more...
- adom-exclude - No description for the parameter type: array
more...
- adom-name - Admin domain names. type: str more...
- avatar - Image file for avatar (maximum 4K base64 encoded). type: str more...
- ca - PKI user certificate CA (CA name in local). type: str more...
- change-password - Enable/disable restricted user to change self password. type: str choices: [disable, enable] default: disable more...
- dashboard - No description for the parameter type: array
more...
- column - Widgets column ID. type: int default: 0 more...
- diskio-content-type - Disk I/O Monitor widgets chart type. type: str choices: [util, iops, blks] default: util more...
- diskio-period - Disk I/O Monitor widgets data period. type: str choices: [1hour, 8hour, 24hour] default: 1hour more...
- log-rate-period - Log receive monitor widgets data period. type: str choices: [2min , 1hour, 6hours] more...
- log-rate-topn - Log receive monitor widgets number of top items to display. type: str choices: [1, 2, 3, 4, 5] default: 5 more...
- log-rate-type - Log receive monitor widgets statistics breakdown options. type: str choices: [log, device] default: device more...
- moduleid - Widget ID. type: int default: 0 more...
- name - Widget name. type: str more...
- num-entries - Number of entries. type: int default: 10 more...
- refresh-interval - Widgets refresh interval. type: int default: 300 more...
- res-cpu-display - Widgets CPU display type. type: str choices: [average , each] default: average more...
- res-period - Widgets data period. type: str choices: [10min , hour, day] default: 10min more...
- res-view-type - Widgets data view type. type: str choices: [real-time , history] default: history more...
- status - Widgets opened/closed state. type: str choices: [close, open] default: open more...
- tabid - ID of tab where widget is displayed. type: int default: 0 more...
- time-period - Log Database Monitor widgets data period. type: str choices: [1hour, 8hour, 24hour] default: 1hour more...
- widget-type - Widget type. type: str choices: [top-lograte, sysres, sysinfo, licinfo, jsconsole, sysop, alert, statistics, rpteng, raid, logrecv, devsummary, logdb-perf, logdb-lag, disk-io, log-rcvd-fwd] more...
- dashboard-tabs - No description for the parameter type: array more...
- description - Description. type: str more...
- dev-group - device group. type: str more...
- email-address - Email address. type: str more...
- ext-auth-accprofile-override - Allow to use the access profile provided by the remote authentication server. type: str choices: [disable, enable] default: disable more...
- ext-auth-adom-override - Allow to use the ADOM provided by the remote authentication server. type: str choices: [disable, enable] default: disable more...
- ext-auth-group-match - Only administrators belonging to this group can login. type: str more...
- first-name - First name. type: str more...
- force-password-change - Enable/disable force password change on next login. type: str choices: [disable, enable] default: disable more...
- group - Group name. type: str more...
- hidden - Hidden administrator. type: int default: 0 more...
- ipv6_trusthost1 - Admin user trusted host IPv6, default ::/0 for all. type: str default: ::/0 more...
- ipv6_trusthost10 - Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str default: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 more...
- ipv6_trusthost2 - Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str default: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 more...
- ipv6_trusthost3 - Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str default: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 more...
- ipv6_trusthost4 - Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str default: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 more...
- ipv6_trusthost5 - Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str default: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 more...
- ipv6_trusthost6 - Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str default: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 more...
- ipv6_trusthost7 - Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str default: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 more...
- ipv6_trusthost8 - Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str default: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 more...
- ipv6_trusthost9 - Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str default: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 more...
- last-name - Last name. type: str more...
- ldap-server - LDAP server name. type: str more...
- meta-data - No description for the parameter type: array
more...
- fieldlength - Field length. type: int default: 0 more...
- fieldname - Field name. type: str more...
- fieldvalue - Field value. type: str more...
- importance - Importance. type: str choices: [optional, required] default: optional more...
- status - Status. type: str choices: [disabled, enabled] default: enabled more...
- mobile-number - Mobile number. type: str more...
- pager-number - Pager number. type: str more...
- password - No description for the parameter type: str more...
- password-expire - Password expire time in GMT. type: str more...
- phone-number - Phone number. type: str more...
- policy-package - No description for the parameter type: array
more...
- policy-package-name - Policy package names. type: str more...
- profileid - Profile ID. type: str default: Restricted_User more...
- radius_server - RADIUS server name. type: str more...
- restrict-access - Enable/disable restricted access to development VDOM. type: str choices: [disable, enable] default: disable more...
- restrict-dev-vdom - No description for the parameter type: array
more...
- dev-vdom - Device or device VDOM. type: str more...
- rpc-permit - set none/read/read-write rpc-permission. type: str choices: [read-write, none, read] default: none more...
- ssh-public-key1 - No description for the parameter type: str more...
- ssh-public-key2 - No description for the parameter type: str more...
- ssh-public-key3 - No description for the parameter type: str more...
- subject - PKI user certificate name constraints. type: str more...
- tacacs-plus-server - TACACS+ server name. type: str more...
- trusthost1 - Admin user trusted host IP, default 0. type: str default: 0.0.0.0 0.0.0.0 more...
- trusthost10 - Admin user trusted host IP, default 255. type: str default: 255.255.255.255 255.255.255.255 more...
- trusthost2 - Admin user trusted host IP, default 255. type: str default: 255.255.255.255 255.255.255.255 more...
- trusthost3 - Admin user trusted host IP, default 255. type: str default: 255.255.255.255 255.255.255.255 more...
- trusthost4 - Admin user trusted host IP, default 255. type: str default: 255.255.255.255 255.255.255.255 more...
- trusthost5 - Admin user trusted host IP, default 255. type: str default: 255.255.255.255 255.255.255.255 more...
- trusthost6 - Admin user trusted host IP, default 255. type: str default: 255.255.255.255 255.255.255.255 more...
- trusthost7 - Admin user trusted host IP, default 255. type: str default: 255.255.255.255 255.255.255.255 more...
- trusthost8 - Admin user trusted host IP, default 255. type: str default: 255.255.255.255 255.255.255.255 more...
- trusthost9 - Admin user trusted host IP, default 255. type: str default: 255.255.255.255 255.255.255.255 more...
- two-factor-auth - Enable 2-factor authentication (certificate + password). type: str choices: [disable, enable] default: disable more...
- user_type - User type. type: str choices: [local, radius, ldap, tacacs-plus, pki-auth, group, sso] default: local more...
- userid - User name. type: str more...
- wildcard - Enable/disable wildcard remote authentication. type: str choices: [disable, enable] default: disable more...
- login-max - Max login session for this user. type: int default: 32 more...
- use-global-theme - Enable/disble global theme for administration GUI. type: str choices: [disable, enable] default: enable more...
- user-theme - Color scheme to use for the admin user GUI. type: str choices: [blue, green, red, melongene, spring, summer, autumn, winter, circuit-board, calla-lily, binary-tunnel, mars, blue-sea, technology, landscape, twilight, canyon, northern-light, astronomy, fish, penguin, mountain, panda, parrot, cave, zebra, contrast-dark] default: blue more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Admin user.
faz_cli_system_admin_user:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_admin_user:
adom:
-
adom-name: <value of string>
adom-exclude:
-
adom-name: <value of string>
avatar: <value of string>
ca: <value of string>
change-password: <value in [disable, enable]>
dashboard:
-
column: <value of integer>
diskio-content-type: <value in [util, iops, blks]>
diskio-period: <value in [1hour, 8hour, 24hour]>
log-rate-period: <value in [2min , 1hour, 6hours]>
log-rate-topn: <value in [1, 2, 3, ...]>
log-rate-type: <value in [log, device]>
moduleid: <value of integer>
name: <value of string>
num-entries: <value of integer>
refresh-interval: <value of integer>
res-cpu-display: <value in [average , each]>
res-period: <value in [10min , hour, day]>
res-view-type: <value in [real-time , history]>
status: <value in [close, open]>
tabid: <value of integer>
time-period: <value in [1hour, 8hour, 24hour]>
widget-type: <value in [top-lograte, sysres, sysinfo, ...]>
dashboard-tabs:
-
name: <value of string>
tabid: <value of integer>
description: <value of string>
dev-group: <value of string>
email-address: <value of string>
ext-auth-accprofile-override: <value in [disable, enable]>
ext-auth-adom-override: <value in [disable, enable]>
ext-auth-group-match: <value of string>
first-name: <value of string>
force-password-change: <value in [disable, enable]>
group: <value of string>
hidden: <value of integer>
ipv6_trusthost1: <value of string>
ipv6_trusthost10: <value of string>
ipv6_trusthost2: <value of string>
ipv6_trusthost3: <value of string>
ipv6_trusthost4: <value of string>
ipv6_trusthost5: <value of string>
ipv6_trusthost6: <value of string>
ipv6_trusthost7: <value of string>
ipv6_trusthost8: <value of string>
ipv6_trusthost9: <value of string>
last-name: <value of string>
ldap-server: <value of string>
meta-data:
-
fieldlength: <value of integer>
fieldname: <value of string>
fieldvalue: <value of string>
importance: <value in [optional, required]>
status: <value in [disabled, enabled]>
mobile-number: <value of string>
pager-number: <value of string>
password: <value of string>
password-expire: <value of string>
phone-number: <value of string>
policy-package:
-
policy-package-name: <value of string>
profileid: <value of string>
radius_server: <value of string>
restrict-access: <value in [disable, enable]>
restrict-dev-vdom:
-
dev-vdom: <value of string>
rpc-permit: <value in [read-write, none, read]>
ssh-public-key1: <value of string>
ssh-public-key2: <value of string>
ssh-public-key3: <value of string>
subject: <value of string>
tacacs-plus-server: <value of string>
trusthost1: <value of string>
trusthost10: <value of string>
trusthost2: <value of string>
trusthost3: <value of string>
trusthost4: <value of string>
trusthost5: <value of string>
trusthost6: <value of string>
trusthost7: <value of string>
trusthost8: <value of string>
trusthost9: <value of string>
two-factor-auth: <value in [disable, enable]>
user_type: <value in [local, radius, ldap, ...]>
userid: <value of string>
wildcard: <value in [disable, enable]>
login-max: <value of integer>
use-global-theme: <value in [disable, enable]>
user-theme: <value in [blue, green, red, ...]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_user_adom – Admin domain.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_user_adom | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- user - The parameter in requested url type: str required: true
- cli_system_admin_user_adom - Admin domain. type: dict
- adom-name - Admin domain names. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Admin domain.
faz_cli_system_admin_user_adom:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
user: <your own value>
state: <value in [present, absent]>
cli_system_admin_user_adom:
adom-name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_user_adomexclude – Excluding admin domain.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_user_adomexclude | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- user - The parameter in requested url type: str required: true
- cli_system_admin_user_adomexclude - Excluding admin domain. type: dict
- adom-name - Admin domain names. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Excluding admin domain.
faz_cli_system_admin_user_adomexclude:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
user: <your own value>
state: <value in [present, absent]>
cli_system_admin_user_adomexclude:
adom-name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_user_dashboard – Custom dashboard widgets.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_user_dashboard | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- user - The parameter in requested url type: str required: true
- cli_system_admin_user_dashboard - Custom dashboard widgets. type: dict
- column - Widgets column ID. type: int default: 0 more...
- diskio-content-type - Disk I/O Monitor widgets chart type. type: str choices: [util, iops, blks] default: util more...
- diskio-period - Disk I/O Monitor widgets data period. type: str choices: [1hour, 8hour, 24hour] default: 1hour more...
- log-rate-period - Log receive monitor widgets data period. type: str choices: [2min , 1hour, 6hours] more...
- log-rate-topn - Log receive monitor widgets number of top items to display. type: str choices: [1, 2, 3, 4, 5] default: 5 more...
- log-rate-type - Log receive monitor widgets statistics breakdown options. type: str choices: [log, device] default: device more...
- moduleid - Widget ID. type: int default: 0 more...
- name - Widget name. type: str more...
- num-entries - Number of entries. type: int default: 10 more...
- refresh-interval - Widgets refresh interval. type: int default: 300 more...
- res-cpu-display - Widgets CPU display type. type: str choices: [average , each] default: average more...
- res-period - Widgets data period. type: str choices: [10min , hour, day] default: 10min more...
- res-view-type - Widgets data view type. type: str choices: [real-time , history] default: history more...
- status - Widgets opened/closed state. type: str choices: [close, open] default: open more...
- tabid - ID of tab where widget is displayed. type: int default: 0 more...
- time-period - Log Database Monitor widgets data period. type: str choices: [1hour, 8hour, 24hour] default: 1hour more...
- widget-type - Widget type. type: str choices: [top-lograte, sysres, sysinfo, licinfo, jsconsole, sysop, alert, statistics, rpteng, raid, logrecv, devsummary, logdb-perf, logdb-lag, disk-io, log-rcvd-fwd] more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Custom dashboard widgets.
faz_cli_system_admin_user_dashboard:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
user: <your own value>
state: <value in [present, absent]>
cli_system_admin_user_dashboard:
column: <value of integer>
diskio-content-type: <value in [util, iops, blks]>
diskio-period: <value in [1hour, 8hour, 24hour]>
log-rate-period: <value in [2min , 1hour, 6hours]>
log-rate-topn: <value in [1, 2, 3, ...]>
log-rate-type: <value in [log, device]>
moduleid: <value of integer>
name: <value of string>
num-entries: <value of integer>
refresh-interval: <value of integer>
res-cpu-display: <value in [average , each]>
res-period: <value in [10min , hour, day]>
res-view-type: <value in [real-time , history]>
status: <value in [close, open]>
tabid: <value of integer>
time-period: <value in [1hour, 8hour, 24hour]>
widget-type: <value in [top-lograte, sysres, sysinfo, ...]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_user_dashboardtabs – Custom dashboard.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_user_dashboardtabs | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- user - The parameter in requested url type: str required: true
- cli_system_admin_user_dashboardtabs - Custom dashboard. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Custom dashboard.
faz_cli_system_admin_user_dashboardtabs:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
user: <your own value>
state: <value in [present, absent]>
cli_system_admin_user_dashboardtabs:
name: <value of string>
tabid: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_user_metadata – Configure meta data.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_user_metadata | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- user - The parameter in requested url type: str required: true
- cli_system_admin_user_metadata - Configure meta data. type: dict
- fieldlength - Field length. type: int default: 0 more...
- fieldname - Field name. type: str more...
- fieldvalue - Field value. type: str more...
- importance - Importance. type: str choices: [optional, required] default: optional more...
- status - Status. type: str choices: [disabled, enabled] default: enabled more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure meta data.
faz_cli_system_admin_user_metadata:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
user: <your own value>
state: <value in [present, absent]>
cli_system_admin_user_metadata:
fieldlength: <value of integer>
fieldname: <value of string>
fieldvalue: <value of string>
importance: <value in [optional, required]>
status: <value in [disabled, enabled]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_user_policypackage – Policy package access.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_admin_user_policypackage | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- user - The parameter in requested url type: str required: true
- cli_system_admin_user_policypackage - Policy package access. type: dict
- policy-package-name - Policy package names. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Policy package access.
faz_cli_system_admin_user_policypackage:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
user: <your own value>
state: <value in [present, absent]>
cli_system_admin_user_policypackage:
policy-package-name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_admin_user_restrictdevvdom – Restricted to these devices/VDOMs.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
|
| cli_system_admin_user_restrictdevvdom | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- user - The parameter in requested url type: str required: true
- cli_system_admin_user_restrictdevvdom - Restricted to these devices/VDOMs. type: dict
- dev-vdom - Device or device VDOM. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Restricted to these devices/VDOMs.
faz_cli_system_admin_user_restrictdevvdom:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
user: <your own value>
state: <value in [present, absent]>
cli_system_admin_user_restrictdevvdom:
dev-vdom: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_alertconsole – Alert console.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_alertconsole | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_alertconsole - Alert console. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Alert console.
faz_cli_system_alertconsole:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_alertconsole:
period: <value in [1, 2, 3, ...]>
severity-level:
- debug
- information
- notify
- warning
- error
- critical
- alert
- emergency
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_alertemail – Configure alertemail.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_alertemail | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_alertemail - Configure alertemail. type: dict
- authentication - Enable/disable authentication. type: str choices: [disable, enable] default: enable more...
- fromaddress - SMTP from address. type: str more...
- fromname - SMTP from user. type: str more...
- smtppassword - No description for the parameter type: str more...
- smtpport - SMTP server port. type: int default: 25 more...
- smtpserver - SMTP server address. type: str more...
- smtpuser - SMTP server user. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure alertemail.
faz_cli_system_alertemail:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_alertemail:
authentication: <value in [disable, enable]>
fromaddress: <value of string>
fromname: <value of string>
smtppassword: <value of string>
smtpport: <value of integer>
smtpserver: <value of string>
smtpuser: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_alertevent – Alert events.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_alertevent | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_alertevent - Alert events. type: dict
- alert-destination - No description for the parameter type: array
more...
- from - Sender email address to use in alert emails. type: str more...
- smtp-name - SMTP server name. type: str more...
- snmp-name - SNMP trap name. type: str more...
- syslog-name - Syslog server name. type: str more...
- to - Recipient email address to use in alert emails. type: str more...
- type - Destination type. type: str choices: [mail, snmp, syslog] default: mail more...
- enable-generic-text - No description for the parameter type: array choices: [enable, disable] more...
- enable-severity-filter - No description for the parameter type: array choices: [enable, disable] more...
- event-time-period - Time period (hours). type: str choices: [0.5, 1, 3, 6, 12, 24, 72, 168] default: 0.5 more...
- generic-text - Text that must be contained in a log to trigger alert. type: str more...
- name - Alert name. type: str more...
- num-events - Minimum number of events required within time period. type: str choices: [1, 5, 10, 50, 100] default: 1 more...
- severity-filter - Required log severity to trigger alert. type: str choices: [high, medium-high, medium, medium-low, low] default: high more...
- severity-level-comp - No description for the parameter type: array choices: [>=, =, <=] more...
- severity-level-logs - No description for the parameter type: array choices: [no-check, information, notify, warning, error, critical, alert, emergency] more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Alert events.
faz_cli_system_alertevent:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_alertevent:
alert-destination:
-
from: <value of string>
smtp-name: <value of string>
snmp-name: <value of string>
syslog-name: <value of string>
to: <value of string>
type: <value in [mail, snmp, syslog]>
enable-generic-text:
- enable
- disable
enable-severity-filter:
- enable
- disable
event-time-period: <value in [0.5, 1, 3, ...]>
generic-text: <value of string>
name: <value of string>
num-events: <value in [1, 5, 10, ...]>
severity-filter: <value in [high, medium-high, medium, ...]>
severity-level-comp:
- >=
- =
- <=
severity-level-logs:
- no-check
- information
- notify
- warning
- error
- critical
- alert
- emergency
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_alertevent_alertdestination – Alert destination.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_alertevent_alertdestination | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- alert-event - The parameter in requested url type: str required: true
- cli_system_alertevent_alertdestination - Alert destination. type: dict
- from - Sender email address to use in alert emails. type: str more...
- smtp-name - SMTP server name. type: str more...
- snmp-name - SNMP trap name. type: str more...
- syslog-name - Syslog server name. type: str more...
- to - Recipient email address to use in alert emails. type: str more...
- type - Destination type. type: str choices: [mail, snmp, syslog] default: mail more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Alert destination.
faz_cli_system_alertevent_alertdestination:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
alert-event: <your own value>
state: <value in [present, absent]>
cli_system_alertevent_alertdestination:
from: <value of string>
smtp-name: <value of string>
snmp-name: <value of string>
syslog-name: <value of string>
to: <value of string>
type: <value in [mail, snmp, syslog]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_autodelete – Automatic deletion policy for logs, reports, archived, and quarantined files.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_autodelete | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_autodelete - Automatic deletion policy for logs, reports, archived, and quarantined files. type: dict
- dlp-files-auto-deletion type: dict
- retention - Automatic deletion in days, weeks, or months. type: str choices: [days, weeks, months] default: days more...
- runat - Automatic deletion run at (0 - 23) oclock. type: int default: 0 more...
- status - Enable/disable automatic deletion. type: str choices: [disable, enable] default: disable more...
- value - Automatic deletion in x days, weeks, or months. type: int default: 0 more...
- log-auto-deletion type: dict
- retention - Automatic deletion in days, weeks, or months. type: str choices: [days, weeks, months] default: days more...
- runat - Automatic deletion run at (0 - 23) oclock. type: int default: 0 more...
- status - Enable/disable automatic deletion. type: str choices: [disable, enable] default: disable more...
- value - Automatic deletion in x days, weeks, or months. type: int default: 0 more...
- quarantine-files-auto-deletion type: dict
- retention - Automatic deletion in days, weeks, or months. type: str choices: [days, weeks, months] default: days more...
- runat - Automatic deletion run at (0 - 23) oclock. type: int default: 0 more...
- status - Enable/disable automatic deletion. type: str choices: [disable, enable] default: disable more...
- value - Automatic deletion in x days, weeks, or months. type: int default: 0 more...
- report-auto-deletion type: dict
- retention - Automatic deletion in days, weeks, or months. type: str choices: [days, weeks, months] default: days more...
- runat - Automatic deletion run at (0 - 23) oclock. type: int default: 0 more...
- status - Enable/disable automatic deletion. type: str choices: [disable, enable] default: disable more...
- value - Automatic deletion in x days, weeks, or months. type: int default: 0 more...
- status-fake - Fake value for the menu to work. type: int more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Automatic deletion policy for logs, reports, archived, and quarantined files.
faz_cli_system_autodelete:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_autodelete:
dlp-files-auto-deletion:
retention: <value in [days, weeks, months]>
runat: <value of integer>
status: <value in [disable, enable]>
value: <value of integer>
log-auto-deletion:
retention: <value in [days, weeks, months]>
runat: <value of integer>
status: <value in [disable, enable]>
value: <value of integer>
quarantine-files-auto-deletion:
retention: <value in [days, weeks, months]>
runat: <value of integer>
status: <value in [disable, enable]>
value: <value of integer>
report-auto-deletion:
retention: <value in [days, weeks, months]>
runat: <value of integer>
status: <value in [disable, enable]>
value: <value of integer>
status-fake: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_autodelete_dlpfilesautodeletion – Automatic deletion policy for DLP archives.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_autodelete_dlpfilesautodeletion | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_autodelete_dlpfilesautodeletion - Automatic deletion policy for DLP archives. type: dict
- retention - Automatic deletion in days, weeks, or months. type: str choices: [days, weeks, months] default: days more...
- runat - Automatic deletion run at (0 - 23) oclock. type: int default: 0 more...
- status - Enable/disable automatic deletion. type: str choices: [disable, enable] default: disable more...
- value - Automatic deletion in x days, weeks, or months. type: int default: 0 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Automatic deletion policy for DLP archives.
faz_cli_system_autodelete_dlpfilesautodeletion:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_autodelete_dlpfilesautodeletion:
retention: <value in [days, weeks, months]>
runat: <value of integer>
status: <value in [disable, enable]>
value: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_autodelete_logautodeletion – Automatic deletion policy for device logs.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_autodelete_logautodeletion | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_autodelete_logautodeletion - Automatic deletion policy for device logs. type: dict
- retention - Automatic deletion in days, weeks, or months. type: str choices: [days, weeks, months] default: days more...
- runat - Automatic deletion run at (0 - 23) oclock. type: int default: 0 more...
- status - Enable/disable automatic deletion. type: str choices: [disable, enable] default: disable more...
- value - Automatic deletion in x days, weeks, or months. type: int default: 0 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Automatic deletion policy for device logs.
faz_cli_system_autodelete_logautodeletion:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_autodelete_logautodeletion:
retention: <value in [days, weeks, months]>
runat: <value of integer>
status: <value in [disable, enable]>
value: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_autodelete_quarantinefilesautodeletion – Automatic deletion policy for quarantined files.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_autodelete_quarantinefilesautodeletion | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_autodelete_quarantinefilesautodeletion - Automatic deletion policy for quarantined files. type: dict
- retention - Automatic deletion in days, weeks, or months. type: str choices: [days, weeks, months] default: days more...
- runat - Automatic deletion run at (0 - 23) oclock. type: int default: 0 more...
- status - Enable/disable automatic deletion. type: str choices: [disable, enable] default: disable more...
- value - Automatic deletion in x days, weeks, or months. type: int default: 0 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Automatic deletion policy for quarantined files.
faz_cli_system_autodelete_quarantinefilesautodeletion:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_autodelete_quarantinefilesautodeletion:
retention: <value in [days, weeks, months]>
runat: <value of integer>
status: <value in [disable, enable]>
value: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_autodelete_reportautodeletion – Automatic deletion policy for reports.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_autodelete_reportautodeletion | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_autodelete_reportautodeletion - Automatic deletion policy for reports. type: dict
- retention - Automatic deletion in days, weeks, or months. type: str choices: [days, weeks, months] default: days more...
- runat - Automatic deletion run at (0 - 23) oclock. type: int default: 0 more...
- status - Enable/disable automatic deletion. type: str choices: [disable, enable] default: disable more...
- value - Automatic deletion in x days, weeks, or months. type: int default: 0 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Automatic deletion policy for reports.
faz_cli_system_autodelete_reportautodeletion:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_autodelete_reportautodeletion:
retention: <value in [days, weeks, months]>
runat: <value of integer>
status: <value in [disable, enable]>
value: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_backup_allsettings – Scheduled backup settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_backup_allsettings | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_backup_allsettings - Scheduled backup settings. type: dict
- cert - SSH certificate for authentication. type: str more...
- crptpasswd - No description for the parameter type: str more...
- directory - Directory in which file will be stored on backup server. type: str more...
- passwd - No description for the parameter type: str more...
- protocol - Protocol used to backup. type: str choices: [sftp, ftp, scp] default: sftp more...
- server - Backup server name/IP. type: str more...
- status - Enable/disable schedule backup. type: str choices: [disable, enable] default: disable more...
- time - Time to backup. type: str more...
- user - Backup server login user. type: str more...
- week_days - No description for the parameter type: array choices: [monday, tuesday, wednesday, thursday, friday, saturday, sunday] more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Scheduled backup settings.
faz_cli_system_backup_allsettings:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_backup_allsettings:
cert: <value of string>
crptpasswd: <value of string>
directory: <value of string>
passwd: <value of string>
protocol: <value in [sftp, ftp, scp]>
server: <value of string>
status: <value in [disable, enable]>
time: <value of string>
user: <value of string>
week_days:
- monday
- tuesday
- wednesday
- thursday
- friday
- saturday
- sunday
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_centralmanagement – Central management configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_centralmanagement | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_centralmanagement - Central management configuration. type: dict
- allow-monitor - Enable/disable remote monitor of device. type: str choices: [disable, enable] default: enable more...
- authorized-manager-only - Enable/disable restricted to authorized manager only. type: str choices: [disable, enable] default: enable more...
- enc-algorithm - SSL communication encryption algorithms. type: str choices: [default, low, high] default: default more...
- fmg - Address of Fortimanager (IP or FQDN). type: str more...
- mgmtid - Management ID. type: int default: 0 more...
- serial-number - No description for the parameter type: str more...
- type - Type of management server. type: str choices: [fortimanager] default: fortimanager more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Central management configuration.
faz_cli_system_centralmanagement:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_centralmanagement:
allow-monitor: <value in [disable, enable]>
authorized-manager-only: <value in [disable, enable]>
enc-algorithm: <value in [default, low, high]>
fmg: <value of string>
mgmtid: <value of integer>
serial-number: <value of string>
type: <value in [fortimanager]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_certificate_ca – CA certificate.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_certificate_ca | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_certificate_ca - CA certificate. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: CA certificate.
faz_cli_system_certificate_ca:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_certificate_ca:
ca: <value of string>
comment: <value of string>
name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_certificate_crl – Certificate Revocation List.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_certificate_crl | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_certificate_crl - Certificate Revocation List. type: dict
- comment - Comment of this Certificate Revocation List. type: str more...
- crl - No description for the parameter type: str more...
- http-url - HTTP server URL for CRL auto-update type: str more...
- name - No description for the parameter type: str more...
- update-interval - CRL auto-update interval (in minutes) type: int default: 1440 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Certificate Revocation List.
faz_cli_system_certificate_crl:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_certificate_crl:
comment: <value of string>
crl: <value of string>
http-url: <value of string>
name: <value of string>
update-interval: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_certificate_local – Local keys and certificates.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_certificate_local | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_certificate_local - Local keys and certificates. type: dict
- certificate - No description for the parameter type: str more...
- comment - Local certificate comment. type: str more...
- csr - No description for the parameter type: str more...
- name - Name of local certificate. type: str more...
- password - No description for the parameter type: str more...
- private-key - No description for the parameter type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Local keys and certificates.
faz_cli_system_certificate_local:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_certificate_local:
certificate: <value of string>
comment: <value of string>
csr: <value of string>
name: <value of string>
password: <value of string>
private-key: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_certificate_oftp – OFTP certificates and keys.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_certificate_oftp | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_certificate_oftp - OFTP certificates and keys. type: dict
- certificate - No description for the parameter type: str more...
- comment - OFTP certificate comment. type: str more...
- custom - Enable/disable custom certificate. type: str choices: [disable, enable] default: disable more...
- password - No description for the parameter type: str more...
- private-key - No description for the parameter type: str more...
- local - Choose from a local certificates. type: str more...
- mode - Mode of certificates used by oftpd. type: str choices: [default, custom, local] default: default more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: OFTP certificates and keys.
faz_cli_system_certificate_oftp:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_certificate_oftp:
certificate: <value of string>
comment: <value of string>
custom: <value in [disable, enable]>
password: <value of string>
private-key: <value of string>
local: <value of string>
mode: <value in [default, custom, local]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_certificate_remote – Remote certificate.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_certificate_remote | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_certificate_remote - Remote certificate. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Remote certificate.
faz_cli_system_certificate_remote:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_certificate_remote:
cert: <value of string>
comment: <value of string>
name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_certificate_ssh – SSH certificates and keys.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_certificate_ssh | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_certificate_ssh - SSH certificates and keys. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: SSH certificates and keys.
faz_cli_system_certificate_ssh:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_certificate_ssh:
certificate: <value of string>
comment: <value of string>
name: <value of string>
private-key: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_connector – Configure connector.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_connector | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_connector - Configure connector. type: dict
- fsso-refresh-interval - FSSO refresh interval (60 - 600 seconds). type: int default: 180 more...
- fsso-sess-timeout - FSSO session timeout (60 - 600 seconds). type: int default: 300 more...
- px-refresh-interval - pxGrid refresh interval (60 - 1800 seconds). type: int default: 300 more...
- px-svr-timeout - pxGrid server timeout (30 - 600 seconds). type: int default: 900 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure connector.
faz_cli_system_connector:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_connector:
fsso-refresh-interval: <value of integer>
fsso-sess-timeout: <value of integer>
px-refresh-interval: <value of integer>
px-svr-timeout: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_dns – DNS configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_dns | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_dns - DNS configuration. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: DNS configuration.
faz_cli_system_dns:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_dns:
ip6-primary: <value of string>
ip6-secondary: <value of string>
primary: <value of string>
secondary: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_docker – Docker host.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_docker | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_docker - Docker host. type: dict
- fortiportal - Enable/disable container. type: str choices: [disable, enable] default: disable more...
- fortiwlm - Enable/disable container. type: str choices: [disable, enable] default: disable more...
- sdwancontroller - Enable/disable container. type: str choices: [disable, enable] default: disable more...
- status - Enable and set registry. type: str choices: [disable, enable, qa, dev] default: disable more...
- default-address-pool_base - Set default-address-pool CIDR. type: str default: 172.17.0.0 255.255.0.0 more...
- default-address-pool_size - Set default-address-pool size. type: int default: 24 more...
- fortiauthenticator - Enable/disable container. type: str choices: [disable, enable] default: disable more...
- fortisigconverter - Enable/disable container. type: str choices: [disable, enable] default: disable more...
- cpu - No description for the parameter type: int default: 50 more...
- mem - Max % RAM usage. type: int default: 50 more...
- docker-user-login-max - Max login session for docker users. type: int default: 32 more...
- fortisoar - Enable/disable container. type: str choices: [disable, enable] default: disable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Docker host.
faz_cli_system_docker:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_docker:
fortiportal: <value in [disable, enable]>
fortiwlm: <value in [disable, enable]>
sdwancontroller: <value in [disable, enable]>
status: <value in [disable, enable, qa, ...]>
default-address-pool_base: <value of string>
default-address-pool_size: <value of integer>
fortiauthenticator: <value in [disable, enable]>
fortisigconverter: <value in [disable, enable]>
cpu: <value of integer>
mem: <value of integer>
docker-user-login-max: <value of integer>
fortisoar: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_fips – Settings for FIPS-CC mode.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_fips | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_fips - Settings for FIPS-CC mode. type: dict
- entropy-token - Enable/disable entropy token when switching to FIPS mode. type: str choices: [enable, disable, dynamic] default: enable more...
- re-seed-interval - Kernel FIPS-compliant PRNG re-seed interval (0 to 1440 minutes) type: int default: 1440 more...
- status - Enable/disable FIPS-CC mode. type: str choices: [disable, enable] default: disable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Settings for FIPS-CC mode.
faz_cli_system_fips:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_fips:
entropy-token: <value in [enable, disable, dynamic]>
re-seed-interval: <value of integer>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_fortiview_autocache – FortiView auto-cache settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_fortiview_autocache | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_fortiview_autocache - FortiView auto-cache settings. type: dict
- aggressive-fortiview - Enable/disable auto-cache on fortiview aggressively. type: str choices: [disable, enable] default: disable more...
- interval - The time interval in hours for fortiview auto-cache. type: int default: 168 more...
- status - Enable/disable fortiview auto-cache. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: FortiView auto-cache settings.
faz_cli_system_fortiview_autocache:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_fortiview_autocache:
aggressive-fortiview: <value in [disable, enable]>
interval: <value of integer>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_fortiview_setting – FortiView settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_fortiview_setting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_fortiview_setting - FortiView settings. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: FortiView settings.
faz_cli_system_fortiview_setting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_fortiview_setting:
not-scanned-apps: <value in [exclude, include]>
resolve-ip: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_global – Global range attributes.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_global | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_global - Global range attributes. type: dict
- admin-lockout-duration - Lockout duration(sec) for administration. type: int default: 60 more...
- admin-lockout-threshold - Lockout threshold for administration. type: int default: 3 more...
- adom-mode - ADOM mode. type: str choices: [normal, advanced] default: normal more...
- adom-select - Enable/disable select ADOM after login. type: str choices: [disable, enable] default: enable more...
- adom-status - ADOM status. type: str choices: [disable, enable] default: disable more...
- backup-compression - Compression level. type: str choices: [none, low, normal, high] default: normal more...
- backup-to-subfolders - Enable/disable creation of subfolders on server for backup storage. type: str choices: [disable, enable] default: disable more...
- clone-name-option - set the clone object names option. type: str choices: [default, keep] default: default more...
- clt-cert-req - Require client certificate for GUI login. type: str choices: [disable, enable, optional] default: disable more...
- console-output - Console output mode. type: str choices: [standard, more] default: standard more...
- country-flag - Country flag Status. type: str choices: [disable, enable] default: enable more...
- create-revision - Enable/disable create revision by default. type: str choices: [disable, enable] default: disable more...
- daylightsavetime - Enable/disable daylight saving time. type: str choices: [disable, enable] default: enable more...
- default-logview-auto-completion - Enable/disable log view filter auto-completion. type: str choices: [disable, enable] default: enable more...
- default-search-mode - Set the default search mode of log view. type: str choices: [filter-based, advanced] default: filter-based more...
- detect-unregistered-log-device - Detect unregistered logging device from log message. type: str choices: [disable, enable] default: enable more...
- device-view-mode - Set devices/groups view mode. type: str choices: [regular, tree] default: regular more...
- dh-params - Minimum size of Diffie-Hellman prime for SSH/HTTPS (bits). type: str choices: [1024, 1536, 2048, 3072, 4096, 6144, 8192] default: 2048 more...
- disable-module - No description for the parameter type: array choices: [fortiview-noc, siem, soar, none, soc, fortirecorder, ai] more...
- enc-algorithm - SSL communication encryption algorithms. type: str choices: [low, medium, high] default: high more...
- fgfm-ca-cert - set the extra fgfm CA certificates. type: str more...
- fgfm-local-cert - set the fgfm local certificate. type: str more...
- fgfm-ssl-protocol - set the lowest SSL protocols for fgfmsd. type: str choices: [sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3] default: tlsv1.2 more...
- ha-member-auto-grouping - Enable/disable automatically group HA members feature type: str choices: [disable, enable] default: enable more...
- hitcount_concurrent - The number of FortiGates that FortiManager polls at one time (10 - 500, default = 100). type: int default: 100 more...
- hitcount_interval - The interval for getting hit count from managed FortiGate devices, in seconds (60 - 86400, default = 900). type: int default: 900 more...
- hostname - System hostname. type: str default: FAZVM64 more...
- language - System global language. type: str choices: [english, simch, japanese, korean, spanish, trach] default: english more...
- latitude - fmg location latitude type: str more...
- ldap-cache-timeout - LDAP browser cache timeout (seconds). type: int default: 86400 more...
- ldapconntimeout - LDAP connection timeout (msec). type: int default: 60000 more...
- lock-preempt - Enable/disable ADOM lock override. type: str choices: [disable, enable] default: disable more...
- log-checksum - Record log file hash value, timestamp, and authentication code at transmission or rolling. type: str choices: [none, md5, md5-auth] default: none more...
- log-forward-cache-size - Log forwarding disk cache size (GB). type: int default: 0 more...
- log-mode - Log system operation mode. type: str choices: [analyzer, collector] default: analyzer more...
- longitude - fmg location longitude type: str more...
- max-aggregation-tasks - Maximum number of concurrent tasks of a log aggregation session. type: int default: 0 more...
- max-log-forward - Maximum number of log-forward and aggregation settings. type: int default: 5 more...
- max-running-reports - Maximum number of reports generating at one time. type: int default: 1 more...
- oftp-ssl-protocol - set the lowest SSL protocols for oftpd. type: str choices: [sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3] default: tlsv1.2 more...
- policy-hit-count - show policy hit count. type: str choices: [disable, enable] default: disable more...
- policy-object-icon - show icons of policy objects. type: str choices: [disable, enable] default: disable more...
- policy-object-in-dual-pane - show policies and objects in dual pane. type: str choices: [disable, enable] default: disable more...
- pre-login-banner - Enable/disable pre-login banner. type: str choices: [disable, enable] default: disable more...
- pre-login-banner-message - Pre-login banner message. type: str more...
- private-data-encryption - Enable/disable private data encryption using an AES 128-bit key. type: str choices: [disable, enable] default: disable more...
- remoteauthtimeout - Remote authentication (RADIUS/LDAP) timeout (sec). type: int default: 10 more...
- search-all-adoms - Enable/Disable Search all ADOMs for where-used query. type: str choices: [disable, enable] default: disable more...
- ssl-low-encryption - SSL low-grade encryption. type: str choices: [disable, enable] default: disable more...
- ssl-protocol - No description for the parameter type: array choices: [tlsv1.3, tlsv1.2, tlsv1.1, tlsv1.0, sslv3] more...
- ssl-static-key-ciphers - Enable/disable SSL static key ciphers. type: str choices: [disable, enable] default: enable more...
- task-list-size - Maximum number of completed tasks to keep. type: int default: 2000 more...
- tftp - Enable/disable TFTP in `exec restore image` command (disabled by default in FIPS mode) type: str choices: [disable, enable] default: disable more...
- timezone - Time zone. type: str choices: [00, 01, 02, 03, 04, 05, 06, 07, 08, 09, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91] default: 04 more...
- tunnel-mtu - Maximum transportation unit(68 - 9000). type: int default: 1500 more...
- usg - Enable/disable Fortiguard server restriction. type: str choices: [disable, enable] default: disable more...
- webservice-proto - No description for the parameter type: array choices: [tlsv1.3, tlsv1.2, tlsv1.1, tlsv1.0, sslv3, sslv2] more...
- workflow-max-sessions - Maximum number of workflow sessions per ADOM (minimum 100). type: int default: 500 more...
- multiple-steps-upgrade-in-autolink - Enable/disable multiple steps upgade in autolink process type: str choices: [disable, enable] default: disable more...
- object-revision-db-max - Maximum revisions for a single database (10,000-1,000,000 default 100,000). type: int default: 100000 more...
- object-revision-mandatory-note - Enable/disable mandatory note when create revision. type: str choices: [disable, enable] default: enable more...
- object-revision-object-max - Maximum revisions for a single object (10-1000 default 100). type: int default: 100 more...
- object-revision-status - Enable/disable create revision when modify objects. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Global range attributes.
faz_cli_system_global:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_global:
admin-lockout-duration: <value of integer>
admin-lockout-threshold: <value of integer>
adom-mode: <value in [normal, advanced]>
adom-select: <value in [disable, enable]>
adom-status: <value in [disable, enable]>
backup-compression: <value in [none, low, normal, ...]>
backup-to-subfolders: <value in [disable, enable]>
clone-name-option: <value in [default, keep]>
clt-cert-req: <value in [disable, enable, optional]>
console-output: <value in [standard, more]>
country-flag: <value in [disable, enable]>
create-revision: <value in [disable, enable]>
daylightsavetime: <value in [disable, enable]>
default-logview-auto-completion: <value in [disable, enable]>
default-search-mode: <value in [filter-based, advanced]>
detect-unregistered-log-device: <value in [disable, enable]>
device-view-mode: <value in [regular, tree]>
dh-params: <value in [1024, 1536, 2048, ...]>
disable-module:
- fortiview-noc
- siem
- soar
- none
- soc
- fortirecorder
- ai
enc-algorithm: <value in [low, medium, high]>
fgfm-ca-cert: <value of string>
fgfm-local-cert: <value of string>
fgfm-ssl-protocol: <value in [sslv3, tlsv1.0, tlsv1.1, ...]>
ha-member-auto-grouping: <value in [disable, enable]>
hitcount_concurrent: <value of integer>
hitcount_interval: <value of integer>
hostname: <value of string>
language: <value in [english, simch, japanese, ...]>
latitude: <value of string>
ldap-cache-timeout: <value of integer>
ldapconntimeout: <value of integer>
lock-preempt: <value in [disable, enable]>
log-checksum: <value in [none, md5, md5-auth]>
log-forward-cache-size: <value of integer>
log-mode: <value in [analyzer, collector]>
longitude: <value of string>
max-aggregation-tasks: <value of integer>
max-log-forward: <value of integer>
max-running-reports: <value of integer>
oftp-ssl-protocol: <value in [sslv3, tlsv1.0, tlsv1.1, ...]>
policy-hit-count: <value in [disable, enable]>
policy-object-icon: <value in [disable, enable]>
policy-object-in-dual-pane: <value in [disable, enable]>
pre-login-banner: <value in [disable, enable]>
pre-login-banner-message: <value of string>
private-data-encryption: <value in [disable, enable]>
remoteauthtimeout: <value of integer>
search-all-adoms: <value in [disable, enable]>
ssl-low-encryption: <value in [disable, enable]>
ssl-protocol:
- tlsv1.3
- tlsv1.2
- tlsv1.1
- tlsv1.0
- sslv3
ssl-static-key-ciphers: <value in [disable, enable]>
task-list-size: <value of integer>
tftp: <value in [disable, enable]>
timezone: <value in [00, 01, 02, ...]>
tunnel-mtu: <value of integer>
usg: <value in [disable, enable]>
webservice-proto:
- tlsv1.3
- tlsv1.2
- tlsv1.1
- tlsv1.0
- sslv3
- sslv2
workflow-max-sessions: <value of integer>
multiple-steps-upgrade-in-autolink: <value in [disable, enable]>
object-revision-db-max: <value of integer>
object-revision-mandatory-note: <value in [disable, enable]>
object-revision-object-max: <value of integer>
object-revision-status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_guiact – System settings through GUI.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_guiact | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_guiact - System settings through GUI. type: dict
- backup_all - Backup all settings. type: str more...
- backup_conf - Backup config file. type: str more...
- eventlog_msg - Write event log. type: str more...
- eventlog_path - Event log path. type: str more...
- reboot - Reboot system. type: int default: 0 more...
- reset2default - Reset to factory default. type: int default: 0 more...
- restore_all - Restore all settings. type: str more...
- restore_conf - Restore config file. type: str more...
- time - Time. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: System settings through GUI.
faz_cli_system_guiact:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_guiact:
backup_all: <value of string>
backup_conf: <value of string>
eventlog_msg: <value of string>
eventlog_path: <value of string>
reboot: <value of integer>
reset2default: <value of integer>
restore_all: <value of string>
restore_conf: <value of string>
time: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_ha – HA configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_ha | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_ha - HA configuration. type: dict
- group-id - HA group ID (1 - 255). type: int default: 0 more...
- group-name - HA group name. type: str more...
- hb-interface - Interface for heartbeat. type: str more...
- hb-interval - Heartbeat interval (1 - 20). type: int default: 1 more...
- healthcheck - No description for the parameter type: array choices: [DB, fault-test] more...
- initial-sync - Need to sync data from master before up as an HA member. type: str choices: [false, true] default: true more...
- initial-sync-threads - Number of threads used for initial sync (1-15). type: int default: 4 more...
- load-balance - Load balance to slaves. type: str choices: [disable, round-robin] default: round-robin more...
- log-sync - Sync logs to backup FortiAnalyzer. type: str choices: [disable, enable] default: enable more...
- mode - Standalone or HA (a-p) mode type: str choices: [standalone, a-p] default: standalone more...
- password - No description for the parameter type: str more...
- peer - No description for the parameter type: array
more...
- id - Id. type: int default: 0 more...
- ip - IP address of peer for management and data. type: str more...
- ip-hb - IP address of peers VIP interface for heartbeat, set if different from ip. type: str more...
- serial-number - Serial number of peer. type: str more...
- status - Peer enabled status. type: str choices: [disable, enable] default: enable more...
- preferred-role - Preferred role, runtime role may be different. type: str choices: [slave, master, secondary, primary] default: slave more...
- priority - Set the runtime priority between 80 (lowest) - 120 (highest). type: int default: 100 more...
- private-clusterid - Cluster ID range (1 - 64). type: int default: 1 more...
- private-file-quota - File quota in MB (2048 - 20480). type: int default: 4096 more...
- private-hb-interval - Heartbeat interval (1 - 255). type: int default: 5 more...
- private-hb-lost-threshold - Heartbeat lost threshold (1 - 255). type: int default: 3 more...
- private-mode - Mode. type: str choices: [standalone, master, slave, primary, secondary] default: standalone more...
- private-password - No description for the parameter type: str more...
- private-peer - No description for the parameter type: array more...
- unicast - Use unicast for HA heartbeat. type: str choices: [disable, enable] default: disable more...
- vip - Virtual IP address for the HA type: str more...
- vip-interface - Interface for configuring virtual IP address type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: HA configuration.
faz_cli_system_ha:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_ha:
group-id: <value of integer>
group-name: <value of string>
hb-interface: <value of string>
hb-interval: <value of integer>
healthcheck:
- DB
- fault-test
initial-sync: <value in [false, true]>
initial-sync-threads: <value of integer>
load-balance: <value in [disable, round-robin]>
log-sync: <value in [disable, enable]>
mode: <value in [standalone, a-p]>
password: <value of string>
peer:
-
id: <value of integer>
ip: <value of string>
ip-hb: <value of string>
serial-number: <value of string>
status: <value in [disable, enable]>
preferred-role: <value in [slave, master, secondary, ...]>
priority: <value of integer>
private-clusterid: <value of integer>
private-file-quota: <value of integer>
private-hb-interval: <value of integer>
private-hb-lost-threshold: <value of integer>
private-mode: <value in [standalone, master, slave, ...]>
private-password: <value of string>
private-peer:
-
id: <value of integer>
ip: <value of string>
ip6: <value of string>
serial-number: <value of string>
status: <value in [disable, enable]>
unicast: <value in [disable, enable]>
vip: <value of string>
vip-interface: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_ha_peer – Peers.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_ha_peer | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_ha_peer - Peers. type: dict
- id - Id. type: int default: 0 more...
- ip - IP address of peer for management and data. type: str more...
- ip-hb - IP address of peers VIP interface for heartbeat, set if different from ip. type: str more...
- serial-number - Serial number of peer. type: str more...
- status - Peer enabled status. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Peers.
faz_cli_system_ha_peer:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_ha_peer:
id: <value of integer>
ip: <value of string>
ip-hb: <value of string>
serial-number: <value of string>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_ha_privatepeer – Peer.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_ha_privatepeer | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_ha_privatepeer - Peer. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Peer.
faz_cli_system_ha_privatepeer:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_ha_privatepeer:
id: <value of integer>
ip: <value of string>
ip6: <value of string>
serial-number: <value of string>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_interface – Interface configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_interface | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_interface - Interface configuration. type: dict
- alias - Alias. type: str more...
- allowaccess - No description for the parameter type: array choices: [ping, https, ssh, snmp, http, webservice, fgfm, https-logging, soc-fabric] more...
- description - Description. type: str more...
- ip - IP address of interface. type: str default: 0.0.0.0 0.0.0.0 more...
- ipv6 type: dict
- ip6-address - IPv6 address/prefix of interface. type: str default: ::/0 more...
- ip6-allowaccess - No description for the parameter type: array choices: [ping, https, ssh, snmp, http, webservice, fgfm, https-logging] more...
- ip6-autoconf - Enable/disable address auto config (SLAAC). type: str choices: [disable, enable] default: enable more...
- mtu - Maximum transportation unit(68 - 9000). type: int default: 1500 more...
- name - Interface name. type: str more...
- speed - Speed. type: str choices: [auto, 10full, 10half, 100full, 100half, 1000full, 10000full] default: auto more...
- status - Interface status. type: str choices: [down, up] default: up more...
- aggregate - Aggregate interface. type: str more...
- lacp-mode - LACP mode. type: str choices: [active] default: active more...
- lacp-speed - How often the interface sends LACP messages. type: str choices: [slow, fast] default: slow more...
- link-up-delay - Number of milliseconds to wait before considering a link is up. type: int default: 50 more...
- member - No description for the parameter type: array
more...
- interface-name - Physical interface name. type: str more...
- min-links - Minimum number of aggregated ports that must be up. type: int default: 1 more...
- min-links-down - Action to take when less than the configured minimum number of links are active. type: str choices: [operational, administrative] default: operational more...
- type - Set type of interface (physical/aggregate). type: str choices: [physical, aggregate] default: physical more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Interface configuration.
faz_cli_system_interface:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_interface:
alias: <value of string>
allowaccess:
- ping
- https
- ssh
- snmp
- http
- webservice
- fgfm
- https-logging
- soc-fabric
description: <value of string>
ip: <value of string>
ipv6:
ip6-address: <value of string>
ip6-allowaccess:
- ping
- https
- ssh
- snmp
- http
- webservice
- fgfm
- https-logging
ip6-autoconf: <value in [disable, enable]>
mtu: <value of integer>
name: <value of string>
speed: <value in [auto, 10full, 10half, ...]>
status: <value in [down, up]>
aggregate: <value of string>
lacp-mode: <value in [active]>
lacp-speed: <value in [slow, fast]>
link-up-delay: <value of integer>
member:
-
interface-name: <value of string>
min-links: <value of integer>
min-links-down: <value in [operational, administrative]>
type: <value in [physical, aggregate]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_interface_ipv6 – IPv6 of interface.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_interface_ipv6 | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- interface - The parameter in requested url type: str required: true
- cli_system_interface_ipv6 - IPv6 of interface. type: dict
- ip6-address - IPv6 address/prefix of interface. type: str default: ::/0 more...
- ip6-allowaccess - No description for the parameter type: array choices: [ping, https, ssh, snmp, http, webservice, fgfm, https-logging] more...
- ip6-autoconf - Enable/disable address auto config (SLAAC). type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: IPv6 of interface.
faz_cli_system_interface_ipv6:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
interface: <your own value>
cli_system_interface_ipv6:
ip6-address: <value of string>
ip6-allowaccess:
- ping
- https
- ssh
- snmp
- http
- webservice
- fgfm
- https-logging
ip6-autoconf: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_interface_member – Physical interfaces that belong to the aggregate or redundant interface.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- interface - The parameter in requested url type: str required: true
- cli_system_interface_member - Physical interfaces that belong to the aggregate or redundant interface. type: dict
- interface-name - Physical interface name. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Physical interfaces that belong to the aggregate or redundant interface.
faz_cli_system_interface_member:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
interface: <your own value>
state: <value in [present, absent]>
cli_system_interface_member:
interface-name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_disk_filter – Filter for disk logging.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_disk_filter | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_disk_filter - Filter for disk logging. type: dict
- devcfg - Log device configuration message. type: str choices: [disable, enable] default: disable more...
- devops - Managered devices operations messages. type: str choices: [disable, enable] default: enable more...
- diskquota - Log Fortianalyzer disk quota messages. type: str choices: [disable, enable] default: enable more...
- dm - Log deployment manager message. type: str choices: [disable, enable] default: disable more...
- dvm - Log device manager messages. type: str choices: [disable, enable] default: enable more...
- ediscovery - Log Fortianalyzer ediscovery messages. type: str choices: [disable, enable] default: enable more...
- epmgr - Log endpoint manager message. type: str choices: [disable, enable] default: disable more...
- event - Log event messages. type: str choices: [disable, enable] default: enable more...
- eventmgmt - Log Fortianalyzer event handler messages. type: str choices: [disable, enable] default: enable more...
- faz - Log Fortianalyzer messages. type: str choices: [disable, enable] default: enable more...
- fazha - Log Fortianalyzer HA messages. type: str choices: [disable, enable] default: enable more...
- fazsys - Log Fortianalyzer system messages. type: str choices: [disable, enable] default: enable more...
- fgd - Log FortiGuard service message. type: str choices: [disable, enable] default: disable more...
- fgfm - Log FGFM protocol message. type: str choices: [disable, enable] default: disable more...
- fips - Whether to log fips messages. type: str choices: [disable, enable] default: enable more...
- fmgws - Log web service messages. type: str choices: [disable, enable] default: enable more...
- fmlmgr - Log FortiMail manager message. type: str choices: [disable, enable] default: disable more...
- fmwmgr - Log firmware manager message. type: str choices: [disable, enable] default: disable more...
- fortiview - Log Fortianalyzer FortiView messages. type: str choices: [disable, enable] default: enable more...
- glbcfg - Log global database message. type: str choices: [disable, enable] default: disable more...
- ha - Log HA message. type: str choices: [disable, enable] default: disable more...
- hcache - Log Fortianalyzer hcache messages. type: str choices: [disable, enable] default: enable more...
- incident - Log Fortianalyzer incident messages. type: str choices: [disable, enable] default: enable more...
- iolog - Log debug IO log message. type: str choices: [disable, enable] default: enable more...
- logd - Log the status of log daemon. type: str choices: [disable, enable] default: enable more...
- logdb - Log Fortianalyzer log DB messages. type: str choices: [disable, enable] default: enable more...
- logdev - Log Fortianalyzer log device messages. type: str choices: [disable, enable] default: enable more...
- logfile - Log Fortianalyzer log file messages. type: str choices: [enable, disable] more...
- logging - Log Fortianalyzer logging messages. type: str choices: [disable, enable] default: enable more...
- lrmgr - Log log and report manager message. type: str choices: [disable, enable] default: disable more...
- objcfg - Log object configuration change message. type: str choices: [disable, enable] default: disable more...
- report - Log Fortianalyzer report messages. type: str choices: [disable, enable] default: enable more...
- rev - Log revision history message. type: str choices: [disable, enable] default: disable more...
- rtmon - Log real-time monitor message. type: str choices: [disable, enable] default: disable more...
- scfw - Log firewall objects message. type: str choices: [disable, enable] default: disable more...
- scply - Log policy console message. type: str choices: [disable, enable] default: disable more...
- scrmgr - Log script manager message. type: str choices: [disable, enable] default: disable more...
- scvpn - Log VPN console message. type: str choices: [disable, enable] default: disable more...
- system - Log system manager message. type: str choices: [disable, enable] default: enable more...
- webport - Log web portal message. type: str choices: [disable, enable] default: disable more...
- aid - Log aid messages. type: str choices: [disable, enable] default: enable more...
- docker - Docker application generic messages. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Filter for disk logging.
faz_cli_system_locallog_disk_filter:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_disk_filter:
devcfg: <value in [disable, enable]>
devops: <value in [disable, enable]>
diskquota: <value in [disable, enable]>
dm: <value in [disable, enable]>
dvm: <value in [disable, enable]>
ediscovery: <value in [disable, enable]>
epmgr: <value in [disable, enable]>
event: <value in [disable, enable]>
eventmgmt: <value in [disable, enable]>
faz: <value in [disable, enable]>
fazha: <value in [disable, enable]>
fazsys: <value in [disable, enable]>
fgd: <value in [disable, enable]>
fgfm: <value in [disable, enable]>
fips: <value in [disable, enable]>
fmgws: <value in [disable, enable]>
fmlmgr: <value in [disable, enable]>
fmwmgr: <value in [disable, enable]>
fortiview: <value in [disable, enable]>
glbcfg: <value in [disable, enable]>
ha: <value in [disable, enable]>
hcache: <value in [disable, enable]>
incident: <value in [disable, enable]>
iolog: <value in [disable, enable]>
logd: <value in [disable, enable]>
logdb: <value in [disable, enable]>
logdev: <value in [disable, enable]>
logfile: <value in [enable, disable]>
logging: <value in [disable, enable]>
lrmgr: <value in [disable, enable]>
objcfg: <value in [disable, enable]>
report: <value in [disable, enable]>
rev: <value in [disable, enable]>
rtmon: <value in [disable, enable]>
scfw: <value in [disable, enable]>
scply: <value in [disable, enable]>
scrmgr: <value in [disable, enable]>
scvpn: <value in [disable, enable]>
system: <value in [disable, enable]>
webport: <value in [disable, enable]>
aid: <value in [disable, enable]>
docker: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_disk_setting – Settings for local disk logging.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_disk_setting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_disk_setting - Settings for local disk logging. type: dict
- diskfull - Policy to apply when disk is full. type: str choices: [overwrite, nolog] default: overwrite more...
- log-disk-full-percentage - Consider log disk as full at this usage percentage. type: int default: 80 more...
- max-log-file-size - Maximum log file size before rolling. type: int default: 100 more...
- roll-day - No description for the parameter type: array choices: [sunday, monday, tuesday, wednesday, thursday, friday, saturday] more...
- roll-schedule - Frequency to check log file for rolling. type: str choices: [none, daily, weekly] default: none more...
- roll-time - Time to roll logs (hh:mm). type: str more...
- server-type - Server type. type: str choices: [FTP, SFTP, SCP] default: FTP more...
- severity - Least severity level to log. type: str choices: [emergency, alert, critical, error, warning, notification, information, debug] default: information more...
- status - Enable/disable local disk log. type: str choices: [disable, enable] default: enable more...
- upload - Upload log file when rolling. type: str choices: [disable, enable] default: disable more...
- upload-delete-files - Delete log files after uploading (default = enable). type: str choices: [disable, enable] default: enable more...
- upload-time - Time to upload logs (hh:mm). type: str more...
- uploaddir - Log file upload remote directory. type: str more...
- uploadip - IP address of log uploading server. type: str default: 0.0.0.0 more...
- uploadpass - No description for the parameter type: str more...
- uploadport - Server port (0 = default protocol port). type: int default: 0 more...
- uploadsched - Scheduled upload (disable = upload when rolling). type: str choices: [disable, enable] default: disable more...
- uploadtype - No description for the parameter type: array choices: [event] more...
- uploaduser - User account in upload server. type: str more...
- uploadzip - Compress upload logs. type: str choices: [disable, enable] default: disable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Settings for local disk logging.
faz_cli_system_locallog_disk_setting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_disk_setting:
diskfull: <value in [overwrite, nolog]>
log-disk-full-percentage: <value of integer>
max-log-file-size: <value of integer>
roll-day:
- sunday
- monday
- tuesday
- wednesday
- thursday
- friday
- saturday
roll-schedule: <value in [none, daily, weekly]>
roll-time: <value of string>
server-type: <value in [FTP, SFTP, SCP]>
severity: <value in [emergency, alert, critical, ...]>
status: <value in [disable, enable]>
upload: <value in [disable, enable]>
upload-delete-files: <value in [disable, enable]>
upload-time: <value of string>
uploaddir: <value of string>
uploadip: <value of string>
uploadpass: <value of string>
uploadport: <value of integer>
uploadsched: <value in [disable, enable]>
uploadtype:
- event
uploaduser: <value of string>
uploadzip: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_fortianalyzer2_filter – Filter for FortiAnalyzer2 logging.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_fortianalyzer2_filter | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_fortianalyzer2_filter - Filter for FortiAnalyzer2 logging. type: dict
- devcfg - Log device configuration message. type: str choices: [disable, enable] default: disable more...
- devops - Managered devices operations messages. type: str choices: [disable, enable] default: enable more...
- diskquota - Log Fortianalyzer disk quota messages. type: str choices: [disable, enable] default: enable more...
- dm - Log deployment manager message. type: str choices: [disable, enable] default: disable more...
- dvm - Log device manager messages. type: str choices: [disable, enable] default: enable more...
- ediscovery - Log Fortianalyzer ediscovery messages. type: str choices: [disable, enable] default: enable more...
- epmgr - Log endpoint manager message. type: str choices: [disable, enable] default: disable more...
- event - Log event messages. type: str choices: [disable, enable] default: enable more...
- eventmgmt - Log Fortianalyzer event handler messages. type: str choices: [disable, enable] default: enable more...
- faz - Log Fortianalyzer messages. type: str choices: [disable, enable] default: enable more...
- fazha - Log Fortianalyzer HA messages. type: str choices: [disable, enable] default: enable more...
- fazsys - Log Fortianalyzer system messages. type: str choices: [disable, enable] default: enable more...
- fgd - Log FortiGuard service message. type: str choices: [disable, enable] default: disable more...
- fgfm - Log FGFM protocol message. type: str choices: [disable, enable] default: disable more...
- fips - Whether to log fips messages. type: str choices: [disable, enable] default: enable more...
- fmgws - Log web service messages. type: str choices: [disable, enable] default: enable more...
- fmlmgr - Log FortiMail manager message. type: str choices: [disable, enable] default: disable more...
- fmwmgr - Log firmware manager message. type: str choices: [disable, enable] default: disable more...
- fortiview - Log Fortianalyzer FortiView messages. type: str choices: [disable, enable] default: enable more...
- glbcfg - Log global database message. type: str choices: [disable, enable] default: disable more...
- ha - Log HA message. type: str choices: [disable, enable] default: disable more...
- hcache - Log Fortianalyzer hcache messages. type: str choices: [disable, enable] default: enable more...
- incident - Log Fortianalyzer incident messages. type: str choices: [disable, enable] default: enable more...
- iolog - Log debug IO log message. type: str choices: [disable, enable] default: enable more...
- logd - Log the status of log daemon. type: str choices: [disable, enable] default: enable more...
- logdb - Log Fortianalyzer log DB messages. type: str choices: [disable, enable] default: enable more...
- logdev - Log Fortianalyzer log device messages. type: str choices: [disable, enable] default: enable more...
- logfile - Log Fortianalyzer log file messages. type: str choices: [enable, disable] more...
- logging - Log Fortianalyzer logging messages. type: str choices: [disable, enable] default: enable more...
- lrmgr - Log log and report manager message. type: str choices: [disable, enable] default: disable more...
- objcfg - Log object configuration change message. type: str choices: [disable, enable] default: disable more...
- report - Log Fortianalyzer report messages. type: str choices: [disable, enable] default: enable more...
- rev - Log revision history message. type: str choices: [disable, enable] default: disable more...
- rtmon - Log real-time monitor message. type: str choices: [disable, enable] default: disable more...
- scfw - Log firewall objects message. type: str choices: [disable, enable] default: disable more...
- scply - Log policy console message. type: str choices: [disable, enable] default: disable more...
- scrmgr - Log script manager message. type: str choices: [disable, enable] default: disable more...
- scvpn - Log VPN console message. type: str choices: [disable, enable] default: disable more...
- system - Log system manager message. type: str choices: [disable, enable] default: enable more...
- webport - Log web portal message. type: str choices: [disable, enable] default: disable more...
- aid - Log aid messages. type: str choices: [disable, enable] default: enable more...
- docker - Docker application generic messages. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Filter for FortiAnalyzer2 logging.
faz_cli_system_locallog_fortianalyzer2_filter:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_fortianalyzer2_filter:
devcfg: <value in [disable, enable]>
devops: <value in [disable, enable]>
diskquota: <value in [disable, enable]>
dm: <value in [disable, enable]>
dvm: <value in [disable, enable]>
ediscovery: <value in [disable, enable]>
epmgr: <value in [disable, enable]>
event: <value in [disable, enable]>
eventmgmt: <value in [disable, enable]>
faz: <value in [disable, enable]>
fazha: <value in [disable, enable]>
fazsys: <value in [disable, enable]>
fgd: <value in [disable, enable]>
fgfm: <value in [disable, enable]>
fips: <value in [disable, enable]>
fmgws: <value in [disable, enable]>
fmlmgr: <value in [disable, enable]>
fmwmgr: <value in [disable, enable]>
fortiview: <value in [disable, enable]>
glbcfg: <value in [disable, enable]>
ha: <value in [disable, enable]>
hcache: <value in [disable, enable]>
incident: <value in [disable, enable]>
iolog: <value in [disable, enable]>
logd: <value in [disable, enable]>
logdb: <value in [disable, enable]>
logdev: <value in [disable, enable]>
logfile: <value in [enable, disable]>
logging: <value in [disable, enable]>
lrmgr: <value in [disable, enable]>
objcfg: <value in [disable, enable]>
report: <value in [disable, enable]>
rev: <value in [disable, enable]>
rtmon: <value in [disable, enable]>
scfw: <value in [disable, enable]>
scply: <value in [disable, enable]>
scrmgr: <value in [disable, enable]>
scvpn: <value in [disable, enable]>
system: <value in [disable, enable]>
webport: <value in [disable, enable]>
aid: <value in [disable, enable]>
docker: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_fortianalyzer2_setting – Settings for locallog to fortianalyzer.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_fortianalyzer2_setting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_fortianalyzer2_setting - Settings for locallog to fortianalyzer. type: dict
- reliable - Enable/disable reliable realtime logging. type: str choices: [disable, enable] default: disable more...
- secure-connection - Enable/disable connection secured by TLS/SSL. type: str choices: [disable, enable] default: disable more...
- server - Remote FortiAnalyzer server FQDN, hostname, or IP address type: str more...
- severity - Least severity level to log. type: str choices: [emergency, alert, critical, error, warning, notification, information, debug] default: notification more...
- status - Log to FortiAnalyzer status. type: str choices: [disable, realtime, upload] default: disable more...
- upload-time - No description for the parameter type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Settings for locallog to fortianalyzer.
faz_cli_system_locallog_fortianalyzer2_setting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_fortianalyzer2_setting:
reliable: <value in [disable, enable]>
secure-connection: <value in [disable, enable]>
server: <value of string>
severity: <value in [emergency, alert, critical, ...]>
status: <value in [disable, realtime, upload]>
upload-time: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_fortianalyzer3_filter – Filter for FortiAnalyzer3 logging.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_fortianalyzer3_filter | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_fortianalyzer3_filter - Filter for FortiAnalyzer3 logging. type: dict
- devcfg - Log device configuration message. type: str choices: [disable, enable] default: disable more...
- devops - Managered devices operations messages. type: str choices: [disable, enable] default: enable more...
- diskquota - Log Fortianalyzer disk quota messages. type: str choices: [disable, enable] default: enable more...
- dm - Log deployment manager message. type: str choices: [disable, enable] default: disable more...
- dvm - Log device manager messages. type: str choices: [disable, enable] default: enable more...
- ediscovery - Log Fortianalyzer ediscovery messages. type: str choices: [disable, enable] default: enable more...
- epmgr - Log endpoint manager message. type: str choices: [disable, enable] default: disable more...
- event - Log event messages. type: str choices: [disable, enable] default: enable more...
- eventmgmt - Log Fortianalyzer event handler messages. type: str choices: [disable, enable] default: enable more...
- faz - Log Fortianalyzer messages. type: str choices: [disable, enable] default: enable more...
- fazha - Log Fortianalyzer HA messages. type: str choices: [disable, enable] default: enable more...
- fazsys - Log Fortianalyzer system messages. type: str choices: [disable, enable] default: enable more...
- fgd - Log FortiGuard service message. type: str choices: [disable, enable] default: disable more...
- fgfm - Log FGFM protocol message. type: str choices: [disable, enable] default: disable more...
- fips - Whether to log fips messages. type: str choices: [disable, enable] default: enable more...
- fmgws - Log web service messages. type: str choices: [disable, enable] default: enable more...
- fmlmgr - Log FortiMail manager message. type: str choices: [disable, enable] default: disable more...
- fmwmgr - Log firmware manager message. type: str choices: [disable, enable] default: disable more...
- fortiview - Log Fortianalyzer FortiView messages. type: str choices: [disable, enable] default: enable more...
- glbcfg - Log global database message. type: str choices: [disable, enable] default: disable more...
- ha - Log HA message. type: str choices: [disable, enable] default: disable more...
- hcache - Log Fortianalyzer hcache messages. type: str choices: [disable, enable] default: enable more...
- incident - Log Fortianalyzer incident messages. type: str choices: [disable, enable] default: enable more...
- iolog - Log debug IO log message. type: str choices: [disable, enable] default: enable more...
- logd - Log the status of log daemon. type: str choices: [disable, enable] default: enable more...
- logdb - Log Fortianalyzer log DB messages. type: str choices: [disable, enable] default: enable more...
- logdev - Log Fortianalyzer log device messages. type: str choices: [disable, enable] default: enable more...
- logfile - Log Fortianalyzer log file messages. type: str choices: [enable, disable] more...
- logging - Log Fortianalyzer logging messages. type: str choices: [disable, enable] default: enable more...
- lrmgr - Log log and report manager message. type: str choices: [disable, enable] default: disable more...
- objcfg - Log object configuration change message. type: str choices: [disable, enable] default: disable more...
- report - Log Fortianalyzer report messages. type: str choices: [disable, enable] default: enable more...
- rev - Log revision history message. type: str choices: [disable, enable] default: disable more...
- rtmon - Log real-time monitor message. type: str choices: [disable, enable] default: disable more...
- scfw - Log firewall objects message. type: str choices: [disable, enable] default: disable more...
- scply - Log policy console message. type: str choices: [disable, enable] default: disable more...
- scrmgr - Log script manager message. type: str choices: [disable, enable] default: disable more...
- scvpn - Log VPN console message. type: str choices: [disable, enable] default: disable more...
- system - Log system manager message. type: str choices: [disable, enable] default: enable more...
- webport - Log web portal message. type: str choices: [disable, enable] default: disable more...
- aid - Log aid messages. type: str choices: [disable, enable] default: enable more...
- docker - Docker application generic messages. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Filter for FortiAnalyzer3 logging.
faz_cli_system_locallog_fortianalyzer3_filter:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_fortianalyzer3_filter:
devcfg: <value in [disable, enable]>
devops: <value in [disable, enable]>
diskquota: <value in [disable, enable]>
dm: <value in [disable, enable]>
dvm: <value in [disable, enable]>
ediscovery: <value in [disable, enable]>
epmgr: <value in [disable, enable]>
event: <value in [disable, enable]>
eventmgmt: <value in [disable, enable]>
faz: <value in [disable, enable]>
fazha: <value in [disable, enable]>
fazsys: <value in [disable, enable]>
fgd: <value in [disable, enable]>
fgfm: <value in [disable, enable]>
fips: <value in [disable, enable]>
fmgws: <value in [disable, enable]>
fmlmgr: <value in [disable, enable]>
fmwmgr: <value in [disable, enable]>
fortiview: <value in [disable, enable]>
glbcfg: <value in [disable, enable]>
ha: <value in [disable, enable]>
hcache: <value in [disable, enable]>
incident: <value in [disable, enable]>
iolog: <value in [disable, enable]>
logd: <value in [disable, enable]>
logdb: <value in [disable, enable]>
logdev: <value in [disable, enable]>
logfile: <value in [enable, disable]>
logging: <value in [disable, enable]>
lrmgr: <value in [disable, enable]>
objcfg: <value in [disable, enable]>
report: <value in [disable, enable]>
rev: <value in [disable, enable]>
rtmon: <value in [disable, enable]>
scfw: <value in [disable, enable]>
scply: <value in [disable, enable]>
scrmgr: <value in [disable, enable]>
scvpn: <value in [disable, enable]>
system: <value in [disable, enable]>
webport: <value in [disable, enable]>
aid: <value in [disable, enable]>
docker: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_fortianalyzer3_setting – Settings for locallog to fortianalyzer.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_fortianalyzer3_setting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_fortianalyzer3_setting - Settings for locallog to fortianalyzer. type: dict
- reliable - Enable/disable reliable realtime logging. type: str choices: [disable, enable] default: disable more...
- secure-connection - Enable/disable connection secured by TLS/SSL. type: str choices: [disable, enable] default: disable more...
- server - Remote FortiAnalyzer server FQDN, hostname, or IP address type: str more...
- severity - Least severity level to log. type: str choices: [emergency, alert, critical, error, warning, notification, information, debug] default: notification more...
- status - Log to FortiAnalyzer status. type: str choices: [disable, realtime, upload] default: disable more...
- upload-time - No description for the parameter type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Settings for locallog to fortianalyzer.
faz_cli_system_locallog_fortianalyzer3_setting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_fortianalyzer3_setting:
reliable: <value in [disable, enable]>
secure-connection: <value in [disable, enable]>
server: <value of string>
severity: <value in [emergency, alert, critical, ...]>
status: <value in [disable, realtime, upload]>
upload-time: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_fortianalyzer_filter – Filter for FortiAnalyzer logging.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_fortianalyzer_filter | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_fortianalyzer_filter - Filter for FortiAnalyzer logging. type: dict
- devcfg - Log device configuration message. type: str choices: [disable, enable] default: disable more...
- devops - Managered devices operations messages. type: str choices: [disable, enable] default: enable more...
- diskquota - Log Fortianalyzer disk quota messages. type: str choices: [disable, enable] default: enable more...
- dm - Log deployment manager message. type: str choices: [disable, enable] default: disable more...
- dvm - Log device manager messages. type: str choices: [disable, enable] default: enable more...
- ediscovery - Log Fortianalyzer ediscovery messages. type: str choices: [disable, enable] default: enable more...
- epmgr - Log endpoint manager message. type: str choices: [disable, enable] default: disable more...
- event - Log event messages. type: str choices: [disable, enable] default: enable more...
- eventmgmt - Log Fortianalyzer event handler messages. type: str choices: [disable, enable] default: enable more...
- faz - Log Fortianalyzer messages. type: str choices: [disable, enable] default: enable more...
- fazha - Log Fortianalyzer HA messages. type: str choices: [disable, enable] default: enable more...
- fazsys - Log Fortianalyzer system messages. type: str choices: [disable, enable] default: enable more...
- fgd - Log FortiGuard service message. type: str choices: [disable, enable] default: disable more...
- fgfm - Log FGFM protocol message. type: str choices: [disable, enable] default: disable more...
- fips - Whether to log fips messages. type: str choices: [disable, enable] default: enable more...
- fmgws - Log web service messages. type: str choices: [disable, enable] default: enable more...
- fmlmgr - Log FortiMail manager message. type: str choices: [disable, enable] default: disable more...
- fmwmgr - Log firmware manager message. type: str choices: [disable, enable] default: disable more...
- fortiview - Log Fortianalyzer FortiView messages. type: str choices: [disable, enable] default: enable more...
- glbcfg - Log global database message. type: str choices: [disable, enable] default: disable more...
- ha - Log HA message. type: str choices: [disable, enable] default: disable more...
- hcache - Log Fortianalyzer hcache messages. type: str choices: [disable, enable] default: enable more...
- incident - Log Fortianalyzer incident messages. type: str choices: [disable, enable] default: enable more...
- iolog - Log debug IO log message. type: str choices: [disable, enable] default: enable more...
- logd - Log the status of log daemon. type: str choices: [disable, enable] default: enable more...
- logdb - Log Fortianalyzer log DB messages. type: str choices: [disable, enable] default: enable more...
- logdev - Log Fortianalyzer log device messages. type: str choices: [disable, enable] default: enable more...
- logfile - Log Fortianalyzer log file messages. type: str choices: [enable, disable] more...
- logging - Log Fortianalyzer logging messages. type: str choices: [disable, enable] default: enable more...
- lrmgr - Log log and report manager message. type: str choices: [disable, enable] default: disable more...
- objcfg - Log object configuration change message. type: str choices: [disable, enable] default: disable more...
- report - Log Fortianalyzer report messages. type: str choices: [disable, enable] default: enable more...
- rev - Log revision history message. type: str choices: [disable, enable] default: disable more...
- rtmon - Log real-time monitor message. type: str choices: [disable, enable] default: disable more...
- scfw - Log firewall objects message. type: str choices: [disable, enable] default: disable more...
- scply - Log policy console message. type: str choices: [disable, enable] default: disable more...
- scrmgr - Log script manager message. type: str choices: [disable, enable] default: disable more...
- scvpn - Log VPN console message. type: str choices: [disable, enable] default: disable more...
- system - Log system manager message. type: str choices: [disable, enable] default: enable more...
- webport - Log web portal message. type: str choices: [disable, enable] default: disable more...
- aid - Log aid messages. type: str choices: [disable, enable] default: enable more...
- docker - Docker application generic messages. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Filter for FortiAnalyzer logging.
faz_cli_system_locallog_fortianalyzer_filter:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_fortianalyzer_filter:
devcfg: <value in [disable, enable]>
devops: <value in [disable, enable]>
diskquota: <value in [disable, enable]>
dm: <value in [disable, enable]>
dvm: <value in [disable, enable]>
ediscovery: <value in [disable, enable]>
epmgr: <value in [disable, enable]>
event: <value in [disable, enable]>
eventmgmt: <value in [disable, enable]>
faz: <value in [disable, enable]>
fazha: <value in [disable, enable]>
fazsys: <value in [disable, enable]>
fgd: <value in [disable, enable]>
fgfm: <value in [disable, enable]>
fips: <value in [disable, enable]>
fmgws: <value in [disable, enable]>
fmlmgr: <value in [disable, enable]>
fmwmgr: <value in [disable, enable]>
fortiview: <value in [disable, enable]>
glbcfg: <value in [disable, enable]>
ha: <value in [disable, enable]>
hcache: <value in [disable, enable]>
incident: <value in [disable, enable]>
iolog: <value in [disable, enable]>
logd: <value in [disable, enable]>
logdb: <value in [disable, enable]>
logdev: <value in [disable, enable]>
logfile: <value in [enable, disable]>
logging: <value in [disable, enable]>
lrmgr: <value in [disable, enable]>
objcfg: <value in [disable, enable]>
report: <value in [disable, enable]>
rev: <value in [disable, enable]>
rtmon: <value in [disable, enable]>
scfw: <value in [disable, enable]>
scply: <value in [disable, enable]>
scrmgr: <value in [disable, enable]>
scvpn: <value in [disable, enable]>
system: <value in [disable, enable]>
webport: <value in [disable, enable]>
aid: <value in [disable, enable]>
docker: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_fortianalyzer_setting – Settings for locallog to fortianalyzer.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_fortianalyzer_setting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_fortianalyzer_setting - Settings for locallog to fortianalyzer. type: dict
- reliable - Enable/disable reliable realtime logging. type: str choices: [disable, enable] default: disable more...
- secure-connection - Enable/disable connection secured by TLS/SSL. type: str choices: [disable, enable] default: disable more...
- server - Remote FortiAnalyzer server FQDN, hostname, or IP address type: str more...
- severity - Least severity level to log. type: str choices: [emergency, alert, critical, error, warning, notification, information, debug] default: notification more...
- status - Log to FortiAnalyzer status. type: str choices: [disable, realtime, upload] default: disable more...
- upload-time - No description for the parameter type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Settings for locallog to fortianalyzer.
faz_cli_system_locallog_fortianalyzer_setting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_fortianalyzer_setting:
reliable: <value in [disable, enable]>
secure-connection: <value in [disable, enable]>
server: <value of string>
severity: <value in [emergency, alert, critical, ...]>
status: <value in [disable, realtime, upload]>
upload-time: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_memory_filter – Filter for memory logging.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_memory_filter | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_memory_filter - Filter for memory logging. type: dict
- devcfg - Log device configuration message. type: str choices: [disable, enable] default: disable more...
- devops - Managered devices operations messages. type: str choices: [disable, enable] default: enable more...
- diskquota - Log Fortianalyzer disk quota messages. type: str choices: [disable, enable] default: enable more...
- dm - Log deployment manager message. type: str choices: [disable, enable] default: disable more...
- dvm - Log device manager messages. type: str choices: [disable, enable] default: enable more...
- ediscovery - Log Fortianalyzer ediscovery messages. type: str choices: [disable, enable] default: enable more...
- epmgr - Log endpoint manager message. type: str choices: [disable, enable] default: disable more...
- event - Log event messages. type: str choices: [disable, enable] default: enable more...
- eventmgmt - Log Fortianalyzer event handler messages. type: str choices: [disable, enable] default: enable more...
- faz - Log Fortianalyzer messages. type: str choices: [disable, enable] default: enable more...
- fazha - Log Fortianalyzer HA messages. type: str choices: [disable, enable] default: enable more...
- fazsys - Log Fortianalyzer system messages. type: str choices: [disable, enable] default: enable more...
- fgd - Log FortiGuard service message. type: str choices: [disable, enable] default: disable more...
- fgfm - Log FGFM protocol message. type: str choices: [disable, enable] default: disable more...
- fips - Whether to log fips messages. type: str choices: [disable, enable] default: enable more...
- fmgws - Log web service messages. type: str choices: [disable, enable] default: enable more...
- fmlmgr - Log FortiMail manager message. type: str choices: [disable, enable] default: disable more...
- fmwmgr - Log firmware manager message. type: str choices: [disable, enable] default: disable more...
- fortiview - Log Fortianalyzer FortiView messages. type: str choices: [disable, enable] default: enable more...
- glbcfg - Log global database message. type: str choices: [disable, enable] default: disable more...
- ha - Log HA message. type: str choices: [disable, enable] default: disable more...
- hcache - Log Fortianalyzer hcache messages. type: str choices: [disable, enable] default: enable more...
- incident - Log Fortianalyzer incident messages. type: str choices: [disable, enable] default: enable more...
- iolog - Log debug IO log message. type: str choices: [disable, enable] default: enable more...
- logd - Log the status of log daemon. type: str choices: [disable, enable] default: enable more...
- logdb - Log Fortianalyzer log DB messages. type: str choices: [disable, enable] default: enable more...
- logdev - Log Fortianalyzer log device messages. type: str choices: [disable, enable] default: enable more...
- logfile - Log Fortianalyzer log file messages. type: str choices: [enable, disable] more...
- logging - Log Fortianalyzer logging messages. type: str choices: [disable, enable] default: enable more...
- lrmgr - Log log and report manager message. type: str choices: [disable, enable] default: disable more...
- objcfg - Log object configuration change message. type: str choices: [disable, enable] default: disable more...
- report - Log Fortianalyzer report messages. type: str choices: [disable, enable] default: enable more...
- rev - Log revision history message. type: str choices: [disable, enable] default: disable more...
- rtmon - Log real-time monitor message. type: str choices: [disable, enable] default: disable more...
- scfw - Log firewall objects message. type: str choices: [disable, enable] default: disable more...
- scply - Log policy console message. type: str choices: [disable, enable] default: disable more...
- scrmgr - Log script manager message. type: str choices: [disable, enable] default: disable more...
- scvpn - Log VPN console message. type: str choices: [disable, enable] default: disable more...
- system - Log system manager message. type: str choices: [disable, enable] default: enable more...
- webport - Log web portal message. type: str choices: [disable, enable] default: disable more...
- aid - Log aid messages. type: str choices: [disable, enable] default: enable more...
- docker - Docker application generic messages. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Filter for memory logging.
faz_cli_system_locallog_memory_filter:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_memory_filter:
devcfg: <value in [disable, enable]>
devops: <value in [disable, enable]>
diskquota: <value in [disable, enable]>
dm: <value in [disable, enable]>
dvm: <value in [disable, enable]>
ediscovery: <value in [disable, enable]>
epmgr: <value in [disable, enable]>
event: <value in [disable, enable]>
eventmgmt: <value in [disable, enable]>
faz: <value in [disable, enable]>
fazha: <value in [disable, enable]>
fazsys: <value in [disable, enable]>
fgd: <value in [disable, enable]>
fgfm: <value in [disable, enable]>
fips: <value in [disable, enable]>
fmgws: <value in [disable, enable]>
fmlmgr: <value in [disable, enable]>
fmwmgr: <value in [disable, enable]>
fortiview: <value in [disable, enable]>
glbcfg: <value in [disable, enable]>
ha: <value in [disable, enable]>
hcache: <value in [disable, enable]>
incident: <value in [disable, enable]>
iolog: <value in [disable, enable]>
logd: <value in [disable, enable]>
logdb: <value in [disable, enable]>
logdev: <value in [disable, enable]>
logfile: <value in [enable, disable]>
logging: <value in [disable, enable]>
lrmgr: <value in [disable, enable]>
objcfg: <value in [disable, enable]>
report: <value in [disable, enable]>
rev: <value in [disable, enable]>
rtmon: <value in [disable, enable]>
scfw: <value in [disable, enable]>
scply: <value in [disable, enable]>
scrmgr: <value in [disable, enable]>
scvpn: <value in [disable, enable]>
system: <value in [disable, enable]>
webport: <value in [disable, enable]>
aid: <value in [disable, enable]>
docker: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_memory_setting – Settings for memory buffer.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_memory_setting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_memory_setting - Settings for memory buffer. type: dict
- diskfull - Action upon disk full. type: str choices: [overwrite, nolog] default: overwrite more...
- severity - Least severity level to log. type: str choices: [emergency, alert, critical, error, warning, notification, information, debug] default: notification more...
- status - Enable/disable memory buffer log. type: str choices: [disable, enable] default: disable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Settings for memory buffer.
faz_cli_system_locallog_memory_setting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_memory_setting:
diskfull: <value in [overwrite, nolog]>
severity: <value in [emergency, alert, critical, ...]>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_setting – Settings for locallog logging.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_setting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_setting - Settings for locallog logging. type: dict
- log-interval-dev-no-logging - Interval in minute for logging the event of no logs received from a device. type: int default: 1440 more...
- log-interval-disk-full - Interval in minute for logging the event of disk full. type: int default: 5 more...
- log-interval-gbday-exceeded - Interval in minute for logging the event of the GB/Day license exceeded. type: int default: 1440 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Settings for locallog logging.
faz_cli_system_locallog_setting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_setting:
log-interval-dev-no-logging: <value of integer>
log-interval-disk-full: <value of integer>
log-interval-gbday-exceeded: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_syslogd2_filter – Filter for syslog logging.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_syslogd2_filter | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_syslogd2_filter - Filter for syslog logging. type: dict
- devcfg - Log device configuration message. type: str choices: [disable, enable] default: disable more...
- devops - Managered devices operations messages. type: str choices: [disable, enable] default: enable more...
- diskquota - Log Fortianalyzer disk quota messages. type: str choices: [disable, enable] default: enable more...
- dm - Log deployment manager message. type: str choices: [disable, enable] default: disable more...
- dvm - Log device manager messages. type: str choices: [disable, enable] default: enable more...
- ediscovery - Log Fortianalyzer ediscovery messages. type: str choices: [disable, enable] default: enable more...
- epmgr - Log endpoint manager message. type: str choices: [disable, enable] default: disable more...
- event - Log event messages. type: str choices: [disable, enable] default: enable more...
- eventmgmt - Log Fortianalyzer event handler messages. type: str choices: [disable, enable] default: enable more...
- faz - Log Fortianalyzer messages. type: str choices: [disable, enable] default: enable more...
- fazha - Log Fortianalyzer HA messages. type: str choices: [disable, enable] default: enable more...
- fazsys - Log Fortianalyzer system messages. type: str choices: [disable, enable] default: enable more...
- fgd - Log FortiGuard service message. type: str choices: [disable, enable] default: disable more...
- fgfm - Log FGFM protocol message. type: str choices: [disable, enable] default: disable more...
- fips - Whether to log fips messages. type: str choices: [disable, enable] default: enable more...
- fmgws - Log web service messages. type: str choices: [disable, enable] default: enable more...
- fmlmgr - Log FortiMail manager message. type: str choices: [disable, enable] default: disable more...
- fmwmgr - Log firmware manager message. type: str choices: [disable, enable] default: disable more...
- fortiview - Log Fortianalyzer FortiView messages. type: str choices: [disable, enable] default: enable more...
- glbcfg - Log global database message. type: str choices: [disable, enable] default: disable more...
- ha - Log HA message. type: str choices: [disable, enable] default: disable more...
- hcache - Log Fortianalyzer hcache messages. type: str choices: [disable, enable] default: enable more...
- incident - Log Fortianalyzer incident messages. type: str choices: [disable, enable] default: enable more...
- iolog - Log debug IO log message. type: str choices: [disable, enable] default: enable more...
- logd - Log the status of log daemon. type: str choices: [disable, enable] default: enable more...
- logdb - Log Fortianalyzer log DB messages. type: str choices: [disable, enable] default: enable more...
- logdev - Log Fortianalyzer log device messages. type: str choices: [disable, enable] default: enable more...
- logfile - Log Fortianalyzer log file messages. type: str choices: [enable, disable] more...
- logging - Log Fortianalyzer logging messages. type: str choices: [disable, enable] default: enable more...
- lrmgr - Log log and report manager message. type: str choices: [disable, enable] default: disable more...
- objcfg - Log object configuration change message. type: str choices: [disable, enable] default: disable more...
- report - Log Fortianalyzer report messages. type: str choices: [disable, enable] default: enable more...
- rev - Log revision history message. type: str choices: [disable, enable] default: disable more...
- rtmon - Log real-time monitor message. type: str choices: [disable, enable] default: disable more...
- scfw - Log firewall objects message. type: str choices: [disable, enable] default: disable more...
- scply - Log policy console message. type: str choices: [disable, enable] default: disable more...
- scrmgr - Log script manager message. type: str choices: [disable, enable] default: disable more...
- scvpn - Log VPN console message. type: str choices: [disable, enable] default: disable more...
- system - Log system manager message. type: str choices: [disable, enable] default: enable more...
- webport - Log web portal message. type: str choices: [disable, enable] default: disable more...
- aid - Log aid messages. type: str choices: [disable, enable] default: enable more...
- docker - Docker application generic messages. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Filter for syslog logging.
faz_cli_system_locallog_syslogd2_filter:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_syslogd2_filter:
devcfg: <value in [disable, enable]>
devops: <value in [disable, enable]>
diskquota: <value in [disable, enable]>
dm: <value in [disable, enable]>
dvm: <value in [disable, enable]>
ediscovery: <value in [disable, enable]>
epmgr: <value in [disable, enable]>
event: <value in [disable, enable]>
eventmgmt: <value in [disable, enable]>
faz: <value in [disable, enable]>
fazha: <value in [disable, enable]>
fazsys: <value in [disable, enable]>
fgd: <value in [disable, enable]>
fgfm: <value in [disable, enable]>
fips: <value in [disable, enable]>
fmgws: <value in [disable, enable]>
fmlmgr: <value in [disable, enable]>
fmwmgr: <value in [disable, enable]>
fortiview: <value in [disable, enable]>
glbcfg: <value in [disable, enable]>
ha: <value in [disable, enable]>
hcache: <value in [disable, enable]>
incident: <value in [disable, enable]>
iolog: <value in [disable, enable]>
logd: <value in [disable, enable]>
logdb: <value in [disable, enable]>
logdev: <value in [disable, enable]>
logfile: <value in [enable, disable]>
logging: <value in [disable, enable]>
lrmgr: <value in [disable, enable]>
objcfg: <value in [disable, enable]>
report: <value in [disable, enable]>
rev: <value in [disable, enable]>
rtmon: <value in [disable, enable]>
scfw: <value in [disable, enable]>
scply: <value in [disable, enable]>
scrmgr: <value in [disable, enable]>
scvpn: <value in [disable, enable]>
system: <value in [disable, enable]>
webport: <value in [disable, enable]>
aid: <value in [disable, enable]>
docker: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_syslogd2_setting – Settings for remote syslog server.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_syslogd2_setting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_syslogd2_setting - Settings for remote syslog server. type: dict
- csv - CSV format. type: str choices: [disable, enable] default: disable more...
- facility - Remote syslog facility. type: str choices: [kernel, user, ntp, audit, alert, clock, mail, daemon, auth, syslog, lpr, news, uucp, cron, authpriv, ftp, local0, local1, local2, local3, local4, local5, local6, local7] default: local7 more...
- severity - Least severity level to log. type: str choices: [emergency, alert, critical, error, warning, notification, information, debug] default: notification more...
- status - Remote syslog log. type: str choices: [disable, enable] default: disable more...
- syslog-name - Remote syslog server name. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Settings for remote syslog server.
faz_cli_system_locallog_syslogd2_setting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_syslogd2_setting:
csv: <value in [disable, enable]>
facility: <value in [kernel, user, ntp, ...]>
severity: <value in [emergency, alert, critical, ...]>
status: <value in [disable, enable]>
syslog-name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_syslogd3_filter – Filter for syslog logging.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_syslogd3_filter | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_syslogd3_filter - Filter for syslog logging. type: dict
- devcfg - Log device configuration message. type: str choices: [disable, enable] default: disable more...
- devops - Managered devices operations messages. type: str choices: [disable, enable] default: enable more...
- diskquota - Log Fortianalyzer disk quota messages. type: str choices: [disable, enable] default: enable more...
- dm - Log deployment manager message. type: str choices: [disable, enable] default: disable more...
- dvm - Log device manager messages. type: str choices: [disable, enable] default: enable more...
- ediscovery - Log Fortianalyzer ediscovery messages. type: str choices: [disable, enable] default: enable more...
- epmgr - Log endpoint manager message. type: str choices: [disable, enable] default: disable more...
- event - Log event messages. type: str choices: [disable, enable] default: enable more...
- eventmgmt - Log Fortianalyzer event handler messages. type: str choices: [disable, enable] default: enable more...
- faz - Log Fortianalyzer messages. type: str choices: [disable, enable] default: enable more...
- fazha - Log Fortianalyzer HA messages. type: str choices: [disable, enable] default: enable more...
- fazsys - Log Fortianalyzer system messages. type: str choices: [disable, enable] default: enable more...
- fgd - Log FortiGuard service message. type: str choices: [disable, enable] default: disable more...
- fgfm - Log FGFM protocol message. type: str choices: [disable, enable] default: disable more...
- fips - Whether to log fips messages. type: str choices: [disable, enable] default: enable more...
- fmgws - Log web service messages. type: str choices: [disable, enable] default: enable more...
- fmlmgr - Log FortiMail manager message. type: str choices: [disable, enable] default: disable more...
- fmwmgr - Log firmware manager message. type: str choices: [disable, enable] default: disable more...
- fortiview - Log Fortianalyzer FortiView messages. type: str choices: [disable, enable] default: enable more...
- glbcfg - Log global database message. type: str choices: [disable, enable] default: disable more...
- ha - Log HA message. type: str choices: [disable, enable] default: disable more...
- hcache - Log Fortianalyzer hcache messages. type: str choices: [disable, enable] default: enable more...
- incident - Log Fortianalyzer incident messages. type: str choices: [disable, enable] default: enable more...
- iolog - Log debug IO log message. type: str choices: [disable, enable] default: enable more...
- logd - Log the status of log daemon. type: str choices: [disable, enable] default: enable more...
- logdb - Log Fortianalyzer log DB messages. type: str choices: [disable, enable] default: enable more...
- logdev - Log Fortianalyzer log device messages. type: str choices: [disable, enable] default: enable more...
- logfile - Log Fortianalyzer log file messages. type: str choices: [enable, disable] more...
- logging - Log Fortianalyzer logging messages. type: str choices: [disable, enable] default: enable more...
- lrmgr - Log log and report manager message. type: str choices: [disable, enable] default: disable more...
- objcfg - Log object configuration change message. type: str choices: [disable, enable] default: disable more...
- report - Log Fortianalyzer report messages. type: str choices: [disable, enable] default: enable more...
- rev - Log revision history message. type: str choices: [disable, enable] default: disable more...
- rtmon - Log real-time monitor message. type: str choices: [disable, enable] default: disable more...
- scfw - Log firewall objects message. type: str choices: [disable, enable] default: disable more...
- scply - Log policy console message. type: str choices: [disable, enable] default: disable more...
- scrmgr - Log script manager message. type: str choices: [disable, enable] default: disable more...
- scvpn - Log VPN console message. type: str choices: [disable, enable] default: disable more...
- system - Log system manager message. type: str choices: [disable, enable] default: enable more...
- webport - Log web portal message. type: str choices: [disable, enable] default: disable more...
- aid - Log aid messages. type: str choices: [disable, enable] default: enable more...
- docker - Docker application generic messages. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Filter for syslog logging.
faz_cli_system_locallog_syslogd3_filter:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_syslogd3_filter:
devcfg: <value in [disable, enable]>
devops: <value in [disable, enable]>
diskquota: <value in [disable, enable]>
dm: <value in [disable, enable]>
dvm: <value in [disable, enable]>
ediscovery: <value in [disable, enable]>
epmgr: <value in [disable, enable]>
event: <value in [disable, enable]>
eventmgmt: <value in [disable, enable]>
faz: <value in [disable, enable]>
fazha: <value in [disable, enable]>
fazsys: <value in [disable, enable]>
fgd: <value in [disable, enable]>
fgfm: <value in [disable, enable]>
fips: <value in [disable, enable]>
fmgws: <value in [disable, enable]>
fmlmgr: <value in [disable, enable]>
fmwmgr: <value in [disable, enable]>
fortiview: <value in [disable, enable]>
glbcfg: <value in [disable, enable]>
ha: <value in [disable, enable]>
hcache: <value in [disable, enable]>
incident: <value in [disable, enable]>
iolog: <value in [disable, enable]>
logd: <value in [disable, enable]>
logdb: <value in [disable, enable]>
logdev: <value in [disable, enable]>
logfile: <value in [enable, disable]>
logging: <value in [disable, enable]>
lrmgr: <value in [disable, enable]>
objcfg: <value in [disable, enable]>
report: <value in [disable, enable]>
rev: <value in [disable, enable]>
rtmon: <value in [disable, enable]>
scfw: <value in [disable, enable]>
scply: <value in [disable, enable]>
scrmgr: <value in [disable, enable]>
scvpn: <value in [disable, enable]>
system: <value in [disable, enable]>
webport: <value in [disable, enable]>
aid: <value in [disable, enable]>
docker: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_syslogd3_setting – Settings for remote syslog server.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_syslogd3_setting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_syslogd3_setting - Settings for remote syslog server. type: dict
- csv - CSV format. type: str choices: [disable, enable] default: disable more...
- facility - Remote syslog facility. type: str choices: [kernel, user, ntp, audit, alert, clock, mail, daemon, auth, syslog, lpr, news, uucp, cron, authpriv, ftp, local0, local1, local2, local3, local4, local5, local6, local7] default: local7 more...
- severity - Least severity level to log. type: str choices: [emergency, alert, critical, error, warning, notification, information, debug] default: notification more...
- status - Remote syslog log. type: str choices: [disable, enable] default: disable more...
- syslog-name - Remote syslog server name. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Settings for remote syslog server.
faz_cli_system_locallog_syslogd3_setting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_syslogd3_setting:
csv: <value in [disable, enable]>
facility: <value in [kernel, user, ntp, ...]>
severity: <value in [emergency, alert, critical, ...]>
status: <value in [disable, enable]>
syslog-name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_syslogd_filter – Filter for syslog logging.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_syslogd_filter | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_syslogd_filter - Filter for syslog logging. type: dict
- devcfg - Log device configuration message. type: str choices: [disable, enable] default: disable more...
- devops - Managered devices operations messages. type: str choices: [disable, enable] default: enable more...
- diskquota - Log Fortianalyzer disk quota messages. type: str choices: [disable, enable] default: enable more...
- dm - Log deployment manager message. type: str choices: [disable, enable] default: disable more...
- dvm - Log device manager messages. type: str choices: [disable, enable] default: enable more...
- ediscovery - Log Fortianalyzer ediscovery messages. type: str choices: [disable, enable] default: enable more...
- epmgr - Log endpoint manager message. type: str choices: [disable, enable] default: disable more...
- event - Log event messages. type: str choices: [disable, enable] default: enable more...
- eventmgmt - Log Fortianalyzer event handler messages. type: str choices: [disable, enable] default: enable more...
- faz - Log Fortianalyzer messages. type: str choices: [disable, enable] default: enable more...
- fazha - Log Fortianalyzer HA messages. type: str choices: [disable, enable] default: enable more...
- fazsys - Log Fortianalyzer system messages. type: str choices: [disable, enable] default: enable more...
- fgd - Log FortiGuard service message. type: str choices: [disable, enable] default: disable more...
- fgfm - Log FGFM protocol message. type: str choices: [disable, enable] default: disable more...
- fips - Whether to log fips messages. type: str choices: [disable, enable] default: enable more...
- fmgws - Log web service messages. type: str choices: [disable, enable] default: enable more...
- fmlmgr - Log FortiMail manager message. type: str choices: [disable, enable] default: disable more...
- fmwmgr - Log firmware manager message. type: str choices: [disable, enable] default: disable more...
- fortiview - Log Fortianalyzer FortiView messages. type: str choices: [disable, enable] default: enable more...
- glbcfg - Log global database message. type: str choices: [disable, enable] default: disable more...
- ha - Log HA message. type: str choices: [disable, enable] default: disable more...
- hcache - Log Fortianalyzer hcache messages. type: str choices: [disable, enable] default: enable more...
- incident - Log Fortianalyzer incident messages. type: str choices: [disable, enable] default: enable more...
- iolog - Log debug IO log message. type: str choices: [disable, enable] default: enable more...
- logd - Log the status of log daemon. type: str choices: [disable, enable] default: enable more...
- logdb - Log Fortianalyzer log DB messages. type: str choices: [disable, enable] default: enable more...
- logdev - Log Fortianalyzer log device messages. type: str choices: [disable, enable] default: enable more...
- logfile - Log Fortianalyzer log file messages. type: str choices: [enable, disable] more...
- logging - Log Fortianalyzer logging messages. type: str choices: [disable, enable] default: enable more...
- lrmgr - Log log and report manager message. type: str choices: [disable, enable] default: disable more...
- objcfg - Log object configuration change message. type: str choices: [disable, enable] default: disable more...
- report - Log Fortianalyzer report messages. type: str choices: [disable, enable] default: enable more...
- rev - Log revision history message. type: str choices: [disable, enable] default: disable more...
- rtmon - Log real-time monitor message. type: str choices: [disable, enable] default: disable more...
- scfw - Log firewall objects message. type: str choices: [disable, enable] default: disable more...
- scply - Log policy console message. type: str choices: [disable, enable] default: disable more...
- scrmgr - Log script manager message. type: str choices: [disable, enable] default: disable more...
- scvpn - Log VPN console message. type: str choices: [disable, enable] default: disable more...
- system - Log system manager message. type: str choices: [disable, enable] default: enable more...
- webport - Log web portal message. type: str choices: [disable, enable] default: disable more...
- aid - Log aid messages. type: str choices: [disable, enable] default: enable more...
- docker - Docker application generic messages. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Filter for syslog logging.
faz_cli_system_locallog_syslogd_filter:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_syslogd_filter:
devcfg: <value in [disable, enable]>
devops: <value in [disable, enable]>
diskquota: <value in [disable, enable]>
dm: <value in [disable, enable]>
dvm: <value in [disable, enable]>
ediscovery: <value in [disable, enable]>
epmgr: <value in [disable, enable]>
event: <value in [disable, enable]>
eventmgmt: <value in [disable, enable]>
faz: <value in [disable, enable]>
fazha: <value in [disable, enable]>
fazsys: <value in [disable, enable]>
fgd: <value in [disable, enable]>
fgfm: <value in [disable, enable]>
fips: <value in [disable, enable]>
fmgws: <value in [disable, enable]>
fmlmgr: <value in [disable, enable]>
fmwmgr: <value in [disable, enable]>
fortiview: <value in [disable, enable]>
glbcfg: <value in [disable, enable]>
ha: <value in [disable, enable]>
hcache: <value in [disable, enable]>
incident: <value in [disable, enable]>
iolog: <value in [disable, enable]>
logd: <value in [disable, enable]>
logdb: <value in [disable, enable]>
logdev: <value in [disable, enable]>
logfile: <value in [enable, disable]>
logging: <value in [disable, enable]>
lrmgr: <value in [disable, enable]>
objcfg: <value in [disable, enable]>
report: <value in [disable, enable]>
rev: <value in [disable, enable]>
rtmon: <value in [disable, enable]>
scfw: <value in [disable, enable]>
scply: <value in [disable, enable]>
scrmgr: <value in [disable, enable]>
scvpn: <value in [disable, enable]>
system: <value in [disable, enable]>
webport: <value in [disable, enable]>
aid: <value in [disable, enable]>
docker: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_locallog_syslogd_setting – Settings for remote syslog server.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_locallog_syslogd_setting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_locallog_syslogd_setting - Settings for remote syslog server. type: dict
- csv - CSV format. type: str choices: [disable, enable] default: disable more...
- facility - Remote syslog facility. type: str choices: [kernel, user, ntp, audit, alert, clock, mail, daemon, auth, syslog, lpr, news, uucp, cron, authpriv, ftp, local0, local1, local2, local3, local4, local5, local6, local7] default: local7 more...
- severity - Least severity level to log. type: str choices: [emergency, alert, critical, error, warning, notification, information, debug] default: notification more...
- status - Remote syslog log. type: str choices: [disable, enable] default: disable more...
- syslog-name - Remote syslog server name. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Settings for remote syslog server.
faz_cli_system_locallog_syslogd_setting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_locallog_syslogd_setting:
csv: <value in [disable, enable]>
facility: <value in [kernel, user, ntp, ...]>
severity: <value in [emergency, alert, critical, ...]>
status: <value in [disable, enable]>
syslog-name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_log_alert – Log based alert settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_log_alert | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_log_alert - Log based alert settings. type: dict
- max-alert-count - Maximum number of alerts supported. type: int default: 10000 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log based alert settings.
faz_cli_system_log_alert:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_log_alert:
max-alert-count: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_log_devicedisable – Disable client device logging.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_log_devicedisable - Disable client device logging. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Disable client device logging.
faz_cli_system_log_devicedisable:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_log_devicedisable:
TTL: <value of string>
device: <value of string>
id: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_log_interfacestats – Interface statistics settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_log_interfacestats | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_log_interfacestats - Interface statistics settings. type: dict
- retention-days - Number of days for interface data storage. type: int default: 30 more...
- sampling-interval - Interval of receiving interface data from FortiGates in seconds. type: int default: 1200 more...
- status - Disable/Enable interface statistics feature. type: str choices: [disable, enable] default: enable more...
- billing-report - Disable/Enable billing report feature. type: str choices: [disable, enable] default: disable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Interface statistics settings.
faz_cli_system_log_interfacestats:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_log_interfacestats:
retention-days: <value of integer>
sampling-interval: <value of integer>
status: <value in [disable, enable]>
billing-report: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_log_ioc – IoC settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_log_ioc | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_log_ioc - IoC settings. type: dict
- notification - Disable/Enable IoC notification. type: str choices: [disable, enable] default: enable more...
- notification-throttle - Minute value for throttling the rate of IoC notifications. type: int default: 1440 more...
- rescan-max-runner - Max count of cocurrent runner of IoC rescan. type: int default: 8 more...
- rescan-run-at - When to run IoC rescan. type: int default: 24 more...
- rescan-status - Disable/Enable IoC rescan. type: str choices: [disable, enable] default: enable more...
- status - Disable/Enable IoC feature. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: IoC settings.
faz_cli_system_log_ioc:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_log_ioc:
notification: <value in [disable, enable]>
notification-throttle: <value of integer>
rescan-max-runner: <value of integer>
rescan-run-at: <value of integer>
rescan-status: <value in [disable, enable]>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_log_maildomain – FortiMail domain setting.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_log_maildomain | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_log_maildomain - FortiMail domain setting. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: FortiMail domain setting.
faz_cli_system_log_maildomain:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_log_maildomain:
devices: <value of string>
domain: <value of string>
id: <value of integer>
vdom: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_log_ratelimit – Logging rate limit.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_log_ratelimit - Logging rate limit. type: dict
- device - No description for the parameter type: array
more...
- device - Device(s) filter according to filter-type setting, wildcard expression supported. type: str more...
- filter-type - Device filter type. type: str choices: [devid] default: devid more...
- id - Device filter ID. type: int default: 0 more...
- ratelimit - Maximum device log rate limit. type: int default: 0 more...
- device-ratelimit-default - Default maximum device log rate limit. type: int default: 0 more...
- mode - Logging rate limit mode. type: str choices: [disable, manual] default: disable more...
- system-ratelimit - Maximum system log rate limit. type: int default: 0 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Logging rate limit.
faz_cli_system_log_ratelimit:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_log_ratelimit:
device:
-
device: <value of string>
filter-type: <value in [devid]>
id: <value of integer>
ratelimit: <value of integer>
device-ratelimit-default: <value of integer>
mode: <value in [disable, manual]>
system-ratelimit: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_log_ratelimit_device – Device log rate limit.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_log_ratelimit_device - Device log rate limit. type: dict
- device - Device(s) filter according to filter-type setting, wildcard expression supported. type: str more...
- filter-type - Device filter type. type: str choices: [devid] default: devid more...
- id - Device filter ID. type: int default: 0 more...
- ratelimit - Maximum device log rate limit. type: int default: 0 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Device log rate limit.
faz_cli_system_log_ratelimit_device:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_log_ratelimit_device:
device: <value of string>
filter-type: <value in [devid]>
id: <value of integer>
ratelimit: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_log_settings – Log settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_log_settings | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_log_settings - Log settings. type: dict
- FAC-custom-field1 - Name of custom log field to index. type: str more...
- FAZ-custom-field1 - Name of custom log field to index. type: str more...
- FCH-custom-field1 - Name of custom log field to index. type: str more...
- FCT-custom-field1 - Name of custom log field to index. type: str more...
- FDD-custom-field1 - Name of custom log field to index. type: str more...
- FGT-custom-field1 - Name of custom log field to index. type: str more...
- FMG-custom-field1 - Name of custom log field to index. type: str more...
- FML-custom-field1 - Name of custom log field to index. type: str more...
- FPX-custom-field1 - Name of custom log field to index. type: str more...
- FSA-custom-field1 - Name of custom log field to index. type: str more...
- FWB-custom-field1 - Name of custom log field to index. type: str more...
- browse-max-logfiles - Maximum number of log files for each log browse attempt for each Adom. type: int default: 10000 more...
- dns-resolve-dstip - Enable/Disable resolving destination IP by DNS. type: str choices: [disable, enable] default: disable more...
- download-max-logs - Maximum number of logs for each log download attempt. type: int default: 100000 more...
- ha-auto-migrate - Enabled/Disable automatically merging HA members logs to HA cluster. type: str choices: [disable, enable] default: disable more...
- import-max-logfiles - Maximum number of log files for each log import attempt. type: int default: 10000 more...
- log-file-archive-name - Log file name format for archiving, such as backup, upload or download. type: str choices: [basic, extended] default: basic more...
- rolling-analyzer type: dict
- days - No description for the parameter type: array choices: [sun, mon, tue, wed, thu, fri, sat] more...
- del-files - Enable/disable log file deletion after uploading. type: str choices: [disable, enable] default: disable more...
- directory - Upload server directory, for Unix server, use absolute type: str more...
- file-size - Roll log files when they reach this size (MB). type: int default: 200 more...
- gzip-format - Enable/disable compression of uploaded log files. type: str choices: [disable, enable] default: disable more...
- hour - Log files rolling schedule (hour). type: int default: 0 more...
- ip - Upload server IP address. type: str default: 0.0.0.0 more...
- ip2 - Upload server IP2 address. type: str default: 0.0.0.0 more...
- ip3 - Upload server IP3 address. type: str default: 0.0.0.0 more...
- log-format - Format of uploaded log files. type: str choices: [native, text, csv] default: native more...
- min - Log files rolling schedule (minutes). type: int default: 0 more...
- password - No description for the parameter type: str more...
- password2 - No description for the parameter type: str more...
- password3 - No description for the parameter type: str more...
- port - Upload server IP1 port number. type: int default: 0 more...
- port2 - Upload server IP2 port number. type: int default: 0 more...
- port3 - Upload server IP3 port number. type: int default: 0 more...
- server-type - Upload server type. type: str choices: [ftp, sftp, scp] default: ftp more...
- upload - Enable/disable log file uploads. type: str choices: [disable, enable] default: disable more...
- upload-hour - Log files upload schedule (hour). type: int default: 0 more...
- upload-mode - Upload mode with multiple servers. type: str choices: [backup, mirror] default: backup more...
- upload-trigger - Event triggering log files upload. type: str choices: [on-roll, on-schedule] default: on-roll more...
- username - Upload server login username. type: str more...
- username2 - Upload server login username2. type: str more...
- username3 - Upload server login username3. type: str more...
- when - Roll log files periodically. type: str choices: [none, daily, weekly] default: none more...
- rolling-local type: dict
- days - No description for the parameter type: array choices: [sun, mon, tue, wed, thu, fri, sat] more...
- del-files - Enable/disable log file deletion after uploading. type: str choices: [disable, enable] default: disable more...
- directory - Upload server directory, for Unix server, use absolute type: str more...
- file-size - Roll log files when they reach this size (MB). type: int default: 200 more...
- gzip-format - Enable/disable compression of uploaded log files. type: str choices: [disable, enable] default: disable more...
- hour - Log files rolling schedule (hour). type: int default: 0 more...
- ip - Upload server IP address. type: str default: 0.0.0.0 more...
- ip2 - Upload server IP2 address. type: str default: 0.0.0.0 more...
- ip3 - Upload server IP3 address. type: str default: 0.0.0.0 more...
- log-format - Format of uploaded log files. type: str choices: [native, text, csv] default: native more...
- min - Log files rolling schedule (minutes). type: int default: 0 more...
- password - No description for the parameter type: str more...
- password2 - No description for the parameter type: str more...
- password3 - No description for the parameter type: str more...
- port - Upload server IP1 port number. type: int default: 0 more...
- port2 - Upload server IP2 port number. type: int default: 0 more...
- port3 - Upload server IP3 port number. type: int default: 0 more...
- server-type - Upload server type. type: str choices: [ftp, sftp, scp] default: ftp more...
- upload - Enable/disable log file uploads. type: str choices: [disable, enable] default: disable more...
- upload-hour - Log files upload schedule (hour). type: int default: 0 more...
- upload-mode - Upload mode with multiple servers. type: str choices: [backup, mirror] default: backup more...
- upload-trigger - Event triggering log files upload. type: str choices: [on-roll, on-schedule] default: on-roll more...
- username - Upload server login username. type: str more...
- username2 - Upload server login username2. type: str more...
- username3 - Upload server login username3. type: str more...
- when - Roll log files periodically. type: str choices: [none, daily, weekly] default: none more...
- rolling-regular type: dict
- days - No description for the parameter type: array choices: [sun, mon, tue, wed, thu, fri, sat] more...
- del-files - Enable/disable log file deletion after uploading. type: str choices: [disable, enable] default: disable more...
- directory - Upload server directory, for Unix server, use absolute type: str more...
- file-size - Roll log files when they reach this size (MB). type: int default: 200 more...
- gzip-format - Enable/disable compression of uploaded log files. type: str choices: [disable, enable] default: disable more...
- hour - Log files rolling schedule (hour). type: int default: 0 more...
- ip - Upload server IP address. type: str default: 0.0.0.0 more...
- ip2 - Upload server IP2 address. type: str default: 0.0.0.0 more...
- ip3 - Upload server IP3 address. type: str default: 0.0.0.0 more...
- log-format - Format of uploaded log files. type: str choices: [native, text, csv] default: native more...
- min - Log files rolling schedule (minutes). type: int default: 0 more...
- password - No description for the parameter type: str more...
- password2 - No description for the parameter type: str more...
- password3 - No description for the parameter type: str more...
- port - Upload server IP1 port number. type: int default: 0 more...
- port2 - Upload server IP2 port number. type: int default: 0 more...
- port3 - Upload server IP3 port number. type: int default: 0 more...
- server-type - Upload server type. type: str choices: [ftp, sftp, scp] default: ftp more...
- upload - Enable/disable log file uploads. type: str choices: [disable, enable] default: disable more...
- upload-hour - Log files upload schedule (hour). type: int default: 0 more...
- upload-mode - Upload mode with multiple servers. type: str choices: [backup, mirror] default: backup more...
- upload-trigger - Event triggering log files upload. type: str choices: [on-roll, on-schedule] default: on-roll more...
- username - Upload server login username. type: str more...
- username2 - Upload server login username2. type: str more...
- username3 - Upload server login username3. type: str more...
- when - Roll log files periodically. type: str choices: [none, daily, weekly] default: none more...
- sync-search-timeout - Maximum number of seconds for running a log search session in synchronous mode. type: int default: 60 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log settings.
faz_cli_system_log_settings:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_log_settings:
FAC-custom-field1: <value of string>
FAZ-custom-field1: <value of string>
FCH-custom-field1: <value of string>
FCT-custom-field1: <value of string>
FDD-custom-field1: <value of string>
FGT-custom-field1: <value of string>
FMG-custom-field1: <value of string>
FML-custom-field1: <value of string>
FPX-custom-field1: <value of string>
FSA-custom-field1: <value of string>
FWB-custom-field1: <value of string>
browse-max-logfiles: <value of integer>
dns-resolve-dstip: <value in [disable, enable]>
download-max-logs: <value of integer>
ha-auto-migrate: <value in [disable, enable]>
import-max-logfiles: <value of integer>
log-file-archive-name: <value in [basic, extended]>
rolling-analyzer:
days:
- sun
- mon
- tue
- wed
- thu
- fri
- sat
del-files: <value in [disable, enable]>
directory: <value of string>
file-size: <value of integer>
gzip-format: <value in [disable, enable]>
hour: <value of integer>
ip: <value of string>
ip2: <value of string>
ip3: <value of string>
log-format: <value in [native, text, csv]>
min: <value of integer>
password: <value of string>
password2: <value of string>
password3: <value of string>
port: <value of integer>
port2: <value of integer>
port3: <value of integer>
server-type: <value in [ftp, sftp, scp]>
upload: <value in [disable, enable]>
upload-hour: <value of integer>
upload-mode: <value in [backup, mirror]>
upload-trigger: <value in [on-roll, on-schedule]>
username: <value of string>
username2: <value of string>
username3: <value of string>
when: <value in [none, daily, weekly]>
rolling-local:
days:
- sun
- mon
- tue
- wed
- thu
- fri
- sat
del-files: <value in [disable, enable]>
directory: <value of string>
file-size: <value of integer>
gzip-format: <value in [disable, enable]>
hour: <value of integer>
ip: <value of string>
ip2: <value of string>
ip3: <value of string>
log-format: <value in [native, text, csv]>
min: <value of integer>
password: <value of string>
password2: <value of string>
password3: <value of string>
port: <value of integer>
port2: <value of integer>
port3: <value of integer>
server-type: <value in [ftp, sftp, scp]>
upload: <value in [disable, enable]>
upload-hour: <value of integer>
upload-mode: <value in [backup, mirror]>
upload-trigger: <value in [on-roll, on-schedule]>
username: <value of string>
username2: <value of string>
username3: <value of string>
when: <value in [none, daily, weekly]>
rolling-regular:
days:
- sun
- mon
- tue
- wed
- thu
- fri
- sat
del-files: <value in [disable, enable]>
directory: <value of string>
file-size: <value of integer>
gzip-format: <value in [disable, enable]>
hour: <value of integer>
ip: <value of string>
ip2: <value of string>
ip3: <value of string>
log-format: <value in [native, text, csv]>
min: <value of integer>
password: <value of string>
password2: <value of string>
password3: <value of string>
port: <value of integer>
port2: <value of integer>
port3: <value of integer>
server-type: <value in [ftp, sftp, scp]>
upload: <value in [disable, enable]>
upload-hour: <value of integer>
upload-mode: <value in [backup, mirror]>
upload-trigger: <value in [on-roll, on-schedule]>
username: <value of string>
username2: <value of string>
username3: <value of string>
when: <value in [none, daily, weekly]>
sync-search-timeout: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_log_settings_rollinganalyzer – Log rolling policy for Network Analyzer logs.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_log_settings_rollinganalyzer | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_log_settings_rollinganalyzer - Log rolling policy for Network Analyzer logs. type: dict
- days - No description for the parameter type: array choices: [sun, mon, tue, wed, thu, fri, sat] more...
- del-files - Enable/disable log file deletion after uploading. type: str choices: [disable, enable] default: disable more...
- directory - Upload server directory, for Unix server, use absolute type: str more...
- file-size - Roll log files when they reach this size (MB). type: int default: 200 more...
- gzip-format - Enable/disable compression of uploaded log files. type: str choices: [disable, enable] default: disable more...
- hour - Log files rolling schedule (hour). type: int default: 0 more...
- ip - Upload server IP address. type: str default: 0.0.0.0 more...
- ip2 - Upload server IP2 address. type: str default: 0.0.0.0 more...
- ip3 - Upload server IP3 address. type: str default: 0.0.0.0 more...
- log-format - Format of uploaded log files. type: str choices: [native, text, csv] default: native more...
- min - Log files rolling schedule (minutes). type: int default: 0 more...
- password - No description for the parameter type: str more...
- password2 - No description for the parameter type: str more...
- password3 - No description for the parameter type: str more...
- port - Upload server IP1 port number. type: int default: 0 more...
- port2 - Upload server IP2 port number. type: int default: 0 more...
- port3 - Upload server IP3 port number. type: int default: 0 more...
- server-type - Upload server type. type: str choices: [ftp, sftp, scp] default: ftp more...
- upload - Enable/disable log file uploads. type: str choices: [disable, enable] default: disable more...
- upload-hour - Log files upload schedule (hour). type: int default: 0 more...
- upload-mode - Upload mode with multiple servers. type: str choices: [backup, mirror] default: backup more...
- upload-trigger - Event triggering log files upload. type: str choices: [on-roll, on-schedule] default: on-roll more...
- username - Upload server login username. type: str more...
- username2 - Upload server login username2. type: str more...
- username3 - Upload server login username3. type: str more...
- when - Roll log files periodically. type: str choices: [none, daily, weekly] default: none more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log rolling policy for Network Analyzer logs.
faz_cli_system_log_settings_rollinganalyzer:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_log_settings_rollinganalyzer:
days:
- sun
- mon
- tue
- wed
- thu
- fri
- sat
del-files: <value in [disable, enable]>
directory: <value of string>
file-size: <value of integer>
gzip-format: <value in [disable, enable]>
hour: <value of integer>
ip: <value of string>
ip2: <value of string>
ip3: <value of string>
log-format: <value in [native, text, csv]>
min: <value of integer>
password: <value of string>
password2: <value of string>
password3: <value of string>
port: <value of integer>
port2: <value of integer>
port3: <value of integer>
server-type: <value in [ftp, sftp, scp]>
upload: <value in [disable, enable]>
upload-hour: <value of integer>
upload-mode: <value in [backup, mirror]>
upload-trigger: <value in [on-roll, on-schedule]>
username: <value of string>
username2: <value of string>
username3: <value of string>
when: <value in [none, daily, weekly]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_log_settings_rollinglocal – Log rolling policy for local logs.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_log_settings_rollinglocal | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_log_settings_rollinglocal - Log rolling policy for local logs. type: dict
- days - No description for the parameter type: array choices: [sun, mon, tue, wed, thu, fri, sat] more...
- del-files - Enable/disable log file deletion after uploading. type: str choices: [disable, enable] default: disable more...
- directory - Upload server directory, for Unix server, use absolute type: str more...
- file-size - Roll log files when they reach this size (MB). type: int default: 200 more...
- gzip-format - Enable/disable compression of uploaded log files. type: str choices: [disable, enable] default: disable more...
- hour - Log files rolling schedule (hour). type: int default: 0 more...
- ip - Upload server IP address. type: str default: 0.0.0.0 more...
- ip2 - Upload server IP2 address. type: str default: 0.0.0.0 more...
- ip3 - Upload server IP3 address. type: str default: 0.0.0.0 more...
- log-format - Format of uploaded log files. type: str choices: [native, text, csv] default: native more...
- min - Log files rolling schedule (minutes). type: int default: 0 more...
- password - No description for the parameter type: str more...
- password2 - No description for the parameter type: str more...
- password3 - No description for the parameter type: str more...
- port - Upload server IP1 port number. type: int default: 0 more...
- port2 - Upload server IP2 port number. type: int default: 0 more...
- port3 - Upload server IP3 port number. type: int default: 0 more...
- server-type - Upload server type. type: str choices: [ftp, sftp, scp] default: ftp more...
- upload - Enable/disable log file uploads. type: str choices: [disable, enable] default: disable more...
- upload-hour - Log files upload schedule (hour). type: int default: 0 more...
- upload-mode - Upload mode with multiple servers. type: str choices: [backup, mirror] default: backup more...
- upload-trigger - Event triggering log files upload. type: str choices: [on-roll, on-schedule] default: on-roll more...
- username - Upload server login username. type: str more...
- username2 - Upload server login username2. type: str more...
- username3 - Upload server login username3. type: str more...
- when - Roll log files periodically. type: str choices: [none, daily, weekly] default: none more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log rolling policy for local logs.
faz_cli_system_log_settings_rollinglocal:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_log_settings_rollinglocal:
days:
- sun
- mon
- tue
- wed
- thu
- fri
- sat
del-files: <value in [disable, enable]>
directory: <value of string>
file-size: <value of integer>
gzip-format: <value in [disable, enable]>
hour: <value of integer>
ip: <value of string>
ip2: <value of string>
ip3: <value of string>
log-format: <value in [native, text, csv]>
min: <value of integer>
password: <value of string>
password2: <value of string>
password3: <value of string>
port: <value of integer>
port2: <value of integer>
port3: <value of integer>
server-type: <value in [ftp, sftp, scp]>
upload: <value in [disable, enable]>
upload-hour: <value of integer>
upload-mode: <value in [backup, mirror]>
upload-trigger: <value in [on-roll, on-schedule]>
username: <value of string>
username2: <value of string>
username3: <value of string>
when: <value in [none, daily, weekly]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_log_settings_rollingregular – Log rolling policy for device logs.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_log_settings_rollingregular | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_log_settings_rollingregular - Log rolling policy for device logs. type: dict
- days - No description for the parameter type: array choices: [sun, mon, tue, wed, thu, fri, sat] more...
- del-files - Enable/disable log file deletion after uploading. type: str choices: [disable, enable] default: disable more...
- directory - Upload server directory, for Unix server, use absolute type: str more...
- file-size - Roll log files when they reach this size (MB). type: int default: 200 more...
- gzip-format - Enable/disable compression of uploaded log files. type: str choices: [disable, enable] default: disable more...
- hour - Log files rolling schedule (hour). type: int default: 0 more...
- ip - Upload server IP address. type: str default: 0.0.0.0 more...
- ip2 - Upload server IP2 address. type: str default: 0.0.0.0 more...
- ip3 - Upload server IP3 address. type: str default: 0.0.0.0 more...
- log-format - Format of uploaded log files. type: str choices: [native, text, csv] default: native more...
- min - Log files rolling schedule (minutes). type: int default: 0 more...
- password - No description for the parameter type: str more...
- password2 - No description for the parameter type: str more...
- password3 - No description for the parameter type: str more...
- port - Upload server IP1 port number. type: int default: 0 more...
- port2 - Upload server IP2 port number. type: int default: 0 more...
- port3 - Upload server IP3 port number. type: int default: 0 more...
- server-type - Upload server type. type: str choices: [ftp, sftp, scp] default: ftp more...
- upload - Enable/disable log file uploads. type: str choices: [disable, enable] default: disable more...
- upload-hour - Log files upload schedule (hour). type: int default: 0 more...
- upload-mode - Upload mode with multiple servers. type: str choices: [backup, mirror] default: backup more...
- upload-trigger - Event triggering log files upload. type: str choices: [on-roll, on-schedule] default: on-roll more...
- username - Upload server login username. type: str more...
- username2 - Upload server login username2. type: str more...
- username3 - Upload server login username3. type: str more...
- when - Roll log files periodically. type: str choices: [none, daily, weekly] default: none more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log rolling policy for device logs.
faz_cli_system_log_settings_rollingregular:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_log_settings_rollingregular:
days:
- sun
- mon
- tue
- wed
- thu
- fri
- sat
del-files: <value in [disable, enable]>
directory: <value of string>
file-size: <value of integer>
gzip-format: <value in [disable, enable]>
hour: <value of integer>
ip: <value of string>
ip2: <value of string>
ip3: <value of string>
log-format: <value in [native, text, csv]>
min: <value of integer>
password: <value of string>
password2: <value of string>
password3: <value of string>
port: <value of integer>
port2: <value of integer>
port3: <value of integer>
server-type: <value in [ftp, sftp, scp]>
upload: <value in [disable, enable]>
upload-hour: <value of integer>
upload-mode: <value in [backup, mirror]>
upload-trigger: <value in [on-roll, on-schedule]>
username: <value of string>
username2: <value of string>
username3: <value of string>
when: <value in [none, daily, weekly]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_logfetch_clientprofile – Log-fetch client profile settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_logfetch_clientprofile | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_logfetch_clientprofile - Log-fetch client profile settings. type: dict
- client-adom - Log-fetch client sides adom name. type: str more...
- data-range - Data-range for fetched logs. type: str choices: [custom] default: custom more...
- data-range-value - Last n days or hours. type: int default: 10 more...
- device-filter - No description for the parameter type: array more...
- end-time - No description for the parameter type: str more...
- id - Log-fetch client profile ID. type: int default: 0 more...
- index-fetch-logs - Enable/Disable indexing logs automatically after fetching logs. type: str choices: [disable, enable] default: enable more...
- log-filter - No description for the parameter type: array more...
- log-filter-logic - And/Or logic for log-filters. type: str choices: [and, or] default: or more...
- log-filter-status - Enable/Disable log-filter. type: str choices: [disable, enable] default: disable more...
- name - Name of log-fetch client profile. type: str more...
- password - No description for the parameter type: str more...
- secure-connection - Enable/Disable protecting log-fetch connection with TLS/SSL. type: str choices: [disable, enable] default: enable more...
- server-adom - Log-fetch server sides adom name. type: str more...
- server-ip - Log-fetch server IP address. type: str default: 0.0.0.0 more...
- start-time - No description for the parameter type: str more...
- sync-adom-config - Enable/Disable sync adom related config. type: str choices: [disable, enable] default: disable more...
- user - Log-fetch server login username. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log-fetch client profile settings.
faz_cli_system_logfetch_clientprofile:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_logfetch_clientprofile:
client-adom: <value of string>
data-range: <value in [custom]>
data-range-value: <value of integer>
device-filter:
-
adom: <value of string>
device: <value of string>
id: <value of integer>
vdom: <value of string>
end-time: <value of string>
id: <value of integer>
index-fetch-logs: <value in [disable, enable]>
log-filter:
-
field: <value of string>
id: <value of integer>
oper: <value in [=, !=, <, ...]>
value: <value of string>
log-filter-logic: <value in [and, or]>
log-filter-status: <value in [disable, enable]>
name: <value of string>
password: <value of string>
secure-connection: <value in [disable, enable]>
server-adom: <value of string>
server-ip: <value of string>
start-time: <value of string>
sync-adom-config: <value in [disable, enable]>
user: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_logfetch_clientprofile_devicefilter – List of device filter.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_logfetch_clientprofile_devicefilter | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- client-profile - The parameter in requested url type: str required: true
- cli_system_logfetch_clientprofile_devicefilter - List of device filter. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: List of device filter.
faz_cli_system_logfetch_clientprofile_devicefilter:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
client-profile: <your own value>
state: <value in [present, absent]>
cli_system_logfetch_clientprofile_devicefilter:
adom: <value of string>
device: <value of string>
id: <value of integer>
vdom: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_logfetch_clientprofile_logfilter – Log content filters.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_logfetch_clientprofile_logfilter | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- client-profile - The parameter in requested url type: str required: true
- cli_system_logfetch_clientprofile_logfilter - Log content filters. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log content filters.
faz_cli_system_logfetch_clientprofile_logfilter:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
client-profile: <your own value>
state: <value in [present, absent]>
cli_system_logfetch_clientprofile_logfilter:
field: <value of string>
id: <value of integer>
oper: <value in [=, !=, <, ...]>
value: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_logfetch_serversettings – Log-fetch server settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_logfetch_serversettings | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_logfetch_serversettings - Log-fetch server settings. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log-fetch server settings.
faz_cli_system_logfetch_serversettings:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_logfetch_serversettings:
max-conn-per-session: <value of integer>
max-sessions: <value of integer>
session-timeout: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_logforward – Log forwarding.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_logforward | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_logforward - Log forwarding. type: dict
- agg-archive-types - No description for the parameter type: array choices: [Web_Archive, Secure_Web_Archive, Email_Archive, File_Transfer_Archive, IM_Archive, MMS_Archive, AV_Quarantine, IPS_Packets] more...
- agg-logtypes - No description for the parameter type: array choices: [none, app-ctrl, attack, content, dlp, emailfilter, event, generic, history, traffic, virus, webfilter, netscan, fct-event, fct-traffic, fct-netscan, waf, gtp, dns, ssh, ssl, file-filter, asset, protocol, siem] more...
- agg-password - No description for the parameter type: str more...
- agg-time - Daily at. type: int default: 0 more...
- agg-user - Log aggregation access user name for server. type: str more...
- device-filter - No description for the parameter type: array
more...
- action - Include or exclude the specified device. type: str choices: [include, exclude, include-like, exclude-like] default: include more...
- device - Device ID of log client device, or a wildcard expression matching log client device(s) if action is a like action. type: str more...
- id - Device filter ID. type: int default: 0 more...
- fwd-archive-types - No description for the parameter type: array choices: [Web_Archive, Email_Archive, IM_Archive, File_Transfer_Archive, MMS_Archive, AV_Quarantine, IPS_Packets, EDISC_Archive] more...
- fwd-archives - Enable/disable forwarding archives. type: str choices: [disable, enable] default: enable more...
- fwd-facility - Facility for remote syslog. type: str choices: [kernel, user, mail, daemon, auth, syslog, lpr, news, uucp, clock, authpriv, ftp, ntp, audit, alert, cron, local0, local1, local2, local3, local4, local5, local6, local7] default: local7 more...
- fwd-log-source-ip - Logs source IP address (no effect for reliable forwarding). type: str choices: [local_ip, original_ip] default: local_ip more...
- fwd-max-delay - Max delay for near realtime log forwarding. type: str choices: [realtime, 1min, 5min] default: 5min more...
- fwd-reliable - Enable/disable reliable logging. type: str choices: [disable, enable] default: disable more...
- fwd-secure - Enable/disable TLS/SSL secured reliable logging. type: str choices: [disable, enable] default: disable more...
- fwd-server-type - Forwarding all logs to syslog server or FortiAnalyzer. type: str choices: [syslog, fortianalyzer, cef, syslog-pack] default: fortianalyzer more...
- id - Log forwarding ID. type: int default: 0 more...
- log-field-exclusion - No description for the parameter type: array
more...
- dev-type - Device type. type: str choices: [FortiGate, FortiManager, Syslog, FortiMail, FortiWeb, FortiCache, FortiAnalyzer, FortiSandbox, FortiDDoS, FortiNAC, FortiDeceptor, FortiADC, FortiFirewall] default: FortiGate more...
- field-list - List of fields to be excluded. type: str more...
- id - Log field exclusion ID. type: int default: 0 more...
- log-type - Log type. type: str choices: [app-ctrl, appevent, attack, content, dlp, emailfilter, event, generic, history, traffic, virus, voip, webfilter, netscan, waf, gtp, dns, ssh, ssl, file-filter, Asset, protocol, ANY-TYPE] default: traffic more...
- log-field-exclusion-status - Enable or disable log field exclusion. type: str choices: [disable, enable] default: disable more...
- log-filter - No description for the parameter type: array
more...
- field - Field name. type: str choices: [type, logid, level, devid, vd, srcip, srcintf, dstip, dstintf, dstport, user, group, free-text] default: type more...
- id - Log filter ID. type: int default: 0 more...
- oper - Field filter operator. type: str choices: [=, !=, <, >, <=, >=, contain, not-contain, match] default: = more...
- value - Field filter operand or free-text matching expression. type: str more...
- log-filter-logic - Logic operator used to connect filters. type: str choices: [and, or] default: or more...
- log-filter-status - Enable or disable log filtering. type: str choices: [disable, enable] default: disable more...
- mode - Log forwarding mode. type: str choices: [forwarding, aggregation, disable] default: disable more...
- proxy-service - Enable/disable proxy service under collector mode. type: str choices: [disable, enable] default: enable more...
- proxy-service-priority - Proxy service priority from 1 (lowest) to 20 (highest). type: int default: 10 more...
- server-device - Log forwarding server device ID. type: str more...
- server-ip - Remote server IP address. type: str more...
- server-name - Log forwarding server name. type: str more...
- server-port - Server listen port (1 - 65535). type: int default: 514 more...
- signature - Aggregation cfg hash token. type: int default: 0 more...
- sync-metadata - No description for the parameter type: array choices: [sf-topology, interface-role, device, endusr-avatar] more...
- fwd-syslog-format - Forwarding format for syslog. type: str choices: [fgt, rfc-5424] default: fgt more...
- fwd-compression - Enable/disable compression for better bandwidth efficiency. type: str choices: [disable, enable] default: disable more...
- log-masking-custom - No description for the parameter type: array more...
- log-masking-custom-priority - Prioritize custom fields. type: str choices: [disable, ] default: disable more...
- log-masking-fields - No description for the parameter type: array choices: [user, srcip, srcname, srcmac, dstip, dstname, email, message, domain] more...
- log-masking-key - No description for the parameter type: str more...
- log-masking-status - Enable or disable log field masking. type: str choices: [disable, enable] default: disable more...
- server-addr - Remote server address. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log forwarding.
faz_cli_system_logforward:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_logforward:
agg-archive-types:
- Web_Archive
- Secure_Web_Archive
- Email_Archive
- File_Transfer_Archive
- IM_Archive
- MMS_Archive
- AV_Quarantine
- IPS_Packets
agg-logtypes:
- none
- app-ctrl
- attack
- content
- dlp
- emailfilter
- event
- generic
- history
- traffic
- virus
- webfilter
- netscan
- fct-event
- fct-traffic
- fct-netscan
- waf
- gtp
- dns
- ssh
- ssl
- file-filter
- asset
- protocol
- siem
agg-password: <value of string>
agg-time: <value of integer>
agg-user: <value of string>
device-filter:
-
action: <value in [include, exclude, include-like, ...]>
device: <value of string>
id: <value of integer>
fwd-archive-types:
- Web_Archive
- Email_Archive
- IM_Archive
- File_Transfer_Archive
- MMS_Archive
- AV_Quarantine
- IPS_Packets
- EDISC_Archive
fwd-archives: <value in [disable, enable]>
fwd-facility: <value in [kernel, user, mail, ...]>
fwd-log-source-ip: <value in [local_ip, original_ip]>
fwd-max-delay: <value in [realtime, 1min, 5min]>
fwd-reliable: <value in [disable, enable]>
fwd-secure: <value in [disable, enable]>
fwd-server-type: <value in [syslog, fortianalyzer, cef, ...]>
id: <value of integer>
log-field-exclusion:
-
dev-type: <value in [FortiGate, FortiManager, Syslog, ...]>
field-list: <value of string>
id: <value of integer>
log-type: <value in [app-ctrl, appevent, attack, ...]>
log-field-exclusion-status: <value in [disable, enable]>
log-filter:
-
field: <value in [type, logid, level, ...]>
id: <value of integer>
oper: <value in [=, !=, <, ...]>
value: <value of string>
log-filter-logic: <value in [and, or]>
log-filter-status: <value in [disable, enable]>
mode: <value in [forwarding, aggregation, disable]>
proxy-service: <value in [disable, enable]>
proxy-service-priority: <value of integer>
server-device: <value of string>
server-ip: <value of string>
server-name: <value of string>
server-port: <value of integer>
signature: <value of integer>
sync-metadata:
- sf-topology
- interface-role
- device
- endusr-avatar
fwd-syslog-format: <value in [fgt, rfc-5424]>
fwd-compression: <value in [disable, enable]>
log-masking-custom:
-
field-name: <value of string>
field-type: <value in [string, ip, mac, ...]>
id: <value of integer>
log-masking-custom-priority: <value in [disable, ]>
log-masking-fields:
- user
- srcip
- srcname
- srcmac
- dstip
- dstname
- email
- message
- domain
log-masking-key: <value of string>
log-masking-status: <value in [disable, enable]>
server-addr: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_logforward_devicefilter – Log aggregation client device filters.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_logforward_devicefilter | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- log-forward - The parameter in requested url type: str required: true
- cli_system_logforward_devicefilter - Log aggregation client device filters. type: dict
- action - Include or exclude the specified device. type: str choices: [include, exclude, include-like, exclude-like] default: include more...
- device - Device ID of log client device, or a wildcard expression matching log client device(s) if action is a like action. type: str more...
- id - Device filter ID. type: int default: 0 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log aggregation client device filters.
faz_cli_system_logforward_devicefilter:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
log-forward: <your own value>
state: <value in [present, absent]>
cli_system_logforward_devicefilter:
action: <value in [include, exclude, include-like, ...]>
device: <value of string>
id: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_logforward_logfieldexclusion – Log field exclusion configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_logforward_logfieldexclusion | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- log-forward - The parameter in requested url type: str required: true
- cli_system_logforward_logfieldexclusion - Log field exclusion configuration. type: dict
- dev-type - Device type. type: str choices: [FortiGate, FortiManager, Syslog, FortiMail, FortiWeb, FortiCache, FortiAnalyzer, FortiSandbox, FortiDDoS, FortiNAC, FortiDeceptor, FortiADC, FortiFirewall] default: FortiGate more...
- field-list - List of fields to be excluded. type: str more...
- id - Log field exclusion ID. type: int default: 0 more...
- log-type - Log type. type: str choices: [app-ctrl, appevent, attack, content, dlp, emailfilter, event, generic, history, traffic, virus, voip, webfilter, netscan, waf, gtp, dns, ssh, ssl, file-filter, Asset, protocol, ANY-TYPE] default: traffic more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log field exclusion configuration.
faz_cli_system_logforward_logfieldexclusion:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
log-forward: <your own value>
state: <value in [present, absent]>
cli_system_logforward_logfieldexclusion:
dev-type: <value in [FortiGate, FortiManager, Syslog, ...]>
field-list: <value of string>
id: <value of integer>
log-type: <value in [app-ctrl, appevent, attack, ...]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_logforward_logfilter – Log content filters.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_logforward_logfilter | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- log-forward - The parameter in requested url type: str required: true
- cli_system_logforward_logfilter - Log content filters. type: dict
- field - Field name. type: str choices: [type, logid, level, devid, vd, srcip, srcintf, dstip, dstintf, dstport, user, group, free-text] default: type more...
- id - Log filter ID. type: int default: 0 more...
- oper - Field filter operator. type: str choices: [=, !=, <, >, <=, >=, contain, not-contain, match] default: = more...
- value - Field filter operand or free-text matching expression. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log content filters.
faz_cli_system_logforward_logfilter:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
log-forward: <your own value>
state: <value in [present, absent]>
cli_system_logforward_logfilter:
field: <value in [type, logid, level, ...]>
id: <value of integer>
oper: <value in [=, !=, <, ...]>
value: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_logforward_logmaskingcustom – Log field masking configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- log-forward - The parameter in requested url type: str required: true
- cli_system_logforward_logmaskingcustom - Log field masking configuration. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log field masking configuration.
faz_cli_system_logforward_logmaskingcustom:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
log-forward: <your own value>
state: <value in [present, absent]>
cli_system_logforward_logmaskingcustom:
field-name: <value of string>
field-type: <value in [string, ip, mac, ...]>
id: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_logforwardservice – Log forwarding service.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_logforwardservice | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_logforwardservice - Log forwarding service. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log forwarding service.
faz_cli_system_logforwardservice:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_logforwardservice:
accept-aggregation: <value in [disable, enable]>
aggregation-disk-quota: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_mail – Alert emails.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_mail | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_mail - Alert emails. type: dict
- auth - Enable authentication. type: str choices: [disable, enable] default: disable more...
- id - Mail Service ID. type: str more...
- passwd - No description for the parameter type: str more...
- port - SMTP server port. type: int default: 25 more...
- secure-option - Communication secure option. type: str choices: [default, none, smtps, starttls] default: default more...
- server - SMTP server. type: str more...
- user - SMTP account username. type: str more...
- auth-type - SMTP authentication type. type: str choices: [psk, certificate] default: psk more...
- local-cert - SMTP local certificate. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Alert emails.
faz_cli_system_mail:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_mail:
auth: <value in [disable, enable]>
id: <value of string>
passwd: <value of string>
port: <value of integer>
secure-option: <value in [default, none, smtps, ...]>
server: <value of string>
user: <value of string>
auth-type: <value in [psk, certificate]>
local-cert: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_metadata_admins – Configure admins.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_metadata_admins | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_metadata_admins - Configure admins. type: dict
- fieldlength - Field length. type: str choices: [20, 50, 255] default: 50 more...
- fieldname - Field name. type: str more...
- importance - Field importance. type: str choices: [optional, required] default: required more...
- status - Field status. type: str choices: [disabled, enabled] default: enabled more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure admins.
faz_cli_system_metadata_admins:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_metadata_admins:
fieldlength: <value in [20, 50, 255]>
fieldname: <value of string>
importance: <value in [optional, required]>
status: <value in [disabled, enabled]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_ntp – NTP settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_ntp | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_ntp - NTP settings. type: dict
- ntpserver - No description for the parameter type: array
more...
- authentication - Enable/disable MD5 authentication. type: str choices: [disable, enable] default: disable more...
- id - Time server ID. type: int default: 0 more...
- key - No description for the parameter type: str more...
- key-id - Key ID for authentication. type: int default: 0 more...
- ntpv3 - Enable/disable NTPv3. type: str choices: [disable, enable] default: disable more...
- server - IP address/hostname of NTP Server. type: str more...
- status - Enable/disable NTP. type: str choices: [disable, enable] default: disable more...
- sync_interval - NTP sync interval (min). type: int default: 60 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: NTP settings.
faz_cli_system_ntp:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_ntp:
ntpserver:
-
authentication: <value in [disable, enable]>
id: <value of integer>
key: <value of string>
key-id: <value of integer>
ntpv3: <value in [disable, enable]>
server: <value of string>
status: <value in [disable, enable]>
sync_interval: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_ntp_ntpserver – NTP server.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_ntp_ntpserver | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_ntp_ntpserver - NTP server. type: dict
- authentication - Enable/disable MD5 authentication. type: str choices: [disable, enable] default: disable more...
- id - Time server ID. type: int default: 0 more...
- key - No description for the parameter type: str more...
- key-id - Key ID for authentication. type: int default: 0 more...
- ntpv3 - Enable/disable NTPv3. type: str choices: [disable, enable] default: disable more...
- server - IP address/hostname of NTP Server. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: NTP server.
faz_cli_system_ntp_ntpserver:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_ntp_ntpserver:
authentication: <value in [disable, enable]>
id: <value of integer>
key: <value of string>
key-id: <value of integer>
ntpv3: <value in [disable, enable]>
server: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_passwordpolicy – Password policy.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_passwordpolicy | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_passwordpolicy - Password policy. type: dict
- change-4-characters - Enable/disable changing at least 4 characters for new password. type: str choices: [disable, enable] default: disable more...
- expire - Number of days after which admin users password will expire (0 - 3650, 0 = never expire). type: int default: 0 more...
- minimum-length - Minimum password length. type: int default: 8 more...
- must-contain - No description for the parameter type: array choices: [upper-case-letter, lower-case-letter, number, non-alphanumeric] more...
- status - Enable/disable password policy. type: str choices: [disable, enable] default: disable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Password policy.
faz_cli_system_passwordpolicy:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_passwordpolicy:
change-4-characters: <value in [disable, enable]>
expire: <value of integer>
minimum-length: <value of integer>
must-contain:
- upper-case-letter
- lower-case-letter
- number
- non-alphanumeric
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_report_autocache – Report auto-cache settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_report_autocache | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_report_autocache - Report auto-cache settings. type: dict
- aggressive-schedule - Enable/disable auto-cache on schedule reports aggressively. type: str choices: [disable, enable] default: disable more...
- order - The order of which SQL log table is processed first. type: str choices: [oldest-first] default: oldest-first more...
- status - Enable/disable sql report auto cache. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Report auto-cache settings.
faz_cli_system_report_autocache:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_report_autocache:
aggressive-schedule: <value in [disable, enable]>
order: <value in [oldest-first]>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_report_estbrowsetime – Report estimated browse time settings
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_report_estbrowsetime | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_report_estbrowsetime - Report estimated browse time settings type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Report estimated browse time settings
faz_cli_system_report_estbrowsetime:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_report_estbrowsetime:
max-read-time: <value of integer>
status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_report_group – Report group.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_report_group | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_report_group - Report group. type: dict
- adom - Admin domain name. type: str more...
- case-insensitive - Case insensitive. type: str choices: [disable, enable] default: enable more...
- chart-alternative - No description for the parameter type: array more...
- group-by - No description for the parameter type: array more...
- group-id - Group ID. type: int default: 0 more...
- report-like - Report pattern. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Report group.
faz_cli_system_report_group:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_report_group:
adom: <value of string>
case-insensitive: <value in [disable, enable]>
chart-alternative:
-
chart-name: <value of string>
chart-replace: <value of string>
group-by:
-
var-expression: <value of string>
var-name: <value of string>
var-type: <value in [integer, string, enum, ...]>
group-id: <value of integer>
report-like: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_report_group_chartalternative – Chart alternatives.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_report_group_chartalternative | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- group - The parameter in requested url type: str required: true
- cli_system_report_group_chartalternative - Chart alternatives. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Chart alternatives.
faz_cli_system_report_group_chartalternative:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
group: <your own value>
state: <value in [present, absent]>
cli_system_report_group_chartalternative:
chart-name: <value of string>
chart-replace: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_report_group_groupby – Group-by variables.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_report_group_groupby | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- group - The parameter in requested url type: str required: true
- cli_system_report_group_groupby - Group-by variables. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Group-by variables.
faz_cli_system_report_group_groupby:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
group: <your own value>
state: <value in [present, absent]>
cli_system_report_group_groupby:
var-expression: <value of string>
var-name: <value of string>
var-type: <value in [integer, string, enum, ...]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_report_setting – Report settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_report_setting | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_report_setting - Report settings. type: dict
- aggregate-report - Enable/disable including a group report along with the per-device reports. type: str choices: [disable, enable] default: disable more...
- capwap-port - Exclude capwap traffic by port. type: int default: 5246 more...
- capwap-service - Exclude capwap traffic by service. type: str more...
- exclude-capwap - Exclude capwap traffic. type: str choices: [disable, by-port, by-service] default: by-port more...
- hcache-lossless - Usableness of ready-with-loss hcaches. type: str choices: [disable, enable] default: disable more...
- ldap-cache-timeout - LDAP cache timeout in minutes, default 60, 0 means not use cache. type: int default: 60 more...
- max-table-rows - Maximum number of rows can be generated in a single table. type: int default: 10000 more...
- report-priority - Priority of sql report. type: str choices: [high, low, auto] default: auto more...
- template-auto-install - The language used for new ADOMs (default = default). type: str choices: [default, english] default: default more...
- week-start - Day of the week on which the week starts. type: str choices: [sun, mon] default: sun more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Report settings.
faz_cli_system_report_setting:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_report_setting:
aggregate-report: <value in [disable, enable]>
capwap-port: <value of integer>
capwap-service: <value of string>
exclude-capwap: <value in [disable, by-port, by-service]>
hcache-lossless: <value in [disable, enable]>
ldap-cache-timeout: <value of integer>
max-table-rows: <value of integer>
report-priority: <value in [high, low, auto]>
template-auto-install: <value in [default, english]>
week-start: <value in [sun, mon]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_route – Routing table configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_route | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_route - Routing table configuration. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Routing table configuration.
faz_cli_system_route:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_route:
device: <value of string>
dst: <value of string>
gateway: <value of string>
seq_num: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_route6 – Routing table configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_route6 | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_route6 - Routing table configuration. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Routing table configuration.
faz_cli_system_route6:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_route6:
device: <value of string>
dst: <value of string>
gateway: <value of string>
prio: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_saml – Global settings for SAML authentication.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_saml | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_saml - Global settings for SAML authentication. type: dict
- acs-url - SP ACS(login) URL. type: str more...
- cert - Certificate name. type: str more...
- default-profile - Default Profile Name. type: str default: Restricted_User more...
- entity-id - SP entity ID. type: str more...
- fabric-idp - No description for the parameter type: array
more...
- dev-id - IDP Device ID. type: str more...
- idp-cert - IDP Certificate name. type: str more...
- idp-entity-id - IDP entity ID. type: str more...
- idp-single-logout-url - IDP single logout url. type: str more...
- idp-single-sign-on-url - IDP single sign-on URL. type: str more...
- idp-status - Enable/disable SAML authentication (default = disable). type: str choices: [disable, enable] default: disable more...
- idp-cert - IDP Certificate name. type: str more...
- idp-entity-id - IDP entity ID. type: str more...
- idp-single-logout-url - IDP single logout url. type: str more...
- idp-single-sign-on-url - IDP single sign-on URL. type: str more...
- login-auto-redirect - Enable/Disable auto redirect to IDP login page. type: str choices: [disable, enable] default: disable more...
- role - SAML role. type: str choices: [IDP, SP, FAB-SP] default: SP more...
- server-address - server address. type: str more...
- service-providers - No description for the parameter type: array
more...
- idp-entity-id - IDP Entity ID. type: str more...
- idp-single-logout-url - IDP single logout url. type: str more...
- idp-single-sign-on-url - IDP single sign-on URL. type: str more...
- name - Name. type: str more...
- prefix - Prefix. type: str more...
- sp-cert - SP certificate name. type: str more...
- sp-entity-id - SP Entity ID. type: str more...
- sp-single-logout-url - SP single logout URL. type: str more...
- sp-single-sign-on-url - SP single sign-on URL. type: str more...
- sls-url - SP SLS(logout) URL. type: str more...
- status - Enable/disable SAML authentication (default = disable). type: str choices: [disable, enable] default: disable more...
- forticloud-sso - Enable/disable FortiCloud SSO (default = disable). type: str choices: [disable, enable] default: disable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Global settings for SAML authentication.
faz_cli_system_saml:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_saml:
acs-url: <value of string>
cert: <value of string>
default-profile: <value of string>
entity-id: <value of string>
fabric-idp:
-
dev-id: <value of string>
idp-cert: <value of string>
idp-entity-id: <value of string>
idp-single-logout-url: <value of string>
idp-single-sign-on-url: <value of string>
idp-status: <value in [disable, enable]>
idp-cert: <value of string>
idp-entity-id: <value of string>
idp-single-logout-url: <value of string>
idp-single-sign-on-url: <value of string>
login-auto-redirect: <value in [disable, enable]>
role: <value in [IDP, SP, FAB-SP]>
server-address: <value of string>
service-providers:
-
idp-entity-id: <value of string>
idp-single-logout-url: <value of string>
idp-single-sign-on-url: <value of string>
name: <value of string>
prefix: <value of string>
sp-cert: <value of string>
sp-entity-id: <value of string>
sp-single-logout-url: <value of string>
sp-single-sign-on-url: <value of string>
sls-url: <value of string>
status: <value in [disable, enable]>
forticloud-sso: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_saml_fabricidp – Authorized identity providers.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_saml_fabricidp | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_saml_fabricidp - Authorized identity providers. type: dict
- dev-id - IDP Device ID. type: str more...
- idp-cert - IDP Certificate name. type: str more...
- idp-entity-id - IDP entity ID. type: str more...
- idp-single-logout-url - IDP single logout url. type: str more...
- idp-single-sign-on-url - IDP single sign-on URL. type: str more...
- idp-status - Enable/disable SAML authentication (default = disable). type: str choices: [disable, enable] default: disable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Authorized identity providers.
faz_cli_system_saml_fabricidp:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_saml_fabricidp:
dev-id: <value of string>
idp-cert: <value of string>
idp-entity-id: <value of string>
idp-single-logout-url: <value of string>
idp-single-sign-on-url: <value of string>
idp-status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_saml_serviceproviders – Authorized service providers.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_saml_serviceproviders | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_saml_serviceproviders - Authorized service providers. type: dict
- idp-entity-id - IDP Entity ID. type: str more...
- idp-single-logout-url - IDP single logout url. type: str more...
- idp-single-sign-on-url - IDP single sign-on URL. type: str more...
- name - Name. type: str more...
- prefix - Prefix. type: str more...
- sp-cert - SP certificate name. type: str more...
- sp-entity-id - SP Entity ID. type: str more...
- sp-single-logout-url - SP single logout URL. type: str more...
- sp-single-sign-on-url - SP single sign-on URL. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Authorized service providers.
faz_cli_system_saml_serviceproviders:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_saml_serviceproviders:
idp-entity-id: <value of string>
idp-single-logout-url: <value of string>
idp-single-sign-on-url: <value of string>
name: <value of string>
prefix: <value of string>
sp-cert: <value of string>
sp-entity-id: <value of string>
sp-single-logout-url: <value of string>
sp-single-sign-on-url: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_sniffer – Interface sniffer.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_sniffer | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_sniffer - Interface sniffer. type: dict
- host - Hosts to filter for in sniffer traffic type: str more...
- id - Sniffer ID. type: int default: 0 more...
- interface - Interface. type: str more...
- ipv6 - Enable/disable sniffing IPv6 packets. type: str choices: [disable, enable] default: disable more...
- max-packet-count - Maximum packet count (1000000, default = 4000). type: int default: 4000 more...
- non-ip - Enable/disable sniffing non-IP packets. type: str choices: [disable, enable] default: disable more...
- port - Ports to sniff (Format examples: 10, 100-200). type: str more...
- protocol - Integer value for the protocol type as defined by IANA (0 - 255). type: str more...
- vlan - List of VLANs to sniff. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Interface sniffer.
faz_cli_system_sniffer:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_sniffer:
host: <value of string>
id: <value of integer>
interface: <value of string>
ipv6: <value in [disable, enable]>
max-packet-count: <value of integer>
non-ip: <value in [disable, enable]>
port: <value of string>
protocol: <value of string>
vlan: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_snmp_community – SNMP community configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_snmp_community | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_snmp_community - SNMP community configuration. type: dict
- events - No description for the parameter type: array choices: [disk_low, intf_ip_chg, sys_reboot, cpu_high, mem_low, log-alert, log-rate, log-data-rate, lic-gbday, lic-dev-quota, cpu-high-exclude-nice] more...
- hosts - No description for the parameter type: array more...
- hosts6 - No description for the parameter type: array more...
- id - Community ID. type: int default: 0 more...
- name - Community name. type: str more...
- query_v1_port - SNMP v1 query port. type: int default: 161 more...
- query_v1_status - Enable/disable SNMP v1 query. type: str choices: [disable, enable] default: enable more...
- query_v2c_port - SNMP v2c query port. type: int default: 161 more...
- query_v2c_status - Enable/disable SNMP v2c query. type: str choices: [disable, enable] default: enable more...
- status - Enable/disable community. type: str choices: [disable, enable] default: enable more...
- trap_v1_rport - SNMP v1 trap remote port. type: int default: 162 more...
- trap_v1_status - Enable/disable SNMP v1 trap. type: str choices: [disable, enable] default: enable more...
- trap_v2c_rport - SNMP v2c trap remote port. type: int default: 162 more...
- trap_v2c_status - Enable/disable SNMP v2c trap. type: str choices: [disable, enable] default: enable more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: SNMP community configuration.
faz_cli_system_snmp_community:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_snmp_community:
events:
- disk_low
- intf_ip_chg
- sys_reboot
- cpu_high
- mem_low
- log-alert
- log-rate
- log-data-rate
- lic-gbday
- lic-dev-quota
- cpu-high-exclude-nice
hosts:
-
id: <value of integer>
interface: <value of string>
ip: <value of string>
hosts6:
-
id: <value of integer>
interface: <value of string>
ip: <value of string>
id: <value of integer>
name: <value of string>
query_v1_port: <value of integer>
query_v1_status: <value in [disable, enable]>
query_v2c_port: <value of integer>
query_v2c_status: <value in [disable, enable]>
status: <value in [disable, enable]>
trap_v1_rport: <value of integer>
trap_v1_status: <value in [disable, enable]>
trap_v2c_rport: <value of integer>
trap_v2c_status: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_snmp_community_hosts – Allow hosts configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_snmp_community_hosts | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- community - The parameter in requested url type: str required: true
- cli_system_snmp_community_hosts - Allow hosts configuration. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Allow hosts configuration.
faz_cli_system_snmp_community_hosts:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
community: <your own value>
state: <value in [present, absent]>
cli_system_snmp_community_hosts:
id: <value of integer>
interface: <value of string>
ip: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_snmp_community_hosts6 – Allow hosts configuration for IPv6.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_snmp_community_hosts6 | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- community - The parameter in requested url type: str required: true
- cli_system_snmp_community_hosts6 - Allow hosts configuration for IPv6. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Allow hosts configuration for IPv6.
faz_cli_system_snmp_community_hosts6:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
community: <your own value>
state: <value in [present, absent]>
cli_system_snmp_community_hosts6:
id: <value of integer>
interface: <value of string>
ip: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_snmp_sysinfo – SNMP configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_snmp_sysinfo | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_snmp_sysinfo - SNMP configuration. type: dict
- contact_info - Contact information. type: str more...
- description - System description. type: str more...
- engine-id - Local SNMP engineID string (maximum 24 characters). type: str more...
- fortianalyzer-legacy-sysoid - Enable legacy FortiAnalyzer sysObjectOID. type: str choices: [disable, enable] default: disable more...
- location - System location. type: str more...
- status - Enable/disable SNMP. type: str choices: [disable, enable] default: disable more...
- trap-cpu-high-exclude-nice-threshold - SNMP trap for CPU usage threshold (exclude NICE processes). type: int default: 80 more...
- trap-high-cpu-threshold - SNMP trap for CPU usage threshold. type: int default: 80 more...
- trap-low-memory-threshold - SNMP trap for memory usage threshold. type: int default: 80 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: SNMP configuration.
faz_cli_system_snmp_sysinfo:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_snmp_sysinfo:
contact_info: <value of string>
description: <value of string>
engine-id: <value of string>
fortianalyzer-legacy-sysoid: <value in [disable, enable]>
location: <value of string>
status: <value in [disable, enable]>
trap-cpu-high-exclude-nice-threshold: <value of integer>
trap-high-cpu-threshold: <value of integer>
trap-low-memory-threshold: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_snmp_user – SNMP user configuration.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_snmp_user | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_snmp_user - SNMP user configuration. type: dict
- auth-proto - Authentication protocol. type: str choices: [md5, sha] default: sha more...
- auth-pwd - No description for the parameter type: str more...
- events - No description for the parameter type: array choices: [disk_low, intf_ip_chg, sys_reboot, cpu_high, mem_low, log-alert, log-rate, log-data-rate, lic-gbday, lic-dev-quota, cpu-high-exclude-nice] more...
- name - SNMP user name. type: str more...
- notify-hosts - Hosts to send notifications (traps) to. type: str more...
- notify-hosts6 - IPv6 hosts to send notifications (traps) to. type: str more...
- priv-proto - Privacy (encryption) protocol. type: str choices: [aes, des] default: aes more...
- priv-pwd - No description for the parameter type: str more...
- queries - Enable/disable queries for this user. type: str choices: [disable, enable] default: enable more...
- query-port - SNMPv3 query port. type: int default: 161 more...
- security-level - Security level for message authentication and encryption. type: str choices: [no-auth-no-priv, auth-no-priv, auth-priv] default: no-auth-no-priv more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: SNMP user configuration.
faz_cli_system_snmp_user:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_snmp_user:
auth-proto: <value in [md5, sha]>
auth-pwd: <value of string>
events:
- disk_low
- intf_ip_chg
- sys_reboot
- cpu_high
- mem_low
- log-alert
- log-rate
- log-data-rate
- lic-gbday
- lic-dev-quota
- cpu-high-exclude-nice
name: <value of string>
notify-hosts: <value of string>
notify-hosts6: <value of string>
priv-proto: <value in [aes, des]>
priv-pwd: <value of string>
queries: <value in [disable, enable]>
query-port: <value of integer>
security-level: <value in [no-auth-no-priv, auth-no-priv, auth-priv]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_socfabric – SOC Fabric.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_socfabric - SOC Fabric. type: dict
- name - Fabric name. type: str more...
- port - communication port (1 - 65535). type: int default: 6443 more...
- psk - No description for the parameter type: str more...
- role - Enable or Disable SOC Fabric. type: str choices: [member, supervisor] default: member more...
- secure-connection - Enable or Disable SSL/TLS. type: str choices: [disable, enable] default: enable more...
- status - Enable or Disable SOC Fabric. type: str choices: [disable, enable] default: disable more...
- supervisor - IP/FQDN of supervisor. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: SOC Fabric.
faz_cli_system_socfabric:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_socfabric:
name: <value of string>
port: <value of integer>
psk: <value of string>
role: <value in [member, supervisor]>
secure-connection: <value in [disable, enable]>
status: <value in [disable, enable]>
supervisor: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_sql – SQL settings.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_sql | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- cli_system_sql - SQL settings. type: dict
- background-rebuild - Disable/Enable rebuild SQL database in the background. type: str choices: [disable, enable] default: enable more...
- custom-index - No description for the parameter type: array
more...
- case-sensitive - Disable/Enable case sensitive index. type: str choices: [disable, enable] default: disable more...
- device-type - Device type. type: str choices: [FortiGate, FortiMail, FortiWeb, FortiManager, FortiClient, FortiCache, FortiSandbox, FortiDDoS, FortiAuthenticator, FortiProxy] default: FortiGate more...
- id - Add or Edit log index fields. type: int default: 0 more...
- index-field - Log field name to be indexed. type: str more...
- log-type - Log type. type: str choices: [app-ctrl, attack, content, dlp, emailfilter, event, generic, history, traffic, virus, voip, webfilter, netscan, fct-event, fct-traffic, fct-netscan, waf, gtp, dns, ssh, ssl, file-filter, asset, protocol, none, siem] default: app-ctrl more...
- custom-skipidx - No description for the parameter type: array
more...
- device-type - Device type. type: str choices: [FortiGate, FortiManager, FortiClient, FortiMail, FortiWeb, FortiSandbox, FortiProxy] default: FortiGate more...
- id - Add or Edit log index fields. type: int default: 0 more...
- index-field - Field to be added to skip index. type: str more...
- log-type - Log type. type: str choices: [app-ctrl, attack, content, dlp, emailfilter, event, generic, history, traffic, virus, voip, webfilter, netscan, fct-event, fct-traffic, fct-netscan, waf, gtp, dns, ssh, ssl, file-filter, asset, protocol, siem] default: app-ctrl more...
- database-name - Database name. type: str more...
- database-type - Database type. type: str choices: [mysql, postgres] default: postgres more...
- device-count-high - Must set to enable if the count of registered devices is greater than 8000. type: str choices: [disable, enable] default: disable more...
- event-table-partition-time - Maximum SQL database table partitioning time range in minute (0 for unlimited) for event logs. type: int default: 0 more...
- fct-table-partition-time - Maximum SQL database table partitioning time range in minute (0 for unlimited) for FortiClient logs. type: int default: 240 more...
- logtype - No description for the parameter type: array choices: [none, app-ctrl, attack, content, dlp, emailfilter, event, generic, history, traffic, virus, voip, webfilter, netscan, fct-event, fct-traffic, fct-netscan, waf, gtp, dns, ssh, ssl, file-filter, asset, protocol, siem] more...
- password - No description for the parameter type: str more...
- prompt-sql-upgrade - Prompt to convert log database into SQL database at start time on GUI. type: str choices: [disable, enable] default: enable more...
- rebuild-event - Disable/Enable rebuild event during SQL database rebuilding. type: str choices: [disable, enable] default: enable more...
- rebuild-event-start-time - No description for the parameter type: str more...
- server - Database IP or hostname. type: str more...
- start-time - No description for the parameter type: str more...
- status - SQL database status. type: str choices: [disable, local] default: local more...
- text-search-index - Disable/Enable text search index. type: str choices: [disable, enable] default: disable more...
- traffic-table-partition-time - Maximum SQL database table partitioning time range in minute (0 for unlimited) for traffic logs. type: int default: 0 more...
- ts-index-field - No description for the parameter type: array more...
- username - User name for login remote database. type: str more...
- utm-table-partition-time - Maximum SQL database table partitioning time range in minute (0 for unlimited) for UTM logs. type: int default: 0 more...
- compress-table-min-age - Minimum age in days for SQL tables to be compressed. type: int default: 7 more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: SQL settings.
faz_cli_system_sql:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
cli_system_sql:
background-rebuild: <value in [disable, enable]>
custom-index:
-
case-sensitive: <value in [disable, enable]>
device-type: <value in [FortiGate, FortiMail, FortiWeb, ...]>
id: <value of integer>
index-field: <value of string>
log-type: <value in [app-ctrl, attack, content, ...]>
custom-skipidx:
-
device-type: <value in [FortiGate, FortiManager, FortiClient, ...]>
id: <value of integer>
index-field: <value of string>
log-type: <value in [app-ctrl, attack, content, ...]>
database-name: <value of string>
database-type: <value in [mysql, postgres]>
device-count-high: <value in [disable, enable]>
event-table-partition-time: <value of integer>
fct-table-partition-time: <value of integer>
logtype:
- none
- app-ctrl
- attack
- content
- dlp
- emailfilter
- event
- generic
- history
- traffic
- virus
- voip
- webfilter
- netscan
- fct-event
- fct-traffic
- fct-netscan
- waf
- gtp
- dns
- ssh
- ssl
- file-filter
- asset
- protocol
- siem
password: <value of string>
prompt-sql-upgrade: <value in [disable, enable]>
rebuild-event: <value in [disable, enable]>
rebuild-event-start-time: <value of string>
server: <value of string>
start-time: <value of string>
status: <value in [disable, local]>
text-search-index: <value in [disable, enable]>
traffic-table-partition-time: <value of integer>
ts-index-field:
-
category: <value of string>
value: <value of string>
username: <value of string>
utm-table-partition-time: <value of integer>
compress-table-min-age: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_sql_customindex – List of SQL index fields.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_sql_customindex | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_sql_customindex - List of SQL index fields. type: dict
- case-sensitive - Disable/Enable case sensitive index. type: str choices: [disable, enable] default: disable more...
- device-type - Device type. type: str choices: [FortiGate, FortiMail, FortiWeb, FortiManager, FortiClient, FortiCache, FortiSandbox, FortiDDoS, FortiAuthenticator, FortiProxy] default: FortiGate more...
- id - Add or Edit log index fields. type: int default: 0 more...
- index-field - Log field name to be indexed. type: str more...
- log-type - Log type. type: str choices: [app-ctrl, attack, content, dlp, emailfilter, event, generic, history, traffic, virus, voip, webfilter, netscan, fct-event, fct-traffic, fct-netscan, waf, gtp, dns, ssh, ssl, file-filter, asset, protocol, none, siem] default: app-ctrl more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: List of SQL index fields.
faz_cli_system_sql_customindex:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_sql_customindex:
case-sensitive: <value in [disable, enable]>
device-type: <value in [FortiGate, FortiMail, FortiWeb, ...]>
id: <value of integer>
index-field: <value of string>
log-type: <value in [app-ctrl, attack, content, ...]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_sql_customskipidx – List of aditional SQL skip index fields.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_sql_customskipidx | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_sql_customskipidx - List of aditional SQL skip index fields. type: dict
- device-type - Device type. type: str choices: [FortiGate, FortiManager, FortiClient, FortiMail, FortiWeb, FortiSandbox, FortiProxy] default: FortiGate more...
- id - Add or Edit log index fields. type: int default: 0 more...
- index-field - Field to be added to skip index. type: str more...
- log-type - Log type. type: str choices: [app-ctrl, attack, content, dlp, emailfilter, event, generic, history, traffic, virus, voip, webfilter, netscan, fct-event, fct-traffic, fct-netscan, waf, gtp, dns, ssh, ssl, file-filter, asset, protocol, siem] default: app-ctrl more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: List of aditional SQL skip index fields.
faz_cli_system_sql_customskipidx:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_sql_customskipidx:
device-type: <value in [FortiGate, FortiManager, FortiClient, ...]>
id: <value of integer>
index-field: <value of string>
log-type: <value in [app-ctrl, attack, content, ...]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_sql_tsindexfield – List of SQL text search index fields.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_sql_tsindexfield | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_sql_tsindexfield - List of SQL text search index fields. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: List of SQL text search index fields.
faz_cli_system_sql_tsindexfield:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_sql_tsindexfield:
category: <value of string>
value: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_syslog – Syslog servers.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_syslog | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_syslog - Syslog servers. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Syslog servers.
faz_cli_system_syslog:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_syslog:
ip: <value of string>
name: <value of string>
port: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_workflow_approvalmatrix – workflow approval matrix.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_workflow_approvalmatrix | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- cli_system_workflow_approvalmatrix - workflow approval matrix. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: workflow approval matrix.
faz_cli_system_workflow_approvalmatrix:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
cli_system_workflow_approvalmatrix:
adom-name: <value of string>
approver:
-
member: <value of string>
seq_num: <value of integer>
mail-server: <value of string>
notify: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_cli_system_workflow_approvalmatrix_approver – Approver.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_system_workflow_approvalmatrix_approver | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- approval-matrix - The parameter in requested url type: str required: true
- cli_system_workflow_approvalmatrix_approver - Approver. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Approver.
faz_cli_system_workflow_approvalmatrix_approver:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
approval-matrix: <your own value>
state: <value in [present, absent]>
cli_system_workflow_approvalmatrix_approver:
member: <value of string>
seq_num: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_dvmdb_adom – ADOM table, most attributes are read-only and can only be changed internally.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| dvmdb_adom | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- dvmdb_adom - ADOM table, most attributes are read-only and can only be changed internally. type: dict
- desc - No description for the parameter type: str more...
- flags - No description for the parameter type: array choices: [migration, db_export, no_vpn_console, backup, other_devices, central_sdwan, is_autosync, per_device_wtp, policy_check_on_install, install_on_policy_check_fail, auto_push_cfg, per_device_fsw] more...
- log_db_retention_hours - No description for the parameter type: int default: 1440 more...
- log_disk_quota - No description for the parameter type: int more...
- log_disk_quota_alert_thres - No description for the parameter type: int default: 90 more...
- log_disk_quota_split_ratio - No description for the parameter type: int default: 70 more...
- log_file_retention_hours - No description for the parameter type: int default: 8760 more...
- meta fields - No description for the parameter type: dict more...
- mig_mr - No description for the parameter type: int default: 4 more...
- mig_os_ver - No description for the parameter type: str choices: [unknown, 0.0, 1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 7.0, 8.0] default: 6.0 more...
- mode - ems - (Value no longer used as of 4. type: str choices: [ems, gms, provider] default: gms more...
- mr - No description for the parameter type: int default: 4 more...
- name - No description for the parameter type: str more...
- os_ver - No description for the parameter type: str choices: [unknown, 0.0, 1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 7.0, 8.0] default: 6.0 more...
- restricted_prds - No description for the parameter type: array choices: [fos, foc, fml, fch, fwb, log, fct, faz, fsa, fsw, fmg, fdd, fac, fpx, fna, fdc, fsr, fad, ffw, fap, fxt] more...
- state - No description for the parameter type: int default: 1 more...
- uuid - No description for the parameter type: str more...
- create_time - No description for the parameter type: int more...
- workspace_mode - No description for the parameter type: int more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: ADOM table, most attributes are read-only and can only be changed internally.
faz_dvmdb_adom:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
state: <value in [present, absent]>
dvmdb_adom:
desc: <value of string>
flags:
- migration
- db_export
- no_vpn_console
- backup
- other_devices
- central_sdwan
- is_autosync
- per_device_wtp
- policy_check_on_install
- install_on_policy_check_fail
- auto_push_cfg
- per_device_fsw
log_db_retention_hours: <value of integer>
log_disk_quota: <value of integer>
log_disk_quota_alert_thres: <value of integer>
log_disk_quota_split_ratio: <value of integer>
log_file_retention_hours: <value of integer>
meta fields: <value of dict>
mig_mr: <value of integer>
mig_os_ver: <value in [unknown, 0.0, 1.0, ...]>
mode: <value in [ems, gms, provider]>
mr: <value of integer>
name: <value of string>
os_ver: <value in [unknown, 0.0, 1.0, ...]>
restricted_prds:
- fos
- foc
- fml
- fch
- fwb
- log
- fct
- faz
- fsa
- fsw
- fmg
- fdd
- fac
- fpx
- fna
- fdc
- fsr
- fad
- ffw
- fap
- fxt
state: <value of integer>
uuid: <value of string>
create_time: <value of integer>
workspace_mode: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_dvmdb_adom_objectmember – ADOM table, most attributes are read-only and can only be changed internally.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| dvmdb_adom_objectmember | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- adom - The parameter in requested url type: str required: true
- dvmdb_adom_objectmember - ADOM table, most attributes are read-only and can only be changed internally. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: ADOM table, most attributes are read-only and can only be changed internally.
faz_dvmdb_adom_objectmember:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
state: <value in [present, absent]>
dvmdb_adom_objectmember:
name: <value of string>
vdom: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_dvmdb_device – Device table, most attributes are read-only and can only be changed internally.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| dvmdb_device | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- adom - The parameter in requested url type: str required: true
- device - The parameter in requested url type: str required: true
- dvmdb_device - Device table, most attributes are read-only and can only be changed internally. type: dict
- adm_pass - No description for the parameter type: str more...
- adm_usr - No description for the parameter type: str more...
- app_ver - No description for the parameter type: str more...
- av_ver - No description for the parameter type: str more...
- beta - No description for the parameter type: int more...
- branch_pt - No description for the parameter type: int more...
- build - No description for the parameter type: int more...
- checksum - No description for the parameter type: str more...
- conf_status - No description for the parameter type: str choices: [unknown, insync, outofsync] default: unknown more...
- conn_mode - No description for the parameter type: str choices: [active, passive] default: passive more...
- conn_status - No description for the parameter type: str choices: [UNKNOWN, up, down] default: UNKNOWN more...
- db_status - No description for the parameter type: str choices: [unknown, nomod, mod] default: unknown more...
- desc - No description for the parameter type: str more...
- dev_status - No description for the parameter type: str choices: [none, unknown, checkedin, inprogress, installed, aborted, sched, retry, canceled, pending, retrieved, changed_conf, sync_fail, timeout, rev_revert, auto_updated] default: unknown more...
- fap_cnt - No description for the parameter type: int more...
- faz.full_act - No description for the parameter type: int more...
- faz.perm - No description for the parameter type: int more...
- faz.quota - No description for the parameter type: int more...
- faz.used - No description for the parameter type: int more...
- fex_cnt - No description for the parameter type: int more...
- flags - No description for the parameter type: array choices: [has_hdd, vdom_enabled, discover, reload, interim_build, offline_mode, is_model, fips_mode, linked_to_model, ip-conflict, faz-autosync] more...
- foslic_cpu - VM Meter vCPU count. type: int more...
- foslic_dr_site - VM Meter DR Site status. type: str choices: [disable, enable] default: disable more...
- foslic_inst_time - VM Meter first deployment time (in UNIX timestamp). type: int more...
- foslic_last_sync - VM Meter last synchronized time (in UNIX timestamp). type: int more...
- foslic_ram - VM Meter device RAM size (in MB). type: int more...
- foslic_type - VM Meter license type. type: str choices: [temporary, trial, regular, trial_expired] default: temporary more...
- foslic_utm - No description for the parameter type: array choices: [fw, av, ips, app, url, utm, fwb] more...
- fsw_cnt - No description for the parameter type: int more...
- ha_group_id - No description for the parameter type: int more...
- ha_group_name - No description for the parameter type: str more...
- ha_mode - enabled - Value reserved for non-FOS HA devices. type: str choices: [standalone, AP, AA, ELBC, DUAL, enabled, unknown, fmg-enabled, autoscale] default: standalone more...
- hdisk_size - No description for the parameter type: int more...
- hostname - No description for the parameter type: str more...
- hw_rev_major - No description for the parameter type: int more...
- hw_rev_minor - No description for the parameter type: int more...
- ip - No description for the parameter type: str more...
- ips_ext - No description for the parameter type: int more...
- ips_ver - No description for the parameter type: str more...
- last_checked - No description for the parameter type: int more...
- last_resync - No description for the parameter type: int more...
- latitude - No description for the parameter type: str more...
- lic_flags - No description for the parameter type: int more...
- lic_region - No description for the parameter type: str more...
- location_from - No description for the parameter type: str more...
- logdisk_size - No description for the parameter type: int more...
- longitude - No description for the parameter type: str more...
- maxvdom - No description for the parameter type: int default: 10 more...
- meta fields - No description for the parameter type: dict more...
- mgmt_id - No description for the parameter type: int more...
- mgmt_if - No description for the parameter type: str more...
- mgmt_mode - No description for the parameter type: str choices: [unreg, fmg, faz, fmgfaz] default: unreg more...
- mgt_vdom - No description for the parameter type: str more...
- module_sn - No description for the parameter type: str more...
- mr - No description for the parameter type: int default: -1 more...
- name - Unique name for the device. type: str more...
- os_type - No description for the parameter type: str choices: [unknown, fos, fsw, foc, fml, faz, fwb, fch, fct, log, fmg, fsa, fdd, fac, fpx, fna, fdc, fsr, fad, ffw, fap, fxt] default: unknown more...
- os_ver - No description for the parameter type: str choices: [unknown, 0.0, 1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 7.0, 8.0] default: unknown more...
- patch - No description for the parameter type: int more...
- platform_str - No description for the parameter type: str more...
- prefer_img_ver - No description for the parameter type: str more...
- psk - No description for the parameter type: str more...
- sn - Unique value for each device. type: str more...
- vdom - No description for the parameter type: array
more...
- comments - No description for the parameter type: str more...
- name - No description for the parameter type: str more...
- opmode - No description for the parameter type: str choices: [nat, transparent] default: nat more...
- rtm_prof_id - No description for the parameter type: int more...
- status - No description for the parameter type: str more...
- vpn_id - No description for the parameter type: int more...
- meta fields - No description for the parameter type: dict more...
- version - No description for the parameter type: int more...
- vm_cpu - No description for the parameter type: int more...
- vm_cpu_limit - No description for the parameter type: int more...
- vm_lic_expire - No description for the parameter type: int more...
- vm_mem - No description for the parameter type: int more...
- vm_mem_limit - No description for the parameter type: int more...
- vm_status - No description for the parameter type: int more...
- prio - No description for the parameter type: int more...
- role - No description for the parameter type: str choices: [master, ha-slave, autoscale-slave] default: master more...
- hyperscale - No description for the parameter type: int more...
- nsxt_service_name - No description for the parameter type: str more...
- private_key - No description for the parameter type: str more...
- private_key_status - No description for the parameter type: int more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Device table, most attributes are read-only and can only be changed internally.
faz_dvmdb_device:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
device: <your own value>
dvmdb_device:
adm_pass: <value of string>
adm_usr: <value of string>
app_ver: <value of string>
av_ver: <value of string>
beta: <value of integer>
branch_pt: <value of integer>
build: <value of integer>
checksum: <value of string>
conf_status: <value in [unknown, insync, outofsync]>
conn_mode: <value in [active, passive]>
conn_status: <value in [UNKNOWN, up, down]>
db_status: <value in [unknown, nomod, mod]>
desc: <value of string>
dev_status: <value in [none, unknown, checkedin, ...]>
fap_cnt: <value of integer>
faz.full_act: <value of integer>
faz.perm: <value of integer>
faz.quota: <value of integer>
faz.used: <value of integer>
fex_cnt: <value of integer>
flags:
- has_hdd
- vdom_enabled
- discover
- reload
- interim_build
- offline_mode
- is_model
- fips_mode
- linked_to_model
- ip-conflict
- faz-autosync
foslic_cpu: <value of integer>
foslic_dr_site: <value in [disable, enable]>
foslic_inst_time: <value of integer>
foslic_last_sync: <value of integer>
foslic_ram: <value of integer>
foslic_type: <value in [temporary, trial, regular, ...]>
foslic_utm:
- fw
- av
- ips
- app
- url
- utm
- fwb
fsw_cnt: <value of integer>
ha_group_id: <value of integer>
ha_group_name: <value of string>
ha_mode: <value in [standalone, AP, AA, ...]>
hdisk_size: <value of integer>
hostname: <value of string>
hw_rev_major: <value of integer>
hw_rev_minor: <value of integer>
ip: <value of string>
ips_ext: <value of integer>
ips_ver: <value of string>
last_checked: <value of integer>
last_resync: <value of integer>
latitude: <value of string>
lic_flags: <value of integer>
lic_region: <value of string>
location_from: <value of string>
logdisk_size: <value of integer>
longitude: <value of string>
maxvdom: <value of integer>
meta fields: <value of dict>
mgmt_id: <value of integer>
mgmt_if: <value of string>
mgmt_mode: <value in [unreg, fmg, faz, ...]>
mgt_vdom: <value of string>
module_sn: <value of string>
mr: <value of integer>
name: <value of string>
os_type: <value in [unknown, fos, fsw, ...]>
os_ver: <value in [unknown, 0.0, 1.0, ...]>
patch: <value of integer>
platform_str: <value of string>
prefer_img_ver: <value of string>
psk: <value of string>
sn: <value of string>
vdom:
-
comments: <value of string>
name: <value of string>
opmode: <value in [nat, transparent]>
rtm_prof_id: <value of integer>
status: <value of string>
vpn_id: <value of integer>
meta fields: <value of dict>
version: <value of integer>
vm_cpu: <value of integer>
vm_cpu_limit: <value of integer>
vm_lic_expire: <value of integer>
vm_mem: <value of integer>
vm_mem_limit: <value of integer>
vm_status: <value of integer>
prio: <value of integer>
role: <value in [master, ha-slave, autoscale-slave]>
hyperscale: <value of integer>
nsxt_service_name: <value of string>
private_key: <value of string>
private_key_status: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_dvmdb_device_vdom – Device VDOM table.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| dvmdb_device_vdom | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- adom - The parameter in requested url type: str required: true
- device - The parameter in requested url type: str required: true
- dvmdb_device_vdom - Device VDOM table. type: dict
- comments - No description for the parameter type: str more...
- name - No description for the parameter type: str more...
- opmode - No description for the parameter type: str choices: [nat, transparent] default: nat more...
- rtm_prof_id - No description for the parameter type: int more...
- status - No description for the parameter type: str more...
- vpn_id - No description for the parameter type: int more...
- meta fields - No description for the parameter type: dict more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Device VDOM table.
faz_dvmdb_device_vdom:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
device: <your own value>
state: <value in [present, absent]>
dvmdb_device_vdom:
comments: <value of string>
name: <value of string>
opmode: <value in [nat, transparent]>
rtm_prof_id: <value of integer>
status: <value of string>
vpn_id: <value of integer>
meta fields: <value of dict>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_dvmdb_folder
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- adom - The parameter in requested url type: str required: true
- dvmdb_folder - no description type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: no description
faz_dvmdb_folder:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
state: <value in [present, absent]>
dvmdb_folder:
desc: <value of string>
name: <value of string>
parent: <value of integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_dvmdb_group – Device group table.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| dvmdb_group | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- adom - The parameter in requested url type: str required: true
- dvmdb_group - Device group table. type: dict
- desc - No description for the parameter type: str more...
- meta fields - No description for the parameter type: dict more...
- name - No description for the parameter type: str more...
- os_type - No description for the parameter type: str choices: [unknown, fos, fsw, foc, fml, faz, fwb, fch, fct, log, fmg, fsa, fdd, fac, fpx, fna, fdc, fsr, fad, ffw, fap, fxt] default: unknown more...
- type - No description for the parameter type: str choices: [normal, default, auto] default: normal more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Device group table.
faz_dvmdb_group:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
state: <value in [present, absent]>
dvmdb_group:
desc: <value of string>
meta fields: <value of dict>
name: <value of string>
os_type: <value in [unknown, fos, fsw, ...]>
type: <value in [normal, default, auto]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_dvmdb_group_objectmember – Device group table.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| dvmdb_group_objectmember | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- adom - The parameter in requested url type: str required: true
- group - The parameter in requested url type: str required: true
- dvmdb_group_objectmember - Device group table. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Device group table.
faz_dvmdb_group_objectmember:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
group: <your own value>
state: <value in [present, absent]>
dvmdb_group_objectmember:
name: <value of string>
vdom: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
Facts Gathering Modules
The modules to gather FortiAnalyzer facts are invoking get method for the FortiAnalyzer managed objects.
faz_fact – Gather FortiAnalyzer Facts.
New in version 2.10.
Synopsis
- This module is able to configure a FortiAnalyzer device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiAnalyzer v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- workspace_locking_adom - Acquire the workspace lock if FortiAnalyzer is running in workspace mode type: str required: false choices: global, custom adom including root
- workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock type: integer required: false default: 300
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- facts - Gathering fortianalyzer facts. type: dict
- filter - Item filtering expression list: only items matching all the filters are returned type: list required: false
- fields - Field filtering expression list: only fields matching all the filters are returned for an item type: list required: false
- sortings - Sorting rules list: items are returned in ascending(1) or descending(-1) order of fields in the listtype: list required: false
- option - Option list: see more details in FNDN API documents.type: list required: false
- selector - selector of the retrieved fortianalyzer facts type: str choices:
- cli_metafields_system_admin_user - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_analyzer_virusreport - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_avips_advancedlog - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_avips_webproxy - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_customurllist - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_diskquota - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_fctservices - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_fdssetting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_fdssetting_pushoverride - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_fdssetting_pushoverridetoclient - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_fdssetting_pushoverridetoclient_announceip - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_fdssetting_serveroverride - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_fdssetting_serveroverride_servlist - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_fdssetting_updateschedule - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_fwmsetting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_multilayer - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_publicnetwork - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_serveraccesspriorities - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_serveraccesspriorities_privateserver - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_serveroverridestatus - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_service - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_webspam_fgdsetting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_webspam_fgdsetting_serveroverride - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_webspam_fgdsetting_serveroverride_servlist - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_fmupdate_webspam_webproxy - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_group - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_group_member - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_ldap - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_ldap_adom - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_profile - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_profile_datamaskcustomfields - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_radius - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_setting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_tacacs - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_user - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_user_adom - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_user_adomexclude - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_user_dashboard - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_user_dashboardtabs - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_user_metadata - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_user_policypackage - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_admin_user_restrictdevvdom - available versions: 6.2.1 6.2.2 6.2.3
- cli_system_alertconsole - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_alertevent - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_alertevent_alertdestination - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_alertemail - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_autodelete - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_autodelete_dlpfilesautodeletion - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_autodelete_logautodeletion - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_autodelete_quarantinefilesautodeletion - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_autodelete_reportautodeletion - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_backup_allsettings - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_centralmanagement - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_certificate_ca - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_certificate_crl - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_certificate_local - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_certificate_oftp - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_certificate_remote - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_certificate_ssh - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_connector - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_dns - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_docker - available versions: 6.2.1 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_fips - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_fortiview_autocache - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_fortiview_setting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_global - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_guiact - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_ha - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_ha_peer - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_ha_privatepeer - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_interface - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_interface_ipv6 - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_disk_filter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_disk_setting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_fortianalyzer_filter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_fortianalyzer_setting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_fortianalyzer2_filter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_fortianalyzer2_setting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_fortianalyzer3_filter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_fortianalyzer3_setting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_memory_filter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_memory_setting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_setting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_syslogd_filter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_syslogd_setting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_syslogd2_filter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_syslogd2_setting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_syslogd3_filter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_locallog_syslogd3_setting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_logfetch_clientprofile - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_logfetch_clientprofile_devicefilter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_logfetch_clientprofile_logfilter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_logfetch_serversettings - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_logforward - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_logforwardservice - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_logforward_devicefilter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_logforward_logfieldexclusion - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_logforward_logfilter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_log_alert - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_log_interfacestats - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_log_ioc - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_log_maildomain - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_log_settings - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_log_settings_rollinganalyzer - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_log_settings_rollinglocal - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_log_settings_rollingregular - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_mail - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_metadata_admins - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_ntp - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_ntp_ntpserver - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_passwordpolicy - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_performance - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_report_autocache - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_report_estbrowsetime - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_report_group - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_report_group_chartalternative - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_report_group_groupby - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_report_setting - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_route - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_route6 - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_saml - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_saml_fabricidp - available versions: 6.2.1 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_saml_serviceproviders - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_sniffer - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_snmp_community - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_snmp_community_hosts - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_snmp_community_hosts6 - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_snmp_sysinfo - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_snmp_user - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_sql - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_sql_customindex - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_sql_customskipidx - available versions: 6.2.1 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_sql_tsindexfield - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_status - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_syslog - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_workflow_approvalmatrix - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- cli_system_workflow_approvalmatrix_approver - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- eventmgmt_adom_
_alertfilter - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - eventmgmt_adom_
_alertlogs - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - eventmgmt_adom_
_alertlogs_count - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - eventmgmt_adom_
_alerts - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - eventmgmt_adom_
_alerts_count - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - eventmgmt_adom_
_alerts_extradetails - available versions: 6.2.1 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - fazsys_adom_
_enduseravatar - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - fazsys_language_fonts_export - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- fazsys_language_fonts_list - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- fazsys_language_translationfile_export - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- fazsys_language_translationfile_list - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- sys_ha_status - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- sys_status - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- ueba_adom_
_endpoints - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - ueba_adom_
_endpoints_stats - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - ueba_adom_
_endusers - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - ueba_adom_
_endusers_stats - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - report_adom_
_reports_data_ - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - report_adom_
_reports_state - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - report_adom_
_run_ - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - report_adom_
_template_export - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - report_adom_root_template_language - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- report_adom_
_template_list - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - task_task - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- task_task_line - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- task_task_line_history - available versions: 6.2.1 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- dvmdb_adom - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- dvmdb_device - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- dvmdb_device_haslave - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- dvmdb_device_vdom - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- dvmdb_group - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- fortiview_adom_
_ - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0_run_ - logview_adom_
_logfields - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - logview_adom_
_logfiles_data - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - logview_adom_
_logfiles_search - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - logview_adom_
_logfiles_state - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - logview_adom_
_logsearch_ - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - logview_adom_
_logstats - available versions: 6.2.1 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - incidentmgmt_adom_
_attachments - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - incidentmgmt_adom_
_attachments_count - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - incidentmgmt_adom_
_incidents - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - incidentmgmt_adom_
_incidents_count - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - ioc_license_state - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- ioc_adom_
_rescan_history - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - ioc_adom_
_rescan_run - available versions: 6.2.1 6.2.2 6.2.3 6.2.5 6.2.6 6.4.1 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - task_task_history - available versions: 6.2.2 6.2.3 6.2.5 6.2.6
- dvmdb_folder - available versions: 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0
- soar_adom_
_config_connectors_ - available versions: 6.4.2 6.4.3 6.4.4 - soar_adom_
_config_playbooks_ - available versions: 6.4.2 6.4.3 6.4.4 - soar_adom_
_fosconnector_automationrules - available versions: 6.4.2 6.4.3 6.4.4 - soar_adom_
_playbook_monitor - available versions: 6.4.2 6.4.3 6.4.4 - soar_adom_
_task_monitor - available versions: 6.4.2 6.4.3 6.4.4 - incidentmgmt_adom_
_epeuhistory - available versions: 6.4.2 6.4.3 6.4.4 6.4.5 7.0.0 - cli_system_log_devicedisable - available versions: 6.4.4 6.4.5 7.0.0
- cli_system_interface_member - available versions: 7.0.0
- cli_system_log_ratelimit - available versions: 7.0.0
- cli_system_log_ratelimit_device - available versions: 7.0.0
- cli_system_logforward_logmaskingcustom - available versions: 7.0.0
- cli_system_socfabric - available versions: 7.0.0
- eventmgmt_adom_
_alerts_export - available versions: 7.0.0
- params - the parameter for each selector type: dict choices:
- params for cli_metafields_system_admin_user:
- params for cli_fmupdate_analyzer_virusreport:
- params for cli_fmupdate_avips_advancedlog:
- params for cli_fmupdate_avips_webproxy:
- params for cli_fmupdate_customurllist:
- params for cli_fmupdate_diskquota:
- params for cli_fmupdate_fctservices:
- params for cli_fmupdate_fdssetting:
- params for cli_fmupdate_fdssetting_pushoverride:
- params for cli_fmupdate_fdssetting_pushoverridetoclient:
- params for cli_fmupdate_fdssetting_pushoverridetoclient_announceip:
- announce-ip
- params for cli_fmupdate_fdssetting_serveroverride:
- params for cli_fmupdate_fdssetting_serveroverride_servlist:
- servlist
- params for cli_fmupdate_fdssetting_updateschedule:
- params for cli_fmupdate_fwmsetting:
- params for cli_fmupdate_multilayer:
- params for cli_fmupdate_publicnetwork:
- params for cli_fmupdate_serveraccesspriorities:
- params for cli_fmupdate_serveraccesspriorities_privateserver:
- private-server
- params for cli_fmupdate_serveroverridestatus:
- params for cli_fmupdate_service:
- params for cli_fmupdate_webspam_fgdsetting:
- params for cli_fmupdate_webspam_fgdsetting_serveroverride:
- params for cli_fmupdate_webspam_fgdsetting_serveroverride_servlist:
- servlist
- params for cli_fmupdate_webspam_webproxy:
- params for cli_system_admin_group:
- group
- params for cli_system_admin_group_member:
- group
- member
- params for cli_system_admin_ldap:
- ldap
- params for cli_system_admin_ldap_adom:
- ldap
- adom
- params for cli_system_admin_profile:
- profile
- params for cli_system_admin_profile_datamaskcustomfields:
- profile
- datamask-custom-fields
- params for cli_system_admin_radius:
- radius
- params for cli_system_admin_setting:
- params for cli_system_admin_tacacs:
- tacacs
- params for cli_system_admin_user:
- user
- params for cli_system_admin_user_adom:
- user
- adom
- params for cli_system_admin_user_adomexclude:
- user
- adom-exclude
- params for cli_system_admin_user_dashboard:
- user
- dashboard
- params for cli_system_admin_user_dashboardtabs:
- user
- dashboard-tabs
- params for cli_system_admin_user_metadata:
- user
- meta-data
- params for cli_system_admin_user_policypackage:
- user
- policy-package
- params for cli_system_admin_user_restrictdevvdom:
- user
- restrict-dev-vdom
- params for cli_system_alertconsole:
- params for cli_system_alertevent:
- alert-event
- params for cli_system_alertevent_alertdestination:
- alert-event
- alert-destination
- params for cli_system_alertemail:
- params for cli_system_autodelete:
- params for cli_system_autodelete_dlpfilesautodeletion:
- params for cli_system_autodelete_logautodeletion:
- params for cli_system_autodelete_quarantinefilesautodeletion:
- params for cli_system_autodelete_reportautodeletion:
- params for cli_system_backup_allsettings:
- params for cli_system_centralmanagement:
- params for cli_system_certificate_ca:
- ca
- params for cli_system_certificate_crl:
- crl
- params for cli_system_certificate_local:
- local
- params for cli_system_certificate_oftp:
- params for cli_system_certificate_remote:
- remote
- params for cli_system_certificate_ssh:
- ssh
- params for cli_system_connector:
- params for cli_system_dns:
- params for cli_system_docker:
- params for cli_system_fips:
- params for cli_system_fortiview_autocache:
- params for cli_system_fortiview_setting:
- params for cli_system_global:
- params for cli_system_guiact:
- params for cli_system_ha:
- params for cli_system_ha_peer:
- peer
- params for cli_system_ha_privatepeer:
- private-peer
- params for cli_system_interface:
- interface
- params for cli_system_interface_ipv6:
- interface
- params for cli_system_locallog_disk_filter:
- params for cli_system_locallog_disk_setting:
- params for cli_system_locallog_fortianalyzer_filter:
- params for cli_system_locallog_fortianalyzer_setting:
- params for cli_system_locallog_fortianalyzer2_filter:
- params for cli_system_locallog_fortianalyzer2_setting:
- params for cli_system_locallog_fortianalyzer3_filter:
- params for cli_system_locallog_fortianalyzer3_setting:
- params for cli_system_locallog_memory_filter:
- params for cli_system_locallog_memory_setting:
- params for cli_system_locallog_setting:
- params for cli_system_locallog_syslogd_filter:
- params for cli_system_locallog_syslogd_setting:
- params for cli_system_locallog_syslogd2_filter:
- params for cli_system_locallog_syslogd2_setting:
- params for cli_system_locallog_syslogd3_filter:
- params for cli_system_locallog_syslogd3_setting:
- params for cli_system_logfetch_clientprofile:
- client-profile
- params for cli_system_logfetch_clientprofile_devicefilter:
- client-profile
- device-filter
- params for cli_system_logfetch_clientprofile_logfilter:
- client-profile
- log-filter
- params for cli_system_logfetch_serversettings:
- params for cli_system_logforward:
- log-forward
- params for cli_system_logforwardservice:
- params for cli_system_logforward_devicefilter:
- log-forward
- device-filter
- params for cli_system_logforward_logfieldexclusion:
- log-forward
- log-field-exclusion
- params for cli_system_logforward_logfilter:
- log-forward
- log-filter
- params for cli_system_log_alert:
- params for cli_system_log_interfacestats:
- params for cli_system_log_ioc:
- params for cli_system_log_maildomain:
- mail-domain
- params for cli_system_log_settings:
- params for cli_system_log_settings_rollinganalyzer:
- params for cli_system_log_settings_rollinglocal:
- params for cli_system_log_settings_rollingregular:
- params for cli_system_mail:
- params for cli_system_metadata_admins:
- admins
- params for cli_system_ntp:
- params for cli_system_ntp_ntpserver:
- ntpserver
- params for cli_system_passwordpolicy:
- params for cli_system_performance:
- params for cli_system_report_autocache:
- params for cli_system_report_estbrowsetime:
- params for cli_system_report_group:
- group
- params for cli_system_report_group_chartalternative:
- group
- chart-alternative
- params for cli_system_report_group_groupby:
- group
- group-by
- params for cli_system_report_setting:
- params for cli_system_route:
- route
- params for cli_system_route6:
- route6
- params for cli_system_saml:
- params for cli_system_saml_fabricidp:
- fabric-idp
- params for cli_system_saml_serviceproviders:
- service-providers
- params for cli_system_sniffer:
- sniffer
- params for cli_system_snmp_community:
- community
- params for cli_system_snmp_community_hosts:
- community
- hosts
- params for cli_system_snmp_community_hosts6:
- community
- hosts6
- params for cli_system_snmp_sysinfo:
- params for cli_system_snmp_user:
- user
- params for cli_system_sql:
- params for cli_system_sql_customindex:
- custom-index
- params for cli_system_sql_customskipidx:
- custom-skipidx
- params for cli_system_sql_tsindexfield:
- ts-index-field
- params for cli_system_status:
- params for cli_system_syslog:
- syslog
- params for cli_system_workflow_approvalmatrix:
- approval-matrix
- params for cli_system_workflow_approvalmatrix_approver:
- approval-matrix
- approver
- params for eventmgmt_adom_
_alertfilter: - params for eventmgmt_adom_
_alertlogs: - params for eventmgmt_adom_
_alertlogs_count: - params for eventmgmt_adom_
_alerts: - params for eventmgmt_adom_
_alerts_count: - params for eventmgmt_adom_
_alerts_extradetails: - params for fazsys_adom_
_enduseravatar: - params for fazsys_language_fonts_export:
- params for fazsys_language_fonts_list:
- params for fazsys_language_translationfile_export:
- params for fazsys_language_translationfile_list:
- params for sys_ha_status:
- params for sys_status:
- params for ueba_adom_
_endpoints: - params for ueba_adom_
_endpoints_stats: - params for ueba_adom_
_endusers: - params for ueba_adom_
_endusers_stats: - params for report_adom_
_reports_data_ : - params for report_adom_
_reports_state: - params for report_adom_
_run_ : - params for report_adom_
_template_export: - params for report_adom_root_template_language:
- params for report_adom_
_template_list: - params for task_task:
- task
- params for task_task_line:
- task
- line
- params for task_task_line_history:
- task
- line
- history
- params for dvmdb_adom:
- adom
- params for dvmdb_device:
- device
- adom
- params for dvmdb_device_haslave:
- device
- ha_slave
- adom
- params for dvmdb_device_vdom:
- device
- vdom
- adom
- params for dvmdb_group:
- group
- adom
- params for fortiview_adom_
_ _run_ : - params for logview_adom_
_logfields: - params for logview_adom_
_logfiles_data: - params for logview_adom_
_logfiles_search: - params for logview_adom_
_logfiles_state: - params for logview_adom_
_logsearch_ : - params for logview_adom_
_logstats: - params for incidentmgmt_adom_
_attachments: - params for incidentmgmt_adom_
_attachments_count: - params for incidentmgmt_adom_
_incidents: - params for incidentmgmt_adom_
_incidents_count: - params for ioc_license_state:
- params for ioc_adom_
_rescan_history: - params for ioc_adom_
_rescan_run: - params for task_task_history:
- task
- history
- params for dvmdb_folder:
- folder
- adom
- params for soar_adom_
_config_connectors_ : - params for soar_adom_
_config_playbooks_ : - params for soar_adom_
_fosconnector_automationrules: - params for soar_adom_
_playbook_monitor: - params for soar_adom_
_task_monitor: - params for incidentmgmt_adom_
_epeuhistory: - params for cli_system_log_devicedisable:
- device-disable
- params for cli_system_interface_member:
- interface
- member
- params for cli_system_log_ratelimit:
- params for cli_system_log_ratelimit_device:
- device
- params for cli_system_logforward_logmaskingcustom:
- log-forward
- log-masking-custom
- params for cli_system_socfabric:
- params for eventmgmt_adom_
_alerts_export:
Notes
Note
- Running in workspace locking mode is supported in this FortiAnalyzer module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
- Selector is a mandatory parameter for the module, and the params is varying depending on the selector.
- Parameter
adomcan benullor''for all administrative domains,globalfor global domain and any other custom domain strings. and a particular fact may not support all kinds of domains. - In parameters section,
nulland''are identical if you are fetching all objects under that selector category. - Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters
rc_failedandrc_succeeded
Examples
- name: gathering fortianalyzer facts
hosts: fortianalyzer01
gather_facts: no
connection: httpapi
collections:
- fortinet.fortianalyzer
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: retrieve all the scripts
faz_fact:
facts:
selector: 'dvmdb_script'
params:
adom: 'root' # global or null or ''
script: '' # or null
- name: retrive all the interfaces
faz_fact:
facts:
selector: 'system_interface'
params:
interface: '' # or null
- name: retrieve the interface port1
faz_fact:
facts:
selector: 'system_interface'
params:
interface: 'port1'
- name: fetch urlfilter with name urlfilter4
faz_fact:
facts:
selector: 'webfilter_urlfilter'
params:
adom: 'root'
urlfilter: '' # or null
filter:
-
- 'name'
- '=='
- 'urlfilter4'
fields:
- 'id'
- 'name'
- 'comment'
sortings:
- 'id': 1
'name': -1
- name: Retrieve device
faz_fact:
facts:
selector: 'dvmdb_device'
params:
adom: 'root'
device: '' # or null
option:
- 'get meta'
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
Daemon Modules
The modules in this category are invoking exec methods to call FortiManager managed procedures.
faz_cli_exec_fgfm_reclaimdevtunnel – Reclaim management tunnel to device.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| cli_exec_fgfm_reclaimdevtunnel | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- device_name - The parameter in requested url type: str required: true
- cli_exec_fgfm_reclaimdevtunnel - Reclaim management tunnel to device. type: dict
- flags - No description for the parameter type: array choices: [force] more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Reclaim management tunnel to device.
faz_cli_exec_fgfm_reclaimdevtunnel:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
device_name: <your own value>
cli_exec_fgfm_reclaimdevtunnel:
flags:
- force
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_dvm_cmd_add_device – Add a device to the Device Manager database.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| dvm_cmd_add_device | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- dvm_cmd_add_device - Add a device to the Device Manager database. type: dict
- adom - Name or ID of the ADOM where the command is to be executed on. type: str more...
- device type: dict
- adm_pass - No description for the parameter type: str more...
- adm_usr - add real and promote device. type: str more...
- desc - available for all operations. type: str more...
- device action - Specify add device operations, or leave blank to add real device: type: str more...
- faz.quota - available for all operations. type: int more...
- ip - add real device only. type: str more...
- meta fields - add real and model device. type: str more...
- mgmt_mode - add real and model device. type: str choices: [unreg, fmg, faz, fmgfaz] more...
- mr - add model device only. type: int more...
- name - required for all operations. type: str more...
- os_type - add model device only. type: str choices: [unknown, fos, fsw, foc, fml, faz, fwb, fch, fct, log, fmg, fsa, fdd, fac] more...
- os_ver - add model device only. type: str choices: [unknown, 0.0, 1.0, 2.0, 3.0, 4.0, 5.0] more...
- patch - add model device only. type: int more...
- platform_str - add model device only. type: str more...
- sn - add model device only. type: str more...
- flags - No description for the parameter type: array choices: [none, create_task, nonblocking] more...
- groups - No description for the parameter type: array more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Add a device to the Device Manager database.
faz_dvm_cmd_add_device:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
dvm_cmd_add_device:
adom: <value of string>
device:
adm_pass: <value of string>
adm_usr: <value of string>
desc: <value of string>
device action: <value of string>
faz.quota: <value of integer>
ip: <value of string>
meta fields: <value of string>
mgmt_mode: <value in [unreg, fmg, faz, ...]>
mr: <value of integer>
name: <value of string>
os_type: <value in [unknown, fos, fsw, ...]>
os_ver: <value in [unknown, 0.0, 1.0, ...]>
patch: <value of integer>
platform_str: <value of string>
sn: <value of string>
flags:
- none
- create_task
- nonblocking
groups:
-
name: <value of string>
vdom: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_dvm_cmd_add_devlist – Add multiple devices to the Device Manager database.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| dvm_cmd_add_devlist | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- dvm_cmd_add_devlist - Add multiple devices to the Device Manager database. type: dict
- add-dev-list - No description for the parameter type: array
more...
- adm_pass - No description for the parameter type: str more...
- adm_usr - add real and promote device. type: str more...
- desc - available for all operations. type: str more...
- device action - Specify add device operations, or leave blank to add real device: type: str more...
- faz.quota - available for all operations. type: int more...
- ip - add real device only. type: str more...
- meta fields - add real and model device. type: str more...
- mgmt_mode - add real and model device. type: str choices: [unreg, fmg, faz, fmgfaz] more...
- mr - add model device only. type: int more...
- name - required for all operations. type: str more...
- os_type - add model device only. type: str choices: [unknown, fos, fsw, foc, fml, faz, fwb, fch, fct, log, fmg, fsa, fdd, fac] more...
- os_ver - add model device only. type: str choices: [unknown, 0.0, 1.0, 2.0, 3.0, 4.0, 5.0] more...
- patch - add model device only. type: int more...
- platform_str - add model device only. type: str more...
- sn - add model device only. type: str more...
- adom - Name or ID of the ADOM where the command is to be executed on. type: str more...
- flags - No description for the parameter type: array choices: [none, create_task, nonblocking] more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Add multiple devices to the Device Manager database.
faz_dvm_cmd_add_devlist:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
dvm_cmd_add_devlist:
add-dev-list:
-
adm_pass: <value of string>
adm_usr: <value of string>
desc: <value of string>
device action: <value of string>
faz.quota: <value of integer>
ip: <value of string>
meta fields: <value of string>
mgmt_mode: <value in [unreg, fmg, faz, ...]>
mr: <value of integer>
name: <value of string>
os_type: <value in [unknown, fos, fsw, ...]>
os_ver: <value in [unknown, 0.0, 1.0, ...]>
patch: <value of integer>
platform_str: <value of string>
sn: <value of string>
adom: <value of string>
flags:
- none
- create_task
- nonblocking
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_dvm_cmd_del_device – Delete a device.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| dvm_cmd_del_device | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- dvm_cmd_del_device - Delete a device. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Delete a device.
faz_dvm_cmd_del_device:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
dvm_cmd_del_device:
adom: <value of string>
device: <value of string>
flags:
- none
- create_task
- nonblocking
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_dvm_cmd_del_devlist – Delete a list of devices.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| dvm_cmd_del_devlist | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- dvm_cmd_del_devlist - Delete a list of devices. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Delete a list of devices.
faz_dvm_cmd_del_devlist:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
dvm_cmd_del_devlist:
adom: <value of string>
del-dev-member-list:
-
name: <value of string>
vdom: <value of string>
flags:
- none
- create_task
- nonblocking
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_dvm_cmd_import_devlist – Import a list of ADOMs and devices.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| dvm_cmd_import_devlist | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- dvm_cmd_import_devlist - Import a list of ADOMs and devices. type: dict
- adom - Name or ID of the ADOM where the command is to be executed on. type: str more...
- flags - No description for the parameter type: array choices: [none, create_task, nonblocking] more...
- import-adom-members - No description for the parameter type: array more...
- import-adoms - No description for the parameter type: array
more...
- desc - No description for the parameter type: str more...
- flags - No description for the parameter type: array choices: [migration, db_export, no_vpn_console, backup, other_devices, central_sdwan, is_autosync, per_device_wtp, policy_check_on_install, install_on_policy_check_fail, auto_push_cfg, per_device_fsw] more...
- log_db_retention_hours - No description for the parameter type: int default: 1440 more...
- log_disk_quota - No description for the parameter type: int more...
- log_disk_quota_alert_thres - No description for the parameter type: int default: 90 more...
- log_disk_quota_split_ratio - No description for the parameter type: int default: 70 more...
- log_file_retention_hours - No description for the parameter type: int default: 8760 more...
- meta fields - No description for the parameter type: dict more...
- mig_mr - No description for the parameter type: int default: 4 more...
- mig_os_ver - No description for the parameter type: str choices: [unknown, 0.0, 1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 7.0, 8.0] default: 6.0 more...
- mode - ems - (Value no longer used as of 4. type: str choices: [ems, gms, provider] default: gms more...
- mr - No description for the parameter type: int default: 4 more...
- name - No description for the parameter type: str more...
- os_ver - No description for the parameter type: str choices: [unknown, 0.0, 1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 7.0, 8.0] default: 6.0 more...
- restricted_prds - No description for the parameter type: array choices: [fos, foc, fml, fch, fwb, log, fct, faz, fsa, fsw, fmg, fdd, fac, fpx, fna, fdc, fsr, fad, ffw, fap, fxt] more...
- state - No description for the parameter type: int default: 1 more...
- uuid - No description for the parameter type: str more...
- create_time - No description for the parameter type: int more...
- workspace_mode - No description for the parameter type: int more...
- import-devices - No description for the parameter type: array
more...
- adm_pass - No description for the parameter type: str more...
- adm_usr - No description for the parameter type: str more...
- app_ver - No description for the parameter type: str more...
- av_ver - No description for the parameter type: str more...
- beta - No description for the parameter type: int more...
- branch_pt - No description for the parameter type: int more...
- build - No description for the parameter type: int more...
- checksum - No description for the parameter type: str more...
- conf_status - No description for the parameter type: str choices: [unknown, insync, outofsync] default: unknown more...
- conn_mode - No description for the parameter type: str choices: [active, passive] default: passive more...
- conn_status - No description for the parameter type: str choices: [UNKNOWN, up, down] default: UNKNOWN more...
- db_status - No description for the parameter type: str choices: [unknown, nomod, mod] default: unknown more...
- desc - No description for the parameter type: str more...
- dev_status - No description for the parameter type: str choices: [none, unknown, checkedin, inprogress, installed, aborted, sched, retry, canceled, pending, retrieved, changed_conf, sync_fail, timeout, rev_revert, auto_updated] default: unknown more...
- fap_cnt - No description for the parameter type: int more...
- faz.full_act - No description for the parameter type: int more...
- faz.perm - No description for the parameter type: int more...
- faz.quota - No description for the parameter type: int more...
- faz.used - No description for the parameter type: int more...
- fex_cnt - No description for the parameter type: int more...
- flags - No description for the parameter type: array choices: [has_hdd, vdom_enabled, discover, reload, interim_build, offline_mode, is_model, fips_mode, linked_to_model, ip-conflict, faz-autosync] more...
- foslic_cpu - VM Meter vCPU count. type: int more...
- foslic_dr_site - VM Meter DR Site status. type: str choices: [disable, enable] default: disable more...
- foslic_inst_time - VM Meter first deployment time (in UNIX timestamp). type: int more...
- foslic_last_sync - VM Meter last synchronized time (in UNIX timestamp). type: int more...
- foslic_ram - VM Meter device RAM size (in MB). type: int more...
- foslic_type - VM Meter license type. type: str choices: [temporary, trial, regular, trial_expired] default: temporary more...
- foslic_utm - No description for the parameter type: array choices: [fw, av, ips, app, url, utm, fwb] more...
- fsw_cnt - No description for the parameter type: int more...
- ha_group_id - No description for the parameter type: int more...
- ha_group_name - No description for the parameter type: str more...
- ha_mode - enabled - Value reserved for non-FOS HA devices. type: str choices: [standalone, AP, AA, ELBC, DUAL, enabled, unknown, fmg-enabled, autoscale] default: standalone more...
- ha_slave - No description for the parameter type: array
more...
- idx - No description for the parameter type: int more...
- name - No description for the parameter type: str more...
- prio - No description for the parameter type: int more...
- role - No description for the parameter type: str choices: [slave, master] default: slave more...
- sn - No description for the parameter type: str more...
- status - No description for the parameter type: int more...
- hdisk_size - No description for the parameter type: int more...
- hostname - No description for the parameter type: str more...
- hw_rev_major - No description for the parameter type: int more...
- hw_rev_minor - No description for the parameter type: int more...
- ip - No description for the parameter type: str more...
- ips_ext - No description for the parameter type: int more...
- ips_ver - No description for the parameter type: str more...
- last_checked - No description for the parameter type: int more...
- last_resync - No description for the parameter type: int more...
- latitude - No description for the parameter type: str more...
- lic_flags - No description for the parameter type: int more...
- lic_region - No description for the parameter type: str more...
- location_from - No description for the parameter type: str more...
- logdisk_size - No description for the parameter type: int more...
- longitude - No description for the parameter type: str more...
- maxvdom - No description for the parameter type: int default: 10 more...
- meta fields - No description for the parameter type: dict more...
- mgmt_id - No description for the parameter type: int more...
- mgmt_if - No description for the parameter type: str more...
- mgmt_mode - No description for the parameter type: str choices: [unreg, fmg, faz, fmgfaz] default: unreg more...
- mgt_vdom - No description for the parameter type: str more...
- module_sn - No description for the parameter type: str more...
- mr - No description for the parameter type: int default: -1 more...
- name - Unique name for the device. type: str more...
- os_type - No description for the parameter type: str choices: [unknown, fos, fsw, foc, fml, faz, fwb, fch, fct, log, fmg, fsa, fdd, fac, fpx, fna, fdc, fsr, fad, ffw, fap, fxt] default: unknown more...
- os_ver - No description for the parameter type: str choices: [unknown, 0.0, 1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 7.0, 8.0] default: unknown more...
- patch - No description for the parameter type: int more...
- platform_str - No description for the parameter type: str more...
- prefer_img_ver - No description for the parameter type: str more...
- psk - No description for the parameter type: str more...
- sn - Unique value for each device. type: str more...
- vdom - No description for the parameter type: array
more...
- comments - No description for the parameter type: str more...
- name - No description for the parameter type: str more...
- opmode - No description for the parameter type: str choices: [nat, transparent] default: nat more...
- rtm_prof_id - No description for the parameter type: int more...
- status - No description for the parameter type: str more...
- vpn_id - No description for the parameter type: int more...
- meta fields - No description for the parameter type: dict more...
- version - No description for the parameter type: int more...
- vm_cpu - No description for the parameter type: int more...
- vm_cpu_limit - No description for the parameter type: int more...
- vm_lic_expire - No description for the parameter type: int more...
- vm_mem - No description for the parameter type: int more...
- vm_mem_limit - No description for the parameter type: int more...
- vm_status - No description for the parameter type: int more...
- prio - No description for the parameter type: int more...
- role - No description for the parameter type: str choices: [master, ha-slave, autoscale-slave] default: master more...
- hyperscale - No description for the parameter type: int more...
- nsxt_service_name - No description for the parameter type: str more...
- private_key - No description for the parameter type: str more...
- private_key_status - No description for the parameter type: int more...
- import-group-members - No description for the parameter type: array more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Import a list of ADOMs and devices.
faz_dvm_cmd_import_devlist:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
dvm_cmd_import_devlist:
adom: <value of string>
flags:
- none
- create_task
- nonblocking
import-adom-members:
-
adom: <value of string>
dev: <value of string>
vdom: <value of string>
import-adoms:
-
desc: <value of string>
flags:
- migration
- db_export
- no_vpn_console
- backup
- other_devices
- central_sdwan
- is_autosync
- per_device_wtp
- policy_check_on_install
- install_on_policy_check_fail
- auto_push_cfg
- per_device_fsw
log_db_retention_hours: <value of integer>
log_disk_quota: <value of integer>
log_disk_quota_alert_thres: <value of integer>
log_disk_quota_split_ratio: <value of integer>
log_file_retention_hours: <value of integer>
meta fields: <value of dict>
mig_mr: <value of integer>
mig_os_ver: <value in [unknown, 0.0, 1.0, ...]>
mode: <value in [ems, gms, provider]>
mr: <value of integer>
name: <value of string>
os_ver: <value in [unknown, 0.0, 1.0, ...]>
restricted_prds:
- fos
- foc
- fml
- fch
- fwb
- log
- fct
- faz
- fsa
- fsw
- fmg
- fdd
- fac
- fpx
- fna
- fdc
- fsr
- fad
- ffw
- fap
- fxt
state: <value of integer>
uuid: <value of string>
create_time: <value of integer>
workspace_mode: <value of integer>
import-devices:
-
adm_pass: <value of string>
adm_usr: <value of string>
app_ver: <value of string>
av_ver: <value of string>
beta: <value of integer>
branch_pt: <value of integer>
build: <value of integer>
checksum: <value of string>
conf_status: <value in [unknown, insync, outofsync]>
conn_mode: <value in [active, passive]>
conn_status: <value in [UNKNOWN, up, down]>
db_status: <value in [unknown, nomod, mod]>
desc: <value of string>
dev_status: <value in [none, unknown, checkedin, ...]>
fap_cnt: <value of integer>
faz.full_act: <value of integer>
faz.perm: <value of integer>
faz.quota: <value of integer>
faz.used: <value of integer>
fex_cnt: <value of integer>
flags:
- has_hdd
- vdom_enabled
- discover
- reload
- interim_build
- offline_mode
- is_model
- fips_mode
- linked_to_model
- ip-conflict
- faz-autosync
foslic_cpu: <value of integer>
foslic_dr_site: <value in [disable, enable]>
foslic_inst_time: <value of integer>
foslic_last_sync: <value of integer>
foslic_ram: <value of integer>
foslic_type: <value in [temporary, trial, regular, ...]>
foslic_utm:
- fw
- av
- ips
- app
- url
- utm
- fwb
fsw_cnt: <value of integer>
ha_group_id: <value of integer>
ha_group_name: <value of string>
ha_mode: <value in [standalone, AP, AA, ...]>
ha_slave:
-
idx: <value of integer>
name: <value of string>
prio: <value of integer>
role: <value in [slave, master]>
sn: <value of string>
status: <value of integer>
hdisk_size: <value of integer>
hostname: <value of string>
hw_rev_major: <value of integer>
hw_rev_minor: <value of integer>
ip: <value of string>
ips_ext: <value of integer>
ips_ver: <value of string>
last_checked: <value of integer>
last_resync: <value of integer>
latitude: <value of string>
lic_flags: <value of integer>
lic_region: <value of string>
location_from: <value of string>
logdisk_size: <value of integer>
longitude: <value of string>
maxvdom: <value of integer>
meta fields: <value of dict>
mgmt_id: <value of integer>
mgmt_if: <value of string>
mgmt_mode: <value in [unreg, fmg, faz, ...]>
mgt_vdom: <value of string>
module_sn: <value of string>
mr: <value of integer>
name: <value of string>
os_type: <value in [unknown, fos, fsw, ...]>
os_ver: <value in [unknown, 0.0, 1.0, ...]>
patch: <value of integer>
platform_str: <value of string>
prefer_img_ver: <value of string>
psk: <value of string>
sn: <value of string>
vdom:
-
comments: <value of string>
name: <value of string>
opmode: <value in [nat, transparent]>
rtm_prof_id: <value of integer>
status: <value of string>
vpn_id: <value of integer>
meta fields: <value of dict>
version: <value of integer>
vm_cpu: <value of integer>
vm_cpu_limit: <value of integer>
vm_lic_expire: <value of integer>
vm_mem: <value of integer>
vm_mem_limit: <value of integer>
vm_status: <value of integer>
prio: <value of integer>
role: <value in [master, ha-slave, autoscale-slave]>
hyperscale: <value of integer>
nsxt_service_name: <value of string>
private_key: <value of string>
private_key_status: <value of integer>
import-group-members:
-
adom: <value of string>
dev: <value of string>
grp: <value of string>
vdom: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_sys_api_sdnconnector – Query SDN connector data.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| sys_api_sdnconnector | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- sys_api_sdnconnector - Query SDN connector data. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Query SDN connector data.
faz_sys_api_sdnconnector:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
sys_api_sdnconnector:
adom: <value of string>
command: <value of string>
connector_name: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_sys_generate_wsdl – Generate WSDL for specific module and objects.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| sys_generate_wsdl | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- sys_generate_wsdl - Generate WSDL for specific module and objects. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Generate WSDL for specific module and objects.
faz_sys_generate_wsdl:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
sys_generate_wsdl:
endpoint: <value of string>
target: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_sys_login_challenge – Answer a log in challenge question, used following a login/user or login/challenge command.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| sys_login_challenge | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- sys_login_challenge - Answer a log in challenge question, used following a login/user or login/challenge command. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Answer a log in challenge question, used following a login/user or login/challenge command.
faz_sys_login_challenge:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
sys_login_challenge:
answer: <value of string>
session: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_sys_login_user – Log into the device with user name and password.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| sys_login_user | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- sys_login_user - Log into the device with user name and password. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log into the device with user name and password.
faz_sys_login_user:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
sys_login_user:
passwd: <value of string>
user: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_sys_logout – Log out a session.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| sys_logout | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Log out a session.
faz_sys_logout:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_sys_proxy_json – Send and receive JSON request to/from managed devices.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.2 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| sys_proxy_json | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- sys_proxy_json - Send and receive JSON request to/from managed devices. type: dict
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Send and receive JSON request to/from managed devices.
faz_sys_proxy_json:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
sys_proxy_json:
action: <value in [get, post, put, ...]>
payload: <value of dict>
resource: <value of string>
target: <value of list>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
faz_sys_reboot – Restart FortiAnalyzer.
New in version 2.10.
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiAnalyzer Version Compatibility
6.2.1 |
6.2.3 |
6.2.5 |
6.2.6 |
6.4.1 |
6.4.2 |
6.4.3 |
6.4.4 |
6.4.5 |
7.0.0 |
|
| sys_reboot | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- bypass_validation - Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- sys_reboot - Restart FortiAnalyzer. type: dict
- message - Optional message to be stored in event log. type: str more...
Notes
Note
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortianalyzer-inventory
collections:
- fortinet.fortianalyzer
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Restart FortiAnalyzer.
faz_sys_reboot:
bypass_validation: False
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
sys_reboot:
message: <value of string>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
Generic Modules
The generic module is to build and send FortiAnalyzer API requests in a flexible way.
faz_generic – The Generic FortiAnalyzer module.
New in version 2.10.
Synopsis
- This module is able to configure a FortiAnalyzer device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- method - The method of API request, grouped with parameter params. type: str required: false choices: [add, set, update, get, delete, exec, move, clone]
- params - The parameter body of API request, grouped with parameter method. type: list required: false
- json - The raw json formatted string, it must contain method and params.type: str required: false
Notes
Note
- Full API reference: https://fndn.fortinet.net/index.php?/fortiapi/175-fortianalyzer/
- When all three parameters are given at the same time, json has higher priority over method¶ms.
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortimanager01
connection: httpapi
collections:
- fortinet.fortimanager
vars:
adom: "root"
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: 'login a user'
faz_generic:
method: 'exec'
params:
- url: 'sys/login/user'
data:
- user: 'admin'
passwd: 'ca$hc0w'
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict
Release Notes
Release Galaxy 0.0.1
Release Target
FortiAnalyzer version: v6.2, v6.4 and v7.0
Module Category
| Module Category | Supported JPRC methods | Location |
|---|---|---|
| Object Oriented Modules | add/update(set)/delete | ref |
| Facts Gathering Modules | get | ref |
| Daemon Modules | exec | ref |
| Generic Modules | (all methods) | ref |
Features
- Full FortiAnalyzer JRPC URLs coverage (more than 170 modules).
- Flexible error handling mechanism.