Try SpotterConfigure alert email settings in Fortinet's FortiOS and FortiGate.
| "added in version" 2.9 of ansible.builtin"
Authors: Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico)
preview | supported by community
pipInstall with pip install ansible==2.9.27
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify alertemail feature and setting category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.5
- hosts: localhost
vars:
host: "192.168.122.40"
username: "admin"
password: ""
vdom: "root"
ssl_verify: "False"
tasks:
- name: Configure alert email settings.
fortios_alertemail_setting:
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
alertemail_setting:
admin_login_logs: "enable"
alert_interval: "4"
amc_interface_bypass_mode: "enable"
antivirus_logs: "enable"
configuration_changes_logs: "enable"
critical_interval: "8"
debug_interval: "9"
email_interval: "10"
emergency_interval: "11"
error_interval: "12"
FDS_license_expiring_days: "13"
FDS_license_expiring_warning: "enable"
FDS_update_logs: "enable"
filter_mode: "category"
FIPS_CC_errors: "enable"
firewall_authentication_failure_logs: "enable"
fortiguard_log_quota_warning: "enable"
FSSO_disconnect_logs: "enable"
HA_logs: "enable"
information_interval: "22"
IPS_logs: "enable"
IPsec_errors_logs: "enable"
local_disk_usage: "25"
log_disk_usage_warning: "enable"
mailto1: "<your_own_value>"
mailto2: "<your_own_value>"
mailto3: "<your_own_value>"
notification_interval: "30"
PPP_errors_logs: "enable"
severity: "emergency"
ssh_logs: "enable"
sslvpn_authentication_errors_logs: "enable"
username: "<your_own_value>"
violation_traffic_logs: "enable"
warning_interval: "37"
webfilter_logs: "enable"
host:
description:
- FortiOS or FortiGate IP address.
required: false
type: str
vdom:
default: root
description:
- Virtual domain, among those defined previously. A vdom is a virtual instance of
the FortiGate that can be configured and used as a different unit.
type: str
https:
default: true
description:
- Indicates if the requests towards FortiGate must use HTTPS protocol.
type: bool
password:
default: ''
description:
- FortiOS or FortiGate password.
type: str
username:
description:
- FortiOS or FortiGate username.
required: false
type: str
ssl_verify:
default: true
description:
- Ensures FortiGate certificate must be verified by a proper CA.
type: bool
alertemail_setting:
default: null
description:
- Configure alert email settings.
suboptions:
FDS_license_expiring_days:
description:
- Number of days to send alert email prior to FortiGuard license expiration (1
- 100 days).
type: int
FDS_license_expiring_warning:
choices:
- enable
- disable
description:
- Enable/disable FortiGuard license expiration warnings in alert email.
type: str
FDS_update_logs:
choices:
- enable
- disable
description:
- Enable/disable FortiGuard update logs in alert email.
type: str
FIPS_CC_errors:
choices:
- enable
- disable
description:
- Enable/disable FIPS and Common Criteria error logs in alert email.
type: str
FSSO_disconnect_logs:
choices:
- enable
- disable
description:
- Enable/disable logging of FSSO collector agent disconnect.
type: str
HA_logs:
choices:
- enable
- disable
description:
- Enable/disable HA logs in alert email.
type: str
IPS_logs:
choices:
- enable
- disable
description:
- Enable/disable IPS logs in alert email.
type: str
IPsec_errors_logs:
choices:
- enable
- disable
description:
- Enable/disable IPsec error logs in alert email.
type: str
PPP_errors_logs:
choices:
- enable
- disable
description:
- Enable/disable PPP error logs in alert email.
type: str
admin_login_logs:
choices:
- enable
- disable
description:
- Enable/disable administrator login/logout logs in alert email.
type: str
alert_interval:
description:
- Alert alert interval in minutes.
type: int
amc_interface_bypass_mode:
choices:
- enable
- disable
description:
- Enable/disable Fortinet Advanced Mezzanine Card (AMC) interface bypass mode
logs in alert email.
type: str
antivirus_logs:
choices:
- enable
- disable
description:
- Enable/disable antivirus logs in alert email.
type: str
configuration_changes_logs:
choices:
- enable
- disable
description:
- Enable/disable configuration change logs in alert email.
type: str
critical_interval:
description:
- Critical alert interval in minutes.
type: int
debug_interval:
description:
- Debug alert interval in minutes.
type: int
email_interval:
description:
- Interval between sending alert emails (1 - 99999 min).
type: int
emergency_interval:
description:
- Emergency alert interval in minutes.
type: int
error_interval:
description:
- Error alert interval in minutes.
type: int
filter_mode:
choices:
- category
- threshold
description:
- How to filter log messages that are sent to alert emails.
type: str
firewall_authentication_failure_logs:
choices:
- enable
- disable
description:
- Enable/disable firewall authentication failure logs in alert email.
type: str
fortiguard_log_quota_warning:
choices:
- enable
- disable
description:
- Enable/disable FortiCloud log quota warnings in alert email.
type: str
information_interval:
description:
- Information alert interval in minutes.
type: int
local_disk_usage:
description:
- Disk usage percentage at which to send alert email (1 - 99 percent).
type: int
log_disk_usage_warning:
choices:
- enable
- disable
description:
- Enable/disable disk usage warnings in alert email.
type: str
mailto1:
description:
- Email address to send alert email to (usually a system administrator) (max.
64 characters).
type: str
mailto2:
description:
- Optional second email address to send alert email to (max. 64 characters).
type: str
mailto3:
description:
- Optional third email address to send alert email to (max. 64 characters).
type: str
notification_interval:
description:
- Notification alert interval in minutes.
type: int
severity:
choices:
- emergency
- alert
- critical
- error
- warning
- notification
- information
- debug
description:
- Lowest severity level to log.
type: str
ssh_logs:
choices:
- enable
- disable
description:
- Enable/disable SSH logs in alert email.
type: str
sslvpn_authentication_errors_logs:
choices:
- enable
- disable
description:
- Enable/disable SSL-VPN authentication error logs in alert email.
type: str
username:
description:
- 'Name that appears in the From: field of alert emails (max. 36 characters).'
type: str
violation_traffic_logs:
choices:
- enable
- disable
description:
- Enable/disable violation traffic logs in alert email.
type: str
warning_interval:
description:
- Warning alert interval in minutes.
type: int
webfilter_logs:
choices:
- enable
- disable
description:
- Enable/disable web filter logs in alert email.
type: str
type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str