Try Spotterno description
| "added in version" 1.0.0 of chillancezen.fortimanager"
Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install chillancezen.fortimanager:==2.1.6
collections:
- name: chillancezen.fortimanager
version: 2.1.6This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: no description
fmgr_webfilter_profile:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
state: <value in [present, absent]>
webfilter_profile:
comment: <value of string>
extended-log: <value in [disable, enable]>
https-replacemsg: <value in [disable, enable]>
inspection-mode: <value in [proxy, flow-based, dns]>
log-all-url: <value in [disable, enable]>
name: <value of string>
options:
- block-invalid-url
- jscript
- js
- vbs
- unknown
- wf-referer
- https-scan
- intrinsic
- wf-cookie
- per-user-bwl
- activexfilter
- cookiefilter
- https-url-scan
- javafilter
- rangeblock
- contenttype-check
- per-user-bal
ovrd-perm:
- bannedword-override
- urlfilter-override
- fortiguard-wf-override
- contenttype-check-override
post-action: <value in [normal, comfort, block]>
replacemsg-group: <value of string>
web-content-log: <value in [disable, enable]>
web-extended-all-action-log: <value in [disable, enable]>
web-filter-activex-log: <value in [disable, enable]>
web-filter-applet-log: <value in [disable, enable]>
web-filter-command-block-log: <value in [disable, enable]>
web-filter-cookie-log: <value in [disable, enable]>
web-filter-cookie-removal-log: <value in [disable, enable]>
web-filter-js-log: <value in [disable, enable]>
web-filter-jscript-log: <value in [disable, enable]>
web-filter-referer-log: <value in [disable, enable]>
web-filter-unknown-log: <value in [disable, enable]>
web-filter-vbs-log: <value in [disable, enable]>
web-ftgd-err-log: <value in [disable, enable]>
web-ftgd-quota-usage: <value in [disable, enable]>
web-invalid-domain-log: <value in [disable, enable]>
web-url-log: <value in [disable, enable]>
wisp: <value in [disable, enable]>
wisp-algorithm: <value in [auto-learning, primary-secondary, round-robin]>
wisp-servers: <value of string>
youtube-channel-filter:
-
channel-id: <value of string>
comment: <value of string>
id: <value of integer>
youtube-channel-status: <value in [disable, blacklist, whitelist]>
feature-set: <value in [proxy, flow]>
web-antiphishing-log: <value in [disable, enable]>
antiphish:
check-basic-auth: <value in [disable, enable]>
check-uri: <value in [disable, enable]>
check-username-only: <value in [disable, enable]>
custom-patterns:
-
category: <value in [username, password]>
pattern: <value of string>
type: <value in [regex, literal]>
default-action: <value in [log, block, exempt]>
domain-controller: <value of string>
inspection-entries:
-
action: <value in [log, block, exempt]>
fortiguard-category: <value of string>
name: <value of string>
max-body-len: <value of integer>
status: <value in [disable, enable]>
authentication: <value in [domain-controller, ldap]>
ldap: <value of string>
ftgd-wf:
exempt-quota: <value of string>
filters:
-
action: <value in [block, monitor, warning, ...]>
auth-usr-grp: <value of string>
category: <value of string>
id: <value of integer>
log: <value in [disable, enable]>
override-replacemsg: <value of string>
warn-duration: <value of string>
warning-duration-type: <value in [session, timeout]>
warning-prompt: <value in [per-domain, per-category]>
max-quota-timeout: <value of integer>
options:
- error-allow
- http-err-detail
- rate-image-urls
- strict-blocking
- rate-server-ip
- redir-block
- connect-request-bypass
- log-all-url
- ftgd-disable
ovrd: <value of string>
quota:
-
category: <value of string>
duration: <value of string>
id: <value of integer>
override-replacemsg: <value of string>
type: <value in [time, traffic]>
unit: <value in [B, KB, MB, ...]>
value: <value of integer>
rate-crl-urls: <value in [disable, enable]>
rate-css-urls: <value in [disable, enable]>
rate-image-urls: <value in [disable, enable]>
rate-javascript-urls: <value in [disable, enable]>
override:
ovrd-cookie: <value in [deny, allow]>
ovrd-dur: <value of string>
ovrd-dur-mode: <value in [constant, ask]>
ovrd-scope: <value in [user, user-group, ip, ...]>
ovrd-user-group: <value of string>
profile: <value of string>
profile-attribute: <value in [User-Name, User-Password, CHAP-Password, ...]>
profile-type: <value in [list, radius]>
url-extraction:
redirect-header: <value of string>
redirect-no-content: <value in [disable, enable]>
redirect-url: <value of string>
server-fqdn: <value of string>
status: <value in [disable, enable]>
web:
blacklist: <value in [disable, enable]>
bword-table: <value of string>
bword-threshold: <value of integer>
content-header-list: <value of string>
keyword-match: <value of string>
log-search: <value in [disable, enable]>
safe-search:
- google
- yahoo
- bing
- url
- header
urlfilter-table: <value of string>
whitelist:
- exempt-av
- exempt-webcontent
- exempt-activex-java-cookie
- exempt-dlp
- exempt-rangeblock
- extended-log-others
youtube-restrict: <value in [strict, none, moderate]>
allowlist:
- exempt-av
- exempt-webcontent
- exempt-activex-java-cookie
- exempt-dlp
- exempt-rangeblock
- extended-log-others
blocklist: <value in [disable, enable]>
vimeo-restrict: <value of string>
request_url: description: The full url requested returned: always sample: /sys/login/user type: str response_code: description: The status of api request returned: always sample: 0 type: int response_message: description: The descriptive message of the api response returned: always sample: OK. type: str