drmofu / drmofu.fortimanager / 2.2.2 / module / fmgr_antivirus_profile Configure AntiVirus profiles. | "added in version" 1.0.0 of drmofu.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communitydrmofu.fortimanager.fmgr_antivirus_profile (2.2.2) — module
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections: - name: drmofu.fortimanager version: 2.2.2
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: gathering fortimanager facts hosts: fortimanager00 gather_facts: no connection: httpapi collections: - fortinet.fortimanager vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: retrieve all the antivirus profiles fmgr_fact: facts: selector: 'antivirus_profile' params: adom: 'ansible' profile: 'your_value'
- hosts: fortimanager00 collections: - fortinet.fortimanager connection: httpapi vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: Configure AntiVirus profiles. fmgr_antivirus_profile: adom: ansible state: present antivirus_profile: analytics-db: disable analytics-max-upload: 20 av-block-log: disable av-virus-log: disable comment: 'test comment' extended-log: disable ftgd-analytics: disable inspection-mode: proxy mobile-malware-db: disable name: 'antivirus-profile' scan-mode: quick
adom: description: the parameter (adom) in requested url required: true type: str state: choices: - present - absent description: The directive to create, update or delete an object. required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int required: false type: list enable_log: default: false description: Enable/Disable logging for task. required: false type: bool access_token: description: The token to access FortiManager without using username and password. required: false type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int required: false type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. required: false type: str antivirus_profile: description: the top level parameters set required: false suboptions: analytics-accept-filetype: description: Only submit files matching this DLP file-pattern to FortiSandbox. type: str analytics-bl-filetype: description: Only submit files matching this DLP file-pattern to FortiSandbox. type: str analytics-db: choices: - disable - enable description: Enable/disable using the FortiSandbox signature database to supplement the AV signature databases. type: str analytics-ignore-filetype: description: Do not submit files matching this DLP file-pattern to FortiSandbox. type: str analytics-max-upload: description: Maximum size of files that can be uploaded to FortiSandbox type: int analytics-wl-filetype: description: Do not submit files matching this DLP file-pattern to FortiSandbox. type: str av-block-log: choices: - disable - enable description: Enable/disable logging for AntiVirus file blocking. type: str av-virus-log: choices: - disable - enable description: Enable/disable AntiVirus logging. type: str cifs: description: no description required: false suboptions: archive-block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to block. elements: str type: list archive-log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to log. elements: str type: list av-scan: choices: - disable - monitor - block description: Enable AntiVirus scan service. type: str emulator: choices: - disable - enable description: Enable/disable the virus emulator. type: str external-blocklist: choices: - disable - monitor - block description: Enable external-blocklist. type: str fortiai: choices: - disable - monitor - block description: Enable/disable scanning of files by FortiAI. type: str fortindr: choices: - disable - block - monitor description: Enable scanning of files by FortiNDR. type: str fortisandbox: choices: - disable - block - monitor description: Enable scanning of files by FortiSandbox. type: str options: choices: - scan - quarantine - avmonitor description: Enable/disable CIFS AntiVirus scanning, monitoring, and quarantine. elements: str type: list outbreak-prevention: choices: - disabled - files - full-archive - disable - block - monitor description: Enable Virus Outbreak Prevention service. type: str quarantine: choices: - disable - enable description: Enable/disable quarantine for infected files. type: str type: dict comment: description: Comment. type: str content-disarm: description: no description required: false suboptions: cover-page: choices: - disable - enable description: Enable/disable inserting a cover page into the disarmed document. type: str detect-only: choices: - disable - enable description: Enable/disable only detect disarmable files, do not alter content. type: str error-action: choices: - block - log-only - ignore description: Action to be taken if CDR engine encounters an unrecoverable error. type: str office-action: choices: - disable - enable description: Enable/disable stripping of PowerPoint action events in Microsoft Office documents. type: str office-dde: choices: - disable - enable description: Enable/disable stripping of Dynamic Data Exchange events in Microsoft Office documents. type: str office-embed: choices: - disable - enable description: Enable/disable stripping of embedded objects in Microsoft Office documents. type: str office-hylink: choices: - disable - enable description: Enable/disable stripping of hyperlinks in Microsoft Office documents. type: str office-linked: choices: - disable - enable description: Enable/disable stripping of linked objects in Microsoft Office documents. type: str office-macro: choices: - disable - enable description: Enable/disable stripping of macros in Microsoft Office documents. type: str original-file-destination: choices: - fortisandbox - quarantine - discard description: Destination to send original file if active content is removed. type: str pdf-act-form: choices: - disable - enable description: Enable/disable stripping of PDF document actions that submit data to other targets. type: str pdf-act-gotor: choices: - disable - enable description: Enable/disable stripping of PDF document actions that access other PDF documents. type: str pdf-act-java: choices: - disable - enable description: Enable/disable stripping of PDF document actions that execute JavaScript code. type: str pdf-act-launch: choices: - disable - enable description: Enable/disable stripping of PDF document actions that launch other applications. type: str pdf-act-movie: choices: - disable - enable description: Enable/disable stripping of PDF document actions that play a movie. type: str pdf-act-sound: choices: - disable - enable description: Enable/disable stripping of PDF document actions that play a sound. type: str pdf-embedfile: choices: - disable - enable description: Enable/disable stripping of embedded files in PDF documents. type: str pdf-hyperlink: choices: - disable - enable description: Enable/disable stripping of hyperlinks from PDF documents. type: str pdf-javacode: choices: - disable - enable description: Enable/disable stripping of JavaScript code in PDF documents. type: str type: dict ems-threat-feed: choices: - disable - enable description: Enable/disable use of EMS threat feed when performing AntiVirus scan. type: str extended-log: choices: - disable - enable description: Enable/disable extended logging for antivirus. type: str external-blocklist: description: One or more external malware block lists. type: str external-blocklist-archive-scan: choices: - disable - enable description: Enable/disable external-blocklist archive scanning. type: str external-blocklist-enable-all: choices: - disable - enable description: Enable/disable all external blocklists. type: str feature-set: choices: - proxy - flow description: Flow/proxy feature set. type: str fortiai-error-action: choices: - block - log-only - ignore description: Action to take if FortiAI encounters an error. type: str fortiai-timeout-action: choices: - block - log-only - ignore description: Action to take if FortiAI encounters a scan timeout. type: str fortindr-error-action: choices: - log-only - block - ignore description: Action to take if FortiNDR encounters an error. type: str fortindr-timeout-action: choices: - log-only - block - ignore description: Action to take if FortiNDR encounters a scan timeout. type: str fortisandbox-error-action: choices: - log-only - block - ignore description: Action to take if FortiSandbox inline scan encounters an error. type: str fortisandbox-max-upload: description: Maximum size of files that can be uploaded to FortiSandbox. type: int fortisandbox-mode: choices: - inline - analytics-suspicious - analytics-everything description: FortiSandbox scan modes. type: str fortisandbox-timeout-action: choices: - log-only - block - ignore description: Action to take if FortiSandbox inline scan encounters a scan timeout. type: str ftgd-analytics: choices: - disable - suspicious - everything description: Settings to control which files are uploaded to FortiSandbox. type: str ftp: description: no description required: false suboptions: archive-block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to block. elements: str type: list archive-log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to log. elements: str type: list av-scan: choices: - disable - monitor - block description: Enable AntiVirus scan service. type: str emulator: choices: - disable - enable description: Enable/disable the virus emulator. type: str external-blocklist: choices: - disable - monitor - block description: Enable external-blocklist. type: str fortiai: choices: - disable - monitor - block description: Enable/disable scanning of files by FortiAI. type: str fortindr: choices: - disable - block - monitor description: Enable scanning of files by FortiNDR. type: str fortisandbox: choices: - disable - block - monitor description: Enable scanning of files by FortiSandbox. type: str options: choices: - scan - file-filter - quarantine - avquery - avmonitor description: Enable/disable FTP AntiVirus scanning, monitoring, and quarantine. elements: str type: list outbreak-prevention: choices: - disabled - files - full-archive - disable - block - monitor description: Enable Virus Outbreak Prevention service. type: str quarantine: choices: - disable - enable description: Enable/disable quarantine for infected files. type: str type: dict http: description: no description required: false suboptions: archive-block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to block. elements: str type: list archive-log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to log. elements: str type: list av-optimize: choices: - disable - enable description: no description type: str av-scan: choices: - disable - monitor - block description: Enable AntiVirus scan service. type: str content-disarm: choices: - disable - enable description: Enable Content Disarm and Reconstruction for this protocol. type: str emulator: choices: - disable - enable description: Enable/disable the virus emulator. type: str external-blocklist: choices: - disable - monitor - block description: Enable external-blocklist. type: str fortiai: choices: - disable - monitor - block description: Enable/disable scanning of files by FortiAI. type: str fortindr: choices: - disable - block - monitor description: Enable scanning of files by FortiNDR. type: str fortisandbox: choices: - disable - block - monitor description: Enable scanning of files by FortiSandbox. type: str options: choices: - scan - file-filter - quarantine - avquery - avmonitor - strict-file description: Enable/disable HTTP AntiVirus scanning, monitoring, and quarantine. elements: str type: list outbreak-prevention: choices: - disabled - files - full-archive - disable - block - monitor description: Enable Virus Outbreak Prevention service. type: str quarantine: choices: - disable - enable description: Enable/disable quarantine for infected files. type: str unknown-content-encoding: choices: - block - inspect - bypass description: Configure the action the FortiGate unit will take on unknown content-encoding. type: str type: dict imap: description: no description required: false suboptions: archive-block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to block. elements: str type: list archive-log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to log. elements: str type: list av-scan: choices: - disable - monitor - block description: Enable AntiVirus scan service. type: str content-disarm: choices: - disable - enable description: Enable Content Disarm and Reconstruction for this protocol. type: str emulator: choices: - disable - enable description: Enable/disable the virus emulator. type: str executables: choices: - default - virus description: Treat Windows executable files as viruses for the purpose of blocking or monitoring. type: str external-blocklist: choices: - disable - monitor - block description: Enable external-blocklist. type: str fortiai: choices: - disable - monitor - block description: Enable/disable scanning of files by FortiAI. type: str fortindr: choices: - disable - block - monitor description: Enable scanning of files by FortiNDR. type: str fortisandbox: choices: - disable - block - monitor description: Enable scanning of files by FortiSandbox. type: str options: choices: - scan - file-filter - quarantine - avquery - avmonitor description: Enable/disable IMAP AntiVirus scanning, monitoring, and quarantine. elements: str type: list outbreak-prevention: choices: - disabled - files - full-archive - disable - block - monitor description: Enable Virus Outbreak Prevention service. type: str quarantine: choices: - disable - enable description: Enable/disable quarantine for infected files. type: str type: dict inspection-mode: choices: - proxy - flow-based description: Inspection mode. type: str mapi: description: no description required: false suboptions: archive-block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to block. elements: str type: list archive-log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to log. elements: str type: list av-scan: choices: - disable - monitor - block description: Enable AntiVirus scan service. type: str emulator: choices: - disable - enable description: Enable/disable the virus emulator. type: str executables: choices: - default - virus description: Treat Windows executable files as viruses for the purpose of blocking or monitoring. type: str external-blocklist: choices: - disable - monitor - block description: Enable external-blocklist. type: str fortiai: choices: - disable - monitor - block description: Enable/disable scanning of files by FortiAI. type: str fortindr: choices: - disable - block - monitor description: Enable scanning of files by FortiNDR. type: str fortisandbox: choices: - disable - block - monitor description: Enable scanning of files by FortiSandbox. type: str options: choices: - scan - quarantine - avquery - avmonitor description: Enable/disable MAPI AntiVirus scanning, monitoring, and quarantine. elements: str type: list outbreak-prevention: choices: - disabled - files - full-archive - disable - block - monitor description: Enable Virus Outbreak Prevention service. type: str quarantine: choices: - disable - enable description: Enable/disable quarantine for infected files. type: str type: dict mobile-malware-db: choices: - disable - enable description: Enable/disable using the mobile malware signature database. type: str nac-quar: description: no description required: false suboptions: expiry: description: Duration of quarantine. type: str infected: choices: - none - quar-src-ip - quar-interface description: Enable/Disable quarantining infected hosts to the banned user list. type: str log: choices: - disable - enable description: Enable/disable AntiVirus quarantine logging. type: str type: dict name: description: Profile name. type: str nntp: description: no description required: false suboptions: archive-block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to block. elements: str type: list archive-log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to log. elements: str type: list av-scan: choices: - disable - monitor - block description: Enable AntiVirus scan service. type: str emulator: choices: - disable - enable description: Enable/disable the virus emulator. type: str external-blocklist: choices: - disable - monitor - block description: Enable external-blocklist. type: str fortiai: choices: - disable - monitor - block description: Enable/disable scanning of files by FortiAI. type: str fortindr: choices: - disable - block - monitor description: Enable scanning of files by FortiNDR. type: str fortisandbox: choices: - disable - block - monitor description: Enable scanning of files by FortiSandbox. type: str options: choices: - scan - file-filter - quarantine - avquery - avmonitor description: Enable/disable NNTP AntiVirus scanning, monitoring, and quarantine. elements: str type: list outbreak-prevention: choices: - disabled - files - full-archive - disable - block - monitor description: Enable Virus Outbreak Prevention service. type: str quarantine: choices: - disable - enable description: Enable/disable quarantine for infected files. type: str type: dict outbreak-prevention: description: no description required: false suboptions: external-blocklist: choices: - disable - enable description: Enable/disable external malware blocklist. type: str ftgd-service: choices: - disable - enable description: Enable/disable FortiGuard Virus outbreak prevention service. type: str type: dict outbreak-prevention-archive-scan: choices: - disable - enable description: Enable/disable outbreak-prevention archive scanning. type: str pop3: description: no description required: false suboptions: archive-block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to block. elements: str type: list archive-log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to log. elements: str type: list av-scan: choices: - disable - monitor - block description: Enable AntiVirus scan service. type: str content-disarm: choices: - disable - enable description: Enable Content Disarm and Reconstruction for this protocol. type: str emulator: choices: - disable - enable description: Enable/disable the virus emulator. type: str executables: choices: - default - virus description: Treat Windows executable files as viruses for the purpose of blocking or monitoring. type: str external-blocklist: choices: - disable - monitor - block description: Enable external-blocklist. type: str fortiai: choices: - disable - monitor - block description: Enable/disable scanning of files by FortiAI. type: str fortindr: choices: - disable - block - monitor description: Enable scanning of files by FortiNDR. type: str fortisandbox: choices: - disable - block - monitor description: Enable scanning of files by FortiSandbox. type: str options: choices: - scan - file-filter - quarantine - avquery - avmonitor description: Enable/disable POP3 AntiVirus scanning, monitoring, and quarantine. elements: str type: list outbreak-prevention: choices: - disabled - files - full-archive - disable - block - monitor description: Enable Virus Outbreak Prevention service. type: str quarantine: choices: - disable - enable description: Enable/disable quarantine for infected files. type: str type: dict replacemsg-group: description: Replacement message group customized for this profile. type: str scan-mode: choices: - quick - full - legacy - default description: Choose between full scan mode and quick scan mode. type: str smb: description: no description required: false suboptions: archive-block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: description elements: str type: list archive-log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: description elements: str type: list emulator: choices: - disable - enable description: Enable/disable the virus emulator. type: str options: choices: - scan - quarantine - avquery - avmonitor description: description elements: str type: list outbreak-prevention: choices: - disabled - files - full-archive description: Enable FortiGuard Virus Outbreak Prevention service. type: str type: dict smtp: description: no description required: false suboptions: archive-block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to block. elements: str type: list archive-log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to log. elements: str type: list av-scan: choices: - disable - monitor - block description: Enable AntiVirus scan service. type: str content-disarm: choices: - disable - enable description: Enable Content Disarm and Reconstruction for this protocol. type: str emulator: choices: - disable - enable description: Enable/disable the virus emulator. type: str executables: choices: - default - virus description: Treat Windows executable files as viruses for the purpose of blocking or monitoring. type: str external-blocklist: choices: - disable - monitor - block description: Enable external-blocklist. type: str fortiai: choices: - disable - monitor - block description: Enable/disable scanning of files by FortiAI. type: str fortindr: choices: - disable - block - monitor description: Enable scanning of files by FortiNDR. type: str fortisandbox: choices: - disable - block - monitor description: Enable scanning of files by FortiSandbox. type: str options: choices: - scan - file-filter - quarantine - avquery - avmonitor description: Enable/disable SMTP AntiVirus scanning, monitoring, and quarantine. elements: str type: list outbreak-prevention: choices: - disabled - files - full-archive - disable - block - monitor description: Enable Virus Outbreak Prevention service. type: str quarantine: choices: - disable - enable description: Enable/disable quarantine for infected files. type: str type: dict ssh: description: no description required: false suboptions: archive-block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to block. elements: str type: list archive-log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: Select the archive types to log. elements: str type: list av-scan: choices: - disable - monitor - block description: Enable AntiVirus scan service. type: str emulator: choices: - disable - enable description: Enable/disable the virus emulator. type: str external-blocklist: choices: - disable - monitor - block description: Enable external-blocklist. type: str fortiai: choices: - disable - monitor - block description: Enable/disable scanning of files by FortiAI. type: str fortindr: choices: - disable - block - monitor description: Enable scanning of files by FortiNDR. type: str fortisandbox: choices: - disable - block - monitor description: Enable scanning of files by FortiSandbox. type: str options: choices: - avmonitor - quarantine - scan description: Enable/disable SFTP and SCP AntiVirus scanning, monitoring, and quarantine. elements: str type: list outbreak-prevention: choices: - disabled - files - full-archive - disable - block - monitor description: Enable Virus Outbreak Prevention service. type: str quarantine: choices: - disable - enable description: Enable/disable quarantine for infected files. type: str type: dict type: dict bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. required: false type: bool workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. required: false type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. required: false type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. required: false type: int
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list