Try SpotterFilters for remote system server.
| "added in version" 1.0.0 of drmofu.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections:
- name: drmofu.fortimanager
version: 2.2.2This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Filters for remote system server.
fmgr_devprof_log_syslogd_filter:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
devprof: <your own value>
devprof_log_syslogd_filter:
severity: <value in [emergency, alert, critical, ...]>
anomaly: <value in [disable, enable]>
exclude-list:
-
category: <value in [app-ctrl, attack, dlp, ...]>
fields:
-
args: <value of string>
field: <value of string>
negate: <value in [disable, enable]>
id: <value of integer>
forward-traffic: <value in [disable, enable]>
free-style:
-
category: <value in [traffic, event, virus, ...]>
filter: <value of string>
filter-type: <value in [include, exclude]>
id: <value of integer>
gtp: <value in [disable, enable]>
local-traffic: <value in [disable, enable]>
multicast-traffic: <value in [disable, enable]>
sniffer-traffic: <value in [disable, enable]>
voip: <value in [disable, enable]>
ztna-traffic: <value in [disable, enable]>
filter-type: <value in [include, exclude]>
filter: <value of string>
cifs: <value in [disable, enable]>
ssl: <value in [disable, enable]>
dns: <value in [disable, enable]>
ssh: <value in [disable, enable]>
netscan-discovery: <value in [disable, enable]>
netscan-vulnerability: <value in [disable, enable]>
adom:
description: the parameter (adom) in requested url
required: true
type: str
devprof:
description: the parameter (devprof) in requested url
required: true
type: str
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
required: false
type: list
enable_log:
default: false
description: Enable/Disable logging for task.
required: false
type: bool
access_token:
description: The token to access FortiManager without using username and password.
required: false
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
required: false
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
required: false
type: str
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
required: false
type: bool
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
required: false
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
required: false
type: str
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
required: false
type: int
devprof_log_syslogd_filter:
description: the top level parameters set
required: false
suboptions:
anomaly:
choices:
- disable
- enable
description: Enable/disable anomaly logging.
type: str
cifs:
choices:
- disable
- enable
description: no description
type: str
dns:
choices:
- disable
- enable
description: Enable/disable detailed DNS event logging.
type: str
exclude-list:
description: description
elements: dict
suboptions:
category:
choices:
- app-ctrl
- attack
- dlp
- event
- traffic
- virus
- voip
- webfilter
- netscan
- spam
- anomaly
- waf
description: no description
type: str
fields:
description: description
elements: dict
suboptions:
args:
description: description
type: str
field:
description: no description
type: str
negate:
choices:
- disable
- enable
description: no description
type: str
type: list
id:
description: no description
type: int
type: list
filter:
description: Syslog filter.
type: str
filter-type:
choices:
- include
- exclude
description: Include/exclude logs that match the filter.
type: str
forward-traffic:
choices:
- disable
- enable
description: Enable/disable forward traffic logging.
type: str
free-style:
description: description
elements: dict
suboptions:
category:
choices:
- traffic
- event
- virus
- webfilter
- attack
- spam
- voip
- dlp
- app-ctrl
- anomaly
- waf
- gtp
- dns
- ssh
- ssl
- file-filter
- icap
- ztna
description: Log category.
type: str
filter:
description: Free style filter string.
type: str
filter-type:
choices:
- include
- exclude
description: Include/exclude logs that match the filter.
type: str
id:
description: Entry ID.
type: int
type: list
gtp:
choices:
- disable
- enable
description: Enable/disable GTP messages logging.
type: str
local-traffic:
choices:
- disable
- enable
description: Enable/disable local in or out traffic logging.
type: str
multicast-traffic:
choices:
- disable
- enable
description: Enable/disable multicast traffic logging.
type: str
netscan-discovery:
choices:
- disable
- enable
description: Enable/disable netscan discovery event logging.
type: str
netscan-vulnerability:
choices:
- disable
- enable
description: Enable/disable netscan vulnerability event logging.
type: str
severity:
choices:
- emergency
- alert
- critical
- error
- warning
- notification
- information
- debug
description: Lowest severity level to log.
type: str
sniffer-traffic:
choices:
- disable
- enable
description: Enable/disable sniffer traffic logging.
type: str
ssh:
choices:
- disable
- enable
description: Enable/disable SSH logging.
type: str
ssl:
choices:
- disable
- enable
description: no description
type: str
voip:
choices:
- disable
- enable
description: Enable/disable VoIP logging.
type: str
ztna-traffic:
choices:
- disable
- enable
description: Enable/disable ztna traffic logging.
type: str
type: dict
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list