Try SpotterAnomaly name.
| "added in version" 2.0.0 of drmofu.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections:
- name: drmofu.fortimanager
version: 2.2.2This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: gathering fortimanager facts
hosts: fortimanager00
gather_facts: no
connection: httpapi
collections:
- fortinet.fortimanager
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: retrieve all the anomaly names of IPv4 DoS policy
fmgr_fact:
facts:
selector: 'pkg_firewall_dospolicy_anomaly'
params:
adom: 'ansible'
pkg: 'ansible' # package name
DoS-policy: '1' # policyid
anomaly: 'your_value'
- hosts: fortimanager00
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Anomaly name.
fmgr_pkg_firewall_dospolicy_anomaly:
bypass_validation: False
adom: ansible
pkg: ansible # package name
DoS-policy: 1 # policyid
state: present
pkg_firewall_dospolicy_anomaly:
action: pass #<value in [pass, block, proxy]>
log: enable
name: ansible-test-anomaly
quarantine: none #<value in [none, attacker, both, ...]>
status: disable
pkg:
description: the parameter (pkg) in requested url
required: true
type: str
adom:
description: the parameter (adom) in requested url
required: true
type: str
state:
choices:
- present
- absent
description: The directive to create, update or delete an object.
required: true
type: str
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
required: false
type: list
DoS-policy:
description: the parameter (DoS-policy) in requested url
required: true
type: str
enable_log:
default: false
description: Enable/Disable logging for task.
required: false
type: bool
access_token:
description: The token to access FortiManager without using username and password.
required: false
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
required: false
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
required: false
type: str
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
required: false
type: bool
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
required: false
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
required: false
type: str
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
required: false
type: int
pkg_firewall_dospolicy_anomaly:
description: the top level parameters set
required: false
suboptions:
action:
choices:
- pass
- block
- proxy
description: Action taken when the threshold is reached.
type: str
log:
choices:
- disable
- enable
description: Enable/disable logging for this anomaly.
type: str
name:
description: Anomaly name.
type: str
quarantine:
choices:
- none
- attacker
- both
- interface
description: Quarantine method.
type: str
quarantine-expiry:
description: Duration of quarantine, from 1 minute to 364 days, 23 hours, and
59 minutes from now.
type: str
quarantine-log:
choices:
- disable
- enable
description: Enable/disable quarantine logging.
type: str
status:
choices:
- disable
- enable
description: Enable/disable the active status of this anomaly sensor.
type: str
synproxy-tcp-mss:
choices:
- '0'
- '256'
- '512'
- '1024'
- '1300'
- '1360'
- '1460'
- '1500'
description: Determine TCP maximum segment size
type: str
synproxy-tcp-sack:
choices:
- disable
- enable
description: enable/disable TCP selective acknowledage
type: str
synproxy-tcp-timestamp:
choices:
- disable
- enable
description: enable/disable TCP timestamp option for packets replied by syn proxy
module.
type: str
synproxy-tcp-window:
choices:
- '4096'
- '8192'
- '16384'
- '32768'
description: Determine TCP Window size for packets replied by syn proxy module.
type: str
synproxy-tcp-windowscale:
choices:
- '0'
- '1'
- '2'
- '3'
- '4'
- '5'
- '6'
- '7'
- '8'
- '9'
- '10'
- '11'
- '12'
- '13'
- '14'
description: Determine TCP window scale option value for packets replied by syn
proxy module.
type: str
synproxy-tos:
choices:
- '0'
- '10'
- '12'
- '14'
- '18'
- '20'
- '22'
- '26'
- '28'
- '30'
- '34'
- '36'
- '38'
- '40'
- '46'
- '255'
description: Determine TCP differentiated services code point value
type: str
synproxy-ttl:
choices:
- '32'
- '64'
- '128'
- '255'
description: Determine Time to live
type: str
synproxy_tcp_mss:
choices:
- '0'
- '256'
- '512'
- '1024'
- '1300'
- '1360'
- '1460'
- '1500'
description: Determine TCP maximum segment size
type: str
synproxy_tcp_sack:
choices:
- disable
- enable
description: enable/disable TCP selective acknowledage
type: str
synproxy_tcp_timestamp:
choices:
- disable
- enable
description: enable/disable TCP timestamp option for packets replied by syn proxy
module.
type: str
synproxy_tcp_window:
choices:
- '4096'
- '8192'
- '16384'
- '32768'
description: Determine TCP Window size for packets replied by syn proxy module.
type: str
synproxy_tcp_windowscale:
choices:
- '0'
- '1'
- '2'
- '3'
- '4'
- '5'
- '6'
- '7'
- '8'
- '9'
- '10'
- '11'
- '12'
- '13'
- '14'
description: Determine TCP window scale option value for packets replied by syn
proxy module.
type: str
synproxy_tos:
choices:
- '0'
- '10'
- '12'
- '14'
- '18'
- '20'
- '22'
- '26'
- '28'
- '30'
- '34'
- '36'
- '38'
- '40'
- '46'
- '255'
description: Determine TCP differentiated services code point value
type: str
synproxy_ttl:
choices:
- '32'
- '64'
- '128'
- '255'
description: Determine Time to live
type: str
threshold:
description: Number of detected instances per minute which triggers action
type: int
threshold(default):
description: no description
type: int
type: dict
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list