Try SpotterAlert events.
| "added in version" 2.0.0 of drmofu.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections:
- name: drmofu.fortimanager
version: 2.2.2This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager00
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Alert events.
fmgr_system_alertevent:
bypass_validation: False
state: present
system_alertevent:
enable-generic-text:
- enable
- disable
enable-severity-filter:
- enable
- disable
event-time-period: 1 #<value in [0.5, 1, 3, ...]>
name: ansible-test-sysalert
num-events: 1 #<value in [1, 5, 10, ...]>
severity-filter: high #<value in [high, medium-high, medium, ...]>
#severity-level-comp:
# - <=
severity-level-logs:
- no-check
- information
- notify
- warning
- error
- critical
- alert
- emergency
- name: gathering fortimanager facts
hosts: fortimanager00
gather_facts: no
connection: httpapi
collections:
- fortinet.fortimanager
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: retrieve all the alert events
fmgr_fact:
facts:
selector: 'system_alertevent'
params:
alert-event: 'your_value'
state:
choices:
- present
- absent
description: The directive to create, update or delete an object.
required: true
type: str
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
required: false
type: list
enable_log:
default: false
description: Enable/Disable logging for task.
required: false
type: bool
access_token:
description: The token to access FortiManager without using username and password.
required: false
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
required: false
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
required: false
type: str
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
required: false
type: bool
system_alertevent:
description: the top level parameters set
required: false
suboptions:
alert-destination:
description: Alert-Destination.
elements: dict
suboptions:
from:
description: Sender email address to use in alert emails.
type: str
smtp-name:
description: SMTP server name.
type: str
snmp-name:
description: SNMP trap name.
type: str
syslog-name:
description: Syslog server name.
type: str
to:
description: Recipient email address to use in alert emails.
type: str
type:
choices:
- mail
- snmp
- syslog
description:
- Destination type.
- mail - Send email alert.
- snmp - Send SNMP trap.
- syslog - Send syslog message.
type: str
type: list
enable-generic-text:
choices:
- enable
- disable
description: Enable/disable generic text match.
elements: str
type: list
enable-severity-filter:
choices:
- enable
- disable
description: Enable/disable alert severity filter.
elements: str
type: list
event-time-period:
choices:
- '0.5'
- '1'
- '3'
- '6'
- '12'
- '24'
- '72'
- '168'
description:
- Time period
- '0.'
- 1 - 1 hour.
- 3 - 3 hours.
- 6 - 6 hours.
- 12 - 12 hours.
- 24 - 1 day.
- 72 - 3 days.
- 168 - 1 week.
type: str
generic-text:
description: Text that must be contained in a log to trigger alert.
type: str
name:
description: Alert name.
type: str
num-events:
choices:
- '1'
- '5'
- '10'
- '50'
- '100'
description:
- Minimum number of events required within time period.
- 1 - 1 event.
- 5 - 5 events.
- 10 - 10 events.
- 50 - 50 events.
- 100 - 100 events.
type: str
severity-filter:
choices:
- high
- medium-high
- medium
- medium-low
- low
description:
- Required log severity to trigger alert.
- high - High level alert.
- medium-high - Medium-high level alert.
- medium - Medium level alert.
- medium-low - Medium-low level alert.
- low - Low level alert.
type: str
severity-level-comp:
choices:
- '>='
- '='
- <=
description: Log severity threshold comparison criterion.
elements: str
type: list
severity-level-logs:
choices:
- no-check
- information
- notify
- warning
- error
- critical
- alert
- emergency
description: Log severity threshold level.
elements: str
type: list
type: dict
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
required: false
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
required: false
type: str
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
required: false
type: int
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list