Try SpotterLog field exclusion configuration.
| "added in version" 1.0.0 of dux_fortinet.fortianalyzer_dev"
Authors: Xinwei Du (@dux-fortinet), Link Zheng (@chillancezen), Jie Xue (@JieX19), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install dux_fortinet.fortianalyzer_dev:==1.4.0
collections:
- name: dux_fortinet.fortianalyzer_dev
version: 1.4.0This module is able to configure a FortiAnalyzer device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Example playbook
connection: httpapi
hosts: fortianalyzers
tasks:
- name: Log field exclusion configuration.
fortinet.fortianalyzer.faz_cli_system_logforward_logfieldexclusion:
cli_system_logforward_logfieldexclusion:
dev_type: FortiGate
field_list: dstepid
id: 1
log_type: app-ctrl
log_forward: 1
state: present
vars:
ansible_httpapi_port: 443
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
state:
choices:
- present
- absent
description: The directive to create, update or delete an object
required: true
type: str
log_path:
default: /tmp/fortianalyzer.ansible.log
description:
- The path to save log. Used if enable_log is true.
- Please use absolute path instead of relative path.
- If the log_path setting is incorrect, the log will be saved in /tmp/fortianalyzer.ansible.log
required: false
type: str
rc_failed:
description: the rc codes list with which the conditions to fail will be overriden
elements: int
required: false
type: list
enable_log:
default: false
description: Enable/Disable logging for task
required: false
type: bool
log-forward:
description: Deprecated, please use "log_forward"
type: str
log_forward:
description: The parameter (log-forward) in requested url.
type: str
access_token:
description: The token to access FortiManager without using username and password.
required: false
type: str
rc_succeeded:
description: the rc codes list with which the conditions to succeed will be overriden
elements: int
required: false
type: list
proposed_method:
choices:
- set
- update
- add
description: The overridden method for the underlying Json RPC request
required: false
type: str
bypass_validation:
default: false
description: only set to True when module schema diffs with FortiAnalyzer API structure,
module continues to execute without validating parameters
required: false
type: bool
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
required: false
type: str
cli_system_logforward_logfieldexclusion:
description: The top level parameters set.
required: false
suboptions:
dev-type:
choices:
- FortiGate
- FortiManager
- Syslog
- FortiMail
- FortiWeb
- FortiCache
- FortiAnalyzer
- FortiSandbox
- FortiDDoS
- FortiNAC
- FortiDeceptor
- FortiFirewall
- FortiADC
- FortiClient
- FortiAuthenticator
- FortiProxy
- FortiIsolator
- FortiEDR
- FortiPAM
- FortiCASB
- FortiToken
description:
- Device type.
- FortiGate - FortiGate Device
- FortiManager - FortiManager Device
- Syslog - Syslog Device
- FortiMail - FortiMail Device
- FortiWeb - FortiWeb Device
- FortiCache - FortiCache Device
- FortiAnalyzer - FortiAnalyzer Device
- FortiSandbox - FortiSandbox Device
- FortiDDoS - FortiDDoS Device
- FortiNAC - FortiNAC Device
- FortiDeceptor - FortiDeceptor Device
type: str
field-list:
description: List of fields to be excluded.
type: str
id:
description: Log field exclusion ID.
type: int
log-type:
choices:
- app-ctrl
- appevent
- attack
- content
- dlp
- emailfilter
- event
- generic
- history
- traffic
- virus
- voip
- webfilter
- netscan
- waf
- gtp
- dns
- ssh
- ssl
- file-filter
- Asset
- protocol
- ANY-TYPE
- fct-event
- fct-traffic
- fct-netscan
- ztna
- security
description:
- Log type.
- app-ctrl - Application Control
- appevent - APPEVENT
- attack - Attack
- content - DLP Archive
- dlp - Data Leak Prevention
- emailfilter - Email Filter
- event - Event
- generic - Generic
- history - Mail Statistics
- traffic - Traffic
- virus - Virus
- voip - VoIP
- webfilter - Web Filter
- netscan - Network Scan
- waf - WAF
- gtp - GTP
- dns - Domain Name System
- ssh - SSH
- ssl - SSL
- file-filter - FFLT
- Asset - Asset
- protocol - PROTOCOL
- ANY-TYPE - Any log type
type: str
type: dict
meta:
contains:
request_url:
description: The full url requested
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request
returned: always
sample: 0
type: int
response_data:
description: The api response
returned: always
type: list
response_message:
description: The descriptive message of the api response
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current fortianalyzer version.
returned: complex
type: list