Try SpotterConfigure Web filter profiles.
| "added in version" 2.10 of fortinet.fortimanager"
Authors: Frank Shen (@fshen01), Link Zheng (@zhengl)
preview | supported by community
Install with ansible-galaxy collection install fortinet.fortimanager:==1.0.5
collections:
- name: fortinet.fortimanager
version: 1.0.5This module is able to configure a FortiManager device by allowing the user to [ add get set update ] the following apis.
/pm/config/adom/{adom}/obj/webfilter/profile
/pm/config/global/obj/webfilter/profile
Examples include all parameters and values need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: REQUESTING /PM/CONFIG/OBJ/WEBFILTER/PROFILE
fmgr_webfilter_profile:
loose_validation: False
workspace_locking_adom: <value in [global, custom adom]>
workspace_locking_timeout: 300
method: <value in [add, set, update]>
url_params:
adom: <value in [none, global, custom dom]>
params:
-
data:
-
comment: <value of string>
extended-log: <value in [disable, enable]>
https-replacemsg: <value in [disable, enable]>
inspection-mode: <value in [proxy, flow-based, dns]>
log-all-url: <value in [disable, enable]>
name: <value of string>
options:
- <value in [block-invalid-url, jscript, js, ...]>
ovrd-perm:
- <value in [bannedword-override, urlfilter-override, fortiguard-wf-override, ...]>
post-action: <value in [normal, comfort, block]>
replacemsg-group: <value of string>
web-content-log: <value in [disable, enable]>
web-extended-all-action-log: <value in [disable, enable]>
web-filter-activex-log: <value in [disable, enable]>
web-filter-applet-log: <value in [disable, enable]>
web-filter-command-block-log: <value in [disable, enable]>
web-filter-cookie-log: <value in [disable, enable]>
web-filter-cookie-removal-log: <value in [disable, enable]>
web-filter-js-log: <value in [disable, enable]>
web-filter-jscript-log: <value in [disable, enable]>
web-filter-referer-log: <value in [disable, enable]>
web-filter-unknown-log: <value in [disable, enable]>
web-filter-vbs-log: <value in [disable, enable]>
web-ftgd-err-log: <value in [disable, enable]>
web-ftgd-quota-usage: <value in [disable, enable]>
web-invalid-domain-log: <value in [disable, enable]>
web-url-log: <value in [disable, enable]>
wisp: <value in [disable, enable]>
wisp-algorithm: <value in [auto-learning, primary-secondary, round-robin]>
wisp-servers: <value of string>
youtube-channel-filter:
-
channel-id: <value of string>
comment: <value of string>
id: <value of integer>
youtube-channel-status: <value in [disable, blacklist, whitelist]>
- name: REQUESTING /PM/CONFIG/OBJ/WEBFILTER/PROFILE
fmgr_webfilter_profile:
loose_validation: False
workspace_locking_adom: <value in [global, custom adom]>
workspace_locking_timeout: 300
method: <value in [get]>
url_params:
adom: <value in [none, global, custom dom]>
params:
-
attr: <value of string>
fields:
-
- <value in [comment, extended-log, https-replacemsg, ...]>
filter:
- <value of string>
get used: <value of integer>
loadsub: <value of integer>
option: <value in [count, object member, datasrc, ...]>
range:
- <value of integer>
sortings:
-
varidic.attr_name: <value in [1, -1]>
method:
choices:
- add
- get
- set
- update
description:
- The method in request
required: true
type: str
params:
description:
- The parameters for each method
- See full parameters list in https://ansible-galaxy-fortimanager-docs.readthedocs.io/en/latest
required: false
type: list
url_params:
description:
- The parameters for each API request URL
- Also see full URL parameters in https://ansible-galaxy-fortimanager-docs.readthedocs.io/en/latest
required: false
type: dict
loose_validation:
description:
- Do parameter validation in a loose way
required: false
type: bool
workspace_locking_adom:
description:
- the adom name to lock in case FortiManager running in workspace mode
- it can be global or any other custom adom names
required: false
type: str
workspace_locking_timeout:
default: 300
description:
- the maximum time in seconds to wait for other user to release the workspace lock
required: false
type: int
data: description: The payload returned in the request returned: always type: dict status: description: The status of api request returned: always type: dict url: description: The full url requested returned: always sample: /sys/login/user type: str