lix_fortinet / lix_fortinet.fortios / 102.2.120 / module / fortios_log_fortianalyzer2_filter Filters for FortiAnalyzer in Fortinet's FortiOS and FortiGate. | "added in version" 2.0.0 of lix_fortinet.fortios" Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communitylix_fortinet.fortios.fortios_log_fortianalyzer2_filter (102.2.120) — module
Install with ansible-galaxy collection install lix_fortinet.fortios:==102.2.120
collections: - name: lix_fortinet.fortios version: 102.2.120
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify log_fortianalyzer2 feature and filter category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- hosts: fortigates collections: - fortinet.fortios connection: httpapi vars: vdom: "root" ansible_httpapi_use_ssl: yes ansible_httpapi_validate_certs: no ansible_httpapi_port: 443 tasks: - name: Filters for FortiAnalyzer. fortios_log_fortianalyzer2_filter: vdom: "{{ vdom }}" log_fortianalyzer2_filter: anomaly: "enable" dlp_archive: "enable" dns: "enable" filter: "<your_own_value>" filter_type: "include" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" id: "13" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" netscan_discovery: "<your_own_value>" netscan_vulnerability: "<your_own_value>" severity: "emergency" sniffer_traffic: "enable" ssh: "enable" voip: "enable" ztna_traffic: "enable"
vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str enable_log: default: false description: - Enable/Disable logging for task. required: false type: bool member_path: description: - Member attribute path to operate on. - Delimited by a slash character if there are more than one attribute. - Parameter marked with member_path is legitimate for doing member operation. type: str access_token: description: - Token-based authentication. Generated from GUI of Fortigate. required: false type: str member_state: choices: - present - absent description: - Add or delete a member under specified attribute path. - When member_state is specified, the state option is ignored. type: str log_fortianalyzer2_filter: default: null description: - Filters for FortiAnalyzer. suboptions: anomaly: choices: - enable - disable description: - Enable/disable anomaly logging. type: str dlp_archive: choices: - enable - disable description: - Enable/disable DLP archive logging. type: str dns: choices: - enable - disable description: - Enable/disable detailed DNS event logging. type: str filter: description: - FortiAnalyzer 2 log filter. type: str filter_type: choices: - include - exclude description: - Include/exclude logs that match the filter. type: str forward_traffic: choices: - enable - disable description: - Enable/disable forward traffic logging. type: str free_style: description: - Free style filters. elements: dict suboptions: category: choices: - traffic - event - virus - webfilter - attack - spam - anomaly - voip - dlp - app-ctrl - waf - gtp - dns - ssh - ssl - file-filter - icap - ztna description: - Log category. type: str filter: description: - Free style filter string. type: str filter_type: choices: - include - exclude description: - Include/exclude logs that match the filter. type: str id: description: - Entry ID. type: int type: list gtp: choices: - enable - disable description: - Enable/disable GTP messages logging. type: str local_traffic: choices: - enable - disable description: - Enable/disable local in or out traffic logging. type: str multicast_traffic: choices: - enable - disable description: - Enable/disable multicast traffic logging. type: str netscan_discovery: description: - Enable/disable netscan discovery event logging. type: str netscan_vulnerability: description: - Enable/disable netscan vulnerability event logging. type: str severity: choices: - emergency - alert - critical - error - warning - notification - information - debug description: - Log every message above and including this severity level. type: str sniffer_traffic: choices: - enable - disable description: - Enable/disable sniffer traffic logging. type: str ssh: choices: - enable - disable description: - Enable/disable SSH logging. type: str voip: choices: - enable - disable description: - Enable/disable VoIP logging. type: str ztna_traffic: choices: - enable - disable description: - Enable/disable ztna traffic logging. type: str type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str