lix_fortinet / lix_fortinet.fortios / 102.2.120 / module / fortios_log_fortianalyzer_override_setting Override FortiAnalyzer settings in Fortinet's FortiOS and FortiGate. | "added in version" 2.0.0 of lix_fortinet.fortios" Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communitylix_fortinet.fortios.fortios_log_fortianalyzer_override_setting (102.2.120) — module
Install with ansible-galaxy collection install lix_fortinet.fortios:==102.2.120
collections: - name: lix_fortinet.fortios version: 102.2.120
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify log_fortianalyzer feature and override_setting category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- hosts: fortigates collections: - fortinet.fortios connection: httpapi vars: vdom: "root" ansible_httpapi_use_ssl: yes ansible_httpapi_validate_certs: no ansible_httpapi_port: 443 tasks: - name: Override FortiAnalyzer settings. fortios_log_fortianalyzer_override_setting: vdom: "{{ vdom }}" log_fortianalyzer_override_setting: __change_ip: "127" access_config: "enable" certificate: "<your_own_value> (source certificate.local.name)" certificate_verification: "enable" conn_timeout: "10" enc_algorithm: "high-medium" faz_type: "2147483647" hmac_algorithm: "sha256" interface: "<your_own_value> (source system.interface.name)" interface_select_method: "auto" ips_archive: "enable" max_log_rate: "0" mgmt_name: "<your_own_value>" monitor_failure_retry_period: "5" monitor_keepalive_period: "5" override: "enable" preshared_key: "<your_own_value>" priority: "default" reliable: "enable" serial: - name: "default_name_23" server: "192.168.100.40" source_ip: "84.230.14.43" ssl_min_proto_version: "default" status: "enable" upload_day: "<your_own_value>" upload_interval: "daily" upload_option: "store-and-upload" upload_time: "<your_own_value>" use_management_vdom: "enable"
vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str enable_log: default: false description: - Enable/Disable logging for task. required: false type: bool member_path: description: - Member attribute path to operate on. - Delimited by a slash character if there are more than one attribute. - Parameter marked with member_path is legitimate for doing member operation. type: str access_token: description: - Token-based authentication. Generated from GUI of Fortigate. required: false type: str member_state: choices: - present - absent description: - Add or delete a member under specified attribute path. - When member_state is specified, the state option is ignored. type: str log_fortianalyzer_override_setting: default: null description: - Override FortiAnalyzer settings. suboptions: __change_ip: description: - Hidden attribute. type: int access_config: choices: - enable - disable description: - Enable/disable FortiAnalyzer access to configuration and data. type: str certificate: description: - Certificate used to communicate with FortiAnalyzer. Source certificate.local.name. type: str certificate_verification: choices: - enable - disable description: - Enable/disable identity verification of FortiAnalyzer by use of certificate. type: str conn_timeout: description: - FortiAnalyzer connection time-out in seconds (for status and log buffer). type: int enc_algorithm: choices: - high-medium - high - low description: - Configure the level of SSL protection for secure communication with FortiAnalyzer. type: str faz_type: description: - Hidden setting index of FortiAnalyzer. type: int hmac_algorithm: choices: - sha256 - sha1 description: - OFTP login hash algorithm. type: str interface: description: - Specify outgoing interface to reach server. Source system.interface.name. type: str interface_select_method: choices: - auto - sdwan - specify description: - Specify how to select outgoing interface to reach server. type: str ips_archive: choices: - enable - disable description: - Enable/disable IPS packet archive logging. type: str max_log_rate: description: - FortiAnalyzer maximum log rate in MBps (0 = unlimited). type: int mgmt_name: description: - Hidden management name of FortiAnalyzer. type: str monitor_failure_retry_period: description: - Time between FortiAnalyzer connection retries in seconds (for status and log buffer). type: int monitor_keepalive_period: description: - Time between OFTP keepalives in seconds (for status and log buffer). type: int override: choices: - enable - disable description: - Enable/disable overriding FortiAnalyzer settings or use global settings. type: str preshared_key: description: - Preshared-key used for auto-authorization on FortiAnalyzer. type: str priority: choices: - default - low description: - Set log transmission priority. type: str reliable: choices: - enable - disable description: - Enable/disable reliable logging to FortiAnalyzer. type: str serial: description: - Serial numbers of the FortiAnalyzer. elements: dict suboptions: name: description: - Serial Number. type: str type: list server: description: - The remote FortiAnalyzer. type: str source_ip: description: - Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. type: str ssl_min_proto_version: choices: - default - SSLv3 - TLSv1 - TLSv1-1 - TLSv1-2 - TLSv1-3 description: - Minimum supported protocol version for SSL/TLS connections . type: str status: choices: - enable - disable description: - Enable/disable logging to FortiAnalyzer. type: str upload_day: description: - Day of week (month) to upload logs. type: str upload_interval: choices: - daily - weekly - monthly description: - Frequency to upload log files to FortiAnalyzer. type: str upload_option: choices: - store-and-upload - realtime - 1-minute - 5-minute description: - Enable/disable logging to hard disk and then uploading to FortiAnalyzer. type: str upload_time: description: - Time to upload logs (hh:mm). type: str use_management_vdom: choices: - enable - disable description: - Enable/disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer. type: str type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str