lix_fortinet / lix_fortinet.fortios / 102.2.120 / module / fortios_log_memory_filter Filters for memory buffer in Fortinet's FortiOS and FortiGate. | "added in version" 2.0.0 of lix_fortinet.fortios" Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communitylix_fortinet.fortios.fortios_log_memory_filter (102.2.120) — module
Install with ansible-galaxy collection install lix_fortinet.fortios:==102.2.120
collections: - name: lix_fortinet.fortios version: 102.2.120
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify log_memory feature and filter category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- hosts: fortigates collections: - fortinet.fortios connection: httpapi vars: vdom: "root" ansible_httpapi_use_ssl: yes ansible_httpapi_validate_certs: no ansible_httpapi_port: 443 tasks: - name: Filters for memory buffer. fortios_log_memory_filter: vdom: "{{ vdom }}" log_memory_filter: admin: "enable" anomaly: "enable" auth: "enable" cpu_memory_usage: "enable" dhcp: "enable" dns: "enable" event: "enable" filter: "<your_own_value>" filter_type: "include" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" id: "17" gtp: "enable" ha: "enable" ipsec: "enable" ldb_monitor: "enable" local_traffic: "enable" multicast_traffic: "enable" netscan_discovery: "<your_own_value>" netscan_vulnerability: "<your_own_value>" notification: "enable" pattern: "enable" ppp: "enable" radius: "enable" severity: "emergency" sniffer_traffic: "enable" ssh: "enable" sslvpn_log_adm: "enable" sslvpn_log_auth: "enable" sslvpn_log_session: "enable" system: "enable" vip_ssl: "enable" voip: "enable" wan_opt: "enable" wireless_activity: "enable" ztna_traffic: "enable"
vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str enable_log: default: false description: - Enable/Disable logging for task. required: false type: bool member_path: description: - Member attribute path to operate on. - Delimited by a slash character if there are more than one attribute. - Parameter marked with member_path is legitimate for doing member operation. type: str access_token: description: - Token-based authentication. Generated from GUI of Fortigate. required: false type: str member_state: choices: - present - absent description: - Add or delete a member under specified attribute path. - When member_state is specified, the state option is ignored. type: str log_memory_filter: default: null description: - Filters for memory buffer. suboptions: admin: choices: - enable - disable description: - Enable/disable admin login/logout logging. type: str anomaly: choices: - enable - disable description: - Enable/disable anomaly logging. type: str auth: choices: - enable - disable description: - Enable/disable firewall authentication logging. type: str cpu_memory_usage: choices: - enable - disable description: - Enable/disable CPU & memory usage logging every 5 minutes. type: str dhcp: choices: - enable - disable description: - Enable/disable DHCP service messages logging. type: str dns: choices: - enable - disable description: - Enable/disable detailed DNS event logging. type: str event: choices: - enable - disable description: - Enable/disable event logging. type: str filter: description: - Memory log filter. type: str filter_type: choices: - include - exclude description: - Include/exclude logs that match the filter. type: str forward_traffic: choices: - enable - disable description: - Enable/disable forward traffic logging. type: str free_style: description: - Free style filters. elements: dict suboptions: category: choices: - traffic - event - virus - webfilter - attack - spam - anomaly - voip - dlp - app-ctrl - waf - gtp - dns - ssh - ssl - file-filter - icap - ztna description: - Log category. type: str filter: description: - Free style filter string. type: str filter_type: choices: - include - exclude description: - Include/exclude logs that match the filter. type: str id: description: - Entry ID. type: int type: list gtp: choices: - enable - disable description: - Enable/disable GTP messages logging. type: str ha: choices: - enable - disable description: - Enable/disable HA logging. type: str ipsec: choices: - enable - disable description: - Enable/disable IPsec negotiation messages logging. type: str ldb_monitor: choices: - enable - disable description: - Enable/disable VIP real server health monitoring logging. type: str local_traffic: choices: - enable - disable description: - Enable/disable local in or out traffic logging. type: str multicast_traffic: choices: - enable - disable description: - Enable/disable multicast traffic logging. type: str netscan_discovery: description: - Enable/disable netscan discovery event logging. type: str netscan_vulnerability: description: - Enable/disable netscan vulnerability event logging. type: str notification: choices: - enable - disable description: - Enable/disable notification messages logging. type: str pattern: choices: - enable - disable description: - Enable/disable pattern update logging. type: str ppp: choices: - enable - disable description: - Enable/disable L2TP/PPTP/PPPoE logging. type: str radius: choices: - enable - disable description: - Enable/disable RADIUS messages logging. type: str severity: choices: - emergency - alert - critical - error - warning - notification - information - debug description: - Log every message above and including this severity level. type: str sniffer_traffic: choices: - enable - disable description: - Enable/disable sniffer traffic logging. type: str ssh: choices: - enable - disable description: - Enable/disable SSH logging. type: str sslvpn_log_adm: choices: - enable - disable description: - Enable/disable SSL administrator login logging. type: str sslvpn_log_auth: choices: - enable - disable description: - Enable/disable SSL user authentication logging. type: str sslvpn_log_session: choices: - enable - disable description: - Enable/disable SSL session logging. type: str system: choices: - enable - disable description: - Enable/disable system activity logging. type: str vip_ssl: choices: - enable - disable description: - Enable/disable VIP SSL logging. type: str voip: choices: - enable - disable description: - Enable/disable VoIP logging. type: str wan_opt: choices: - enable - disable description: - Enable/disable WAN optimization event logging. type: str wireless_activity: choices: - enable - disable description: - Enable/disable wireless activity event logging. type: str ztna_traffic: choices: - enable - disable description: - Enable/disable ztna traffic logging. type: str type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str