fortinet.fortios.fortios_log_disk_setting – Settings for local disk logging in Fortinet’s FortiOS and FortiGate.
Note
This plugin is part of the fortinet.fortios collection (version 1.1.8).
To install it use: ansible-galaxy collection install fortinet.fortios
.
To use it in a playbook, specify: fortinet.fortios.fortios_log_disk_setting
.
New in version 2.8: of fortinet.fortios
Synopsis
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify log_disk feature and setting category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
Parameter | Choices/Defaults | Comments | |
---|---|---|---|
access_token string | Token-based authentication. Generated from GUI of Fortigate. | ||
log_disk_setting dictionary | Settings for local disk logging. | ||
diskfull string |
| Action to take when disk is full. The system can overwrite the oldest log messages or stop logging when the disk is full . | |
dlp_archive_quota integer | DLP archive quota (MB). | ||
full_final_warning_threshold integer | Log full final warning threshold as a percent (3 - 100). | ||
full_first_warning_threshold integer | Log full first warning threshold as a percent (1 - 98). | ||
full_second_warning_threshold integer | Log full second warning threshold as a percent (2 - 99). | ||
ips_archive string |
| Enable/disable IPS packet archiving to the local disk. | |
log_quota integer | Disk log quota (MB). | ||
max_log_file_size integer | Maximum log file size before rolling (1 - 100 Mbytes). | ||
max_policy_packet_capture_size integer | Maximum size of policy sniffer in MB (0 means unlimited). | ||
maximum_log_age integer | Delete log files older than (days). | ||
report_quota integer | Report quota (MB). | ||
roll_day string |
| Day of week on which to roll log file. | |
roll_schedule string |
| Frequency to check log file for rolling. | |
roll_time string | Time of day to roll the log file (hh:mm). | ||
source_ip string | Source IP address to use for uploading disk log files. | ||
status string |
| Enable/disable local disk logging. | |
upload string |
| Enable/disable uploading log files when they are rolled. | |
upload_delete_files string |
| Delete log files after uploading . | |
upload_destination string |
| The type of server to upload log files to. Only FTP is currently supported. | |
upload_ssl_conn string |
| Enable/disable encrypted FTPS communication to upload log files. | |
uploaddir string | The remote directory on the FTP server to upload log files to. | ||
uploadip string | IP address of the FTP server to upload log files to. | ||
uploadpass string | Password required to log into the FTP server to upload disk log files. | ||
uploadport integer | TCP port to use for communicating with the FTP server . | ||
uploadsched string |
| Set the schedule for uploading log files to the FTP server . | |
uploadtime string | Time of day at which log files are uploaded if uploadsched is enabled (hh:mm or hh). | ||
uploadtype string |
| Types of log files to upload. Separate multiple entries with a space. | |
uploaduser string | Username required to log into the FTP server to upload disk log files. | ||
vdom string | Default: "root" | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. |
Notes
Note
- Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks
Examples
- hosts: fortigates collections: - fortinet.fortios connection: httpapi vars: vdom: "root" ansible_httpapi_use_ssl: yes ansible_httpapi_validate_certs: no ansible_httpapi_port: 443 tasks: - name: Settings for local disk logging. fortios_log_disk_setting: vdom: "{{ vdom }}" log_disk_setting: diskfull: "overwrite" dlp_archive_quota: "4" full_final_warning_threshold: "5" full_first_warning_threshold: "6" full_second_warning_threshold: "7" ips_archive: "enable" log_quota: "9" max_log_file_size: "10" max_policy_packet_capture_size: "11" maximum_log_age: "12" report_quota: "13" roll_day: "sunday" roll_schedule: "daily" roll_time: "<your_own_value>" source_ip: "84.230.14.43" status: "enable" upload: "enable" upload_delete_files: "enable" upload_destination: "ftp-server" upload_ssl_conn: "default" uploaddir: "<your_own_value>" uploadip: "<your_own_value>" uploadpass: "<your_own_value>" uploadport: "26" uploadsched: "disable" uploadtime: "<your_own_value>" uploadtype: "traffic" uploaduser: "<your_own_value>"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
build string | always | Build number of the fortigate image Sample: 1547 |
http_method string | always | Last method used to provision the content into FortiGate Sample: PUT |
http_status string | always | Last result given by FortiGate on last operation applied Sample: 200 |
mkey string | success | Master key (id) used in the last call to FortiGate Sample: id |
name string | always | Name of the table used to fulfill the request Sample: urlfilter |
path string | always | Path of the table used to fulfill the request Sample: webfilter |
revision string | always | Internal revision number Sample: 17.0.2.10658 |
serial string | always | Serial number of the unit Sample: FGVMEVYYQT3AB5352 |
status string | always | Indication of the operation's result Sample: success |
vdom string | always | Virtual domain used Sample: root |
version string | always | Version of the FortiGate Sample: v5.6.3 |
Authors
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Hongbin Lu (@fgtdev-hblu)
- Frank Shen (@frankshen01)
- Miguel Angel Munoz (@mamunozgonzalez)
- Nicolas Thomas (@thomnico)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/fortinet/fortios/fortios_log_disk_setting_module.html