fortinet.fortimanager.fmgr_fmupdate_webspam_fgdsetting – Configure the FortiGuard run parameters.

From Get docs
Ansible/docs/2.11/collections/fortinet/fortimanager/fmgr fmupdate webspam fgdsetting module


fortinet.fortimanager.fmgr_fmupdate_webspam_fgdsetting – Configure the FortiGuard run parameters.

Note

This plugin is part of the fortinet.fortimanager collection (version 2.0.1).

To install it use: ansible-galaxy collection install fortinet.fortimanager.

To use it in a playbook, specify: fortinet.fortimanager.fmgr_fmupdate_webspam_fgdsetting.


New in version 2.10: of fortinet.fortimanager


Synopsis

  • This module is able to configure a FortiManager device.
  • Examples include all parameters and values which need to be adjusted to data sources before usage.

Parameters

Parameter Choices/Defaults Comments

bypass_validation

boolean

  • no

  • yes

only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters

fmupdate_webspam_fgdsetting

dictionary

the top level parameters set

as-cache

integer

Default:

300

Antispam service maximum memory usage in megabytes (Maximum = Physical memory-1024, 0: no limit, default = 300).

as-log

string

  • disable

  • nospam

  • all

Antispam log setting (default = nospam).

disable - Disable spam log.

nospam - Log non-spam events.

all - Log all spam lookups.

as-preload

string

  • disable

  • enable

Enable/disable preloading antispam database to memory (default = disable).

disable - Disable antispam database preload.

enable - Enable antispam database preload.

av-cache

integer

Default:

300

Antivirus service maximum memory usage, in megabytes (100 - 500, default = 300).

av-log

string

  • disable

  • novirus

  • all

Antivirus log setting (default = novirus).

disable - Disable virus log.

novirus - Log non-virus events.

all - Log all virus lookups.

av-preload

string

  • disable

  • enable

Enable/disable preloading antivirus database to memory (default = disable).

disable - Disable antivirus database preload.

enable - Enable antivirus database preload.

av2-cache

integer

Default:

800

Antispam service maximum memory usage in megabytes (Maximum = Physical memory-1024, 0: no limit, default = 800).

av2-log

string

  • disable

  • noav2

  • all

Outbreak prevention log setting (default = noav2).

disable - Disable av2 log.

noav2 - Log non-av2 events.

all - Log all av2 lookups.

av2-preload

string

  • disable

  • enable

Enable/disable preloading outbreak prevention database to memory (default = disable).

disable - Disable outbreak prevention database preload.

enable - Enable outbreak prevention database preload.

eventlog-query

string

  • disable

  • enable

Enable/disable record query to event-log besides fgd-log (default = disable).

disable - Record query to event-log besides fgd-log.

enable - Do not log to event-log.

fgd-pull-interval

integer

Default:

10

Fgd pull interval setting, in minutes (1 - 1440, default = 10).

fq-cache

integer

Default:

300

File query service maximum memory usage, in megabytes (100 - 500, default = 300).

fq-log

string

  • disable

  • nofilequery

  • all

File query log setting (default = nofilequery).

disable - Disable file query log.

nofilequery - Log non-file query events.

all - Log all file query events.

fq-preload

string

  • disable

  • enable

Enable/disable preloading file query database to memory (default = disable).

disable - Disable file query db preload.

enable - Enable file query db preload.

linkd-log

string

  • emergency
  • alert
  • critical
  • error
  • warn
  • notice
  • info

  • debug

  • disable

Linkd log setting (default = debug).

emergency - The unit is unusable.

alert - Immediate action is required

critical - Functionality is affected.

error - Functionality is probably affected.

warn - Functionality might be affected.

notice - Information about normal events.

info - General information.

debug - Debug information.

disable - Linkd logging is disabled.

max-client-worker

integer

Default:

0

max worker for tcp client connection (0~16: 0 means use cpu number up to 4).

max-log-quota

integer

Default:

6144

Maximum log quota setting, in megabytes (100 - 20480, default = 6144).

max-unrated-site

integer

Default:

500

Maximum number of unrated site in memory, in kilobytes(10 - 5120, default = 500).

restrict-as1-dbver

string

Restrict system update to indicated antispam(1) database version (character limit = 127).

restrict-as2-dbver

string

Restrict system update to indicated antispam(2) database version (character limit = 127).

restrict-as4-dbver

string

Restrict system update to indicated antispam(4) database version (character limit = 127).

restrict-av-dbver

string

Restrict system update to indicated antivirus database version (character limit = 127).

restrict-av2-dbver

string

Restrict system update to indicated outbreak prevention database version (character limit = 127).

restrict-fq-dbver

string

Restrict system update to indicated file query database version (character limit = 127).

restrict-wf-dbver

string

Restrict system update to indicated web filter database version (character limit = 127).

server-override

dictionary

no description

servlist

list / elements=string

no description

id

integer

Default:

0

Override server ID (1 - 10).

ip

string

Default:

"0.0.0.0"

IPv4 address of the override server.

ip6

string

Default:

"::"

IPv6 address of the override server.

port

integer

Default:

443

Port number to use when contacting FortiGuard (1 - 65535, default = 443).

service-type

list / elements=string

  • fgd
  • fgc
  • fsa

no description

status

string

  • disable

  • enable

Override status.

disable - Disable setting.

enable - Enable setting.

stat-log-interval

integer

Default:

60

Statistic log interval setting, in minutes (1 - 1440, default = 60).

stat-sync-interval

integer

Default:

60

Synchronization interval for statistic of unrated site in minutes (1 - 60, default = 60).

update-interval

integer

Default:

6

FortiGuard database update wait time if not enough delta files, in hours (2 - 24, default = 6).

update-log

string

  • disable

  • enable

Enable/disable update log setting (default = enable).

disable - Disable update log.

enable - Enable update log.

wf-cache

integer

Default:

0

Web filter service maximum memory usage, in megabytes (maximum = Physical memory-1024, 0 = no limit, default = 600).

wf-dn-cache-expire-time

integer

Default:

30

Web filter DN cache expire time, in minutes (1 - 1440, 0 = never, default = 30).

wf-dn-cache-max-number

integer

Default:

10000

Maximum number of Web filter DN cache (0 = disable, default = 10000).

wf-log

string

  • disable

  • nourl

  • all

Web filter log setting (default = nour1)

disable - Disable URL log.

nourl - Log non-URL events.

all - Log all URL lookups.

wf-preload

string

  • disable

  • enable

Enable/disable preloading the web filter database into memory (default = disable).

disable - Disable web filter database preload.

enable - Enable web filter database preload.

rc_failed

list / elements=string

the rc codes list with which the conditions to fail will be overriden

rc_succeeded

list / elements=string

the rc codes list with which the conditions to succeed will be overriden

state

string / required

  • present
  • absent

the directive to create, update or delete an object

workspace_locking_adom

string

the adom to lock for FortiManager running in workspace mode, the value can be global and others including root

workspace_locking_timeout

integer

Default:

300

the maximum time in seconds to wait for other user to release the workspace lock



Notes

Note

  • Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
  • To create or update an object, use state present directive.
  • To delete an object, use state absent directive.
  • Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded


Examples

- hosts: fortimanager-inventory
  collections:
    - fortinet.fortimanager
  connection: httpapi
  vars:
     ansible_httpapi_use_ssl: True
     ansible_httpapi_validate_certs: False
     ansible_httpapi_port: 443
  tasks:
   - name: Configure the FortiGuard run parameters.
     fmgr_fmupdate_webspam_fgdsetting:
        bypass_validation: False
        workspace_locking_adom: <value in [global, custom adom including root]>
        workspace_locking_timeout: 300
        rc_succeeded: [0, -2, -3, ...]
        rc_failed: [-2, -3, ...]
        fmupdate_webspam_fgdsetting:
           as-cache: <value of integer>
           as-log: <value in [disable, nospam, all]>
           as-preload: <value in [disable, enable]>
           av-cache: <value of integer>
           av-log: <value in [disable, novirus, all]>
           av-preload: <value in [disable, enable]>
           av2-cache: <value of integer>
           av2-log: <value in [disable, noav2, all]>
           av2-preload: <value in [disable, enable]>
           eventlog-query: <value in [disable, enable]>
           fgd-pull-interval: <value of integer>
           fq-cache: <value of integer>
           fq-log: <value in [disable, nofilequery, all]>
           fq-preload: <value in [disable, enable]>
           linkd-log: <value in [emergency, alert, critical, ...]>
           max-client-worker: <value of integer>
           max-log-quota: <value of integer>
           max-unrated-site: <value of integer>
           restrict-as1-dbver: <value of string>
           restrict-as2-dbver: <value of string>
           restrict-as4-dbver: <value of string>
           restrict-av-dbver: <value of string>
           restrict-av2-dbver: <value of string>
           restrict-fq-dbver: <value of string>
           restrict-wf-dbver: <value of string>
           server-override:
              servlist:
                -
                    id: <value of integer>
                    ip: <value of string>
                    ip6: <value of string>
                    port: <value of integer>
                    service-type:
                      - fgd
                      - fgc
                      - fsa
              status: <value in [disable, enable]>
           stat-log-interval: <value of integer>
           stat-sync-interval: <value of integer>
           update-interval: <value of integer>
           update-log: <value in [disable, enable]>
           wf-cache: <value of integer>
           wf-dn-cache-expire-time: <value of integer>
           wf-dn-cache-max-number: <value of integer>
           wf-log: <value in [disable, nourl, all]>
           wf-preload: <value in [disable, enable]>

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description

request_url

string

always

The full url requested


Sample:

/sys/login/user

response_code

integer

always

The status of api request


response_message

string

always

The descriptive message of the api response


Sample:

OK.




Authors

  • Link Zheng (@chillancezen)
  • Jie Xue (@JieX19)
  • Frank Shen (@fshen01)
  • Hongbin Lu (@fgtdev-hblu)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/fortinet/fortimanager/fmgr_fmupdate_webspam_fgdsetting_module.html


Retrieved from "https://getdocs.org/index.php?title=Ansible/docs/2.11/collections/fortinet/fortimanager/fmgr_fmupdate_webspam_fgdsetting_module&oldid=63608"
Powered by MediaWiki