fortinet.fortimanager.fmgr_fmupdate_webspam_fgdsetting – Configure the FortiGuard run parameters.
fortinet.fortimanager.fmgr_fmupdate_webspam_fgdsetting – Configure the FortiGuard run parameters.
Note
This plugin is part of the fortinet.fortimanager collection (version 2.0.1).
To install it use: ansible-galaxy collection install fortinet.fortimanager
.
To use it in a playbook, specify: fortinet.fortimanager.fmgr_fmupdate_webspam_fgdsetting
.
New in version 2.10: of fortinet.fortimanager
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values which need to be adjusted to data sources before usage.
Parameters
Parameter | Choices/Defaults | Comments | |||
---|---|---|---|---|---|
bypass_validation boolean |
|
only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters | |||
fmupdate_webspam_fgdsetting dictionary |
the top level parameters set | ||||
as-cache integer |
Default: 300 |
Antispam service maximum memory usage in megabytes (Maximum = Physical memory-1024, 0: no limit, default = 300). | |||
as-log string |
|
Antispam log setting (default = nospam). disable - Disable spam log. nospam - Log non-spam events. all - Log all spam lookups. | |||
as-preload string |
|
Enable/disable preloading antispam database to memory (default = disable). disable - Disable antispam database preload. enable - Enable antispam database preload. | |||
av-cache integer |
Default: 300 |
Antivirus service maximum memory usage, in megabytes (100 - 500, default = 300). | |||
av-log string |
|
Antivirus log setting (default = novirus). disable - Disable virus log. novirus - Log non-virus events. all - Log all virus lookups. | |||
av-preload string |
|
Enable/disable preloading antivirus database to memory (default = disable). disable - Disable antivirus database preload. enable - Enable antivirus database preload. | |||
av2-cache integer |
Default: 800 |
Antispam service maximum memory usage in megabytes (Maximum = Physical memory-1024, 0: no limit, default = 800). | |||
av2-log string |
|
Outbreak prevention log setting (default = noav2). disable - Disable av2 log. noav2 - Log non-av2 events. all - Log all av2 lookups. | |||
av2-preload string |
|
Enable/disable preloading outbreak prevention database to memory (default = disable). disable - Disable outbreak prevention database preload. enable - Enable outbreak prevention database preload. | |||
eventlog-query string |
|
Enable/disable record query to event-log besides fgd-log (default = disable). disable - Record query to event-log besides fgd-log. enable - Do not log to event-log. | |||
fgd-pull-interval integer |
Default: 10 |
Fgd pull interval setting, in minutes (1 - 1440, default = 10). | |||
fq-cache integer |
Default: 300 |
File query service maximum memory usage, in megabytes (100 - 500, default = 300). | |||
fq-log string |
|
File query log setting (default = nofilequery). disable - Disable file query log. nofilequery - Log non-file query events. all - Log all file query events. | |||
fq-preload string |
|
Enable/disable preloading file query database to memory (default = disable). disable - Disable file query db preload. enable - Enable file query db preload. | |||
linkd-log string |
|
Linkd log setting (default = debug). emergency - The unit is unusable. alert - Immediate action is required critical - Functionality is affected. error - Functionality is probably affected. warn - Functionality might be affected. notice - Information about normal events. info - General information. debug - Debug information. disable - Linkd logging is disabled. | |||
max-client-worker integer |
Default: 0 |
max worker for tcp client connection (0~16: 0 means use cpu number up to 4). | |||
max-log-quota integer |
Default: 6144 |
Maximum log quota setting, in megabytes (100 - 20480, default = 6144). | |||
max-unrated-site integer |
Default: 500 |
Maximum number of unrated site in memory, in kilobytes(10 - 5120, default = 500). | |||
restrict-as1-dbver string |
Restrict system update to indicated antispam(1) database version (character limit = 127). | ||||
restrict-as2-dbver string |
Restrict system update to indicated antispam(2) database version (character limit = 127). | ||||
restrict-as4-dbver string |
Restrict system update to indicated antispam(4) database version (character limit = 127). | ||||
restrict-av-dbver string |
Restrict system update to indicated antivirus database version (character limit = 127). | ||||
restrict-av2-dbver string |
Restrict system update to indicated outbreak prevention database version (character limit = 127). | ||||
restrict-fq-dbver string |
Restrict system update to indicated file query database version (character limit = 127). | ||||
restrict-wf-dbver string |
Restrict system update to indicated web filter database version (character limit = 127). | ||||
server-override dictionary |
no description | ||||
servlist list / elements=string |
no description | ||||
id integer |
Default: 0 |
Override server ID (1 - 10). | |||
ip string |
Default: "0.0.0.0" |
IPv4 address of the override server. | |||
ip6 string |
Default: "::" |
IPv6 address of the override server. | |||
port integer |
Default: 443 |
Port number to use when contacting FortiGuard (1 - 65535, default = 443). | |||
service-type list / elements=string |
|
no description | |||
status string |
|
Override status. disable - Disable setting. enable - Enable setting. | |||
stat-log-interval integer |
Default: 60 |
Statistic log interval setting, in minutes (1 - 1440, default = 60). | |||
stat-sync-interval integer |
Default: 60 |
Synchronization interval for statistic of unrated site in minutes (1 - 60, default = 60). | |||
update-interval integer |
Default: 6 |
FortiGuard database update wait time if not enough delta files, in hours (2 - 24, default = 6). | |||
update-log string |
|
Enable/disable update log setting (default = enable). disable - Disable update log. enable - Enable update log. | |||
wf-cache integer |
Default: 0 |
Web filter service maximum memory usage, in megabytes (maximum = Physical memory-1024, 0 = no limit, default = 600). | |||
wf-dn-cache-expire-time integer |
Default: 30 |
Web filter DN cache expire time, in minutes (1 - 1440, 0 = never, default = 30). | |||
wf-dn-cache-max-number integer |
Default: 10000 |
Maximum number of Web filter DN cache (0 = disable, default = 10000). | |||
wf-log string |
|
Web filter log setting (default = nour1) disable - Disable URL log. nourl - Log non-URL events. all - Log all URL lookups. | |||
wf-preload string |
|
Enable/disable preloading the web filter database into memory (default = disable). disable - Disable web filter database preload. enable - Enable web filter database preload. | |||
rc_failed list / elements=string |
the rc codes list with which the conditions to fail will be overriden | ||||
rc_succeeded list / elements=string |
the rc codes list with which the conditions to succeed will be overriden | ||||
state string / required |
|
the directive to create, update or delete an object | |||
workspace_locking_adom string |
the adom to lock for FortiManager running in workspace mode, the value can be global and others including root | ||||
workspace_locking_timeout integer |
Default: 300 |
the maximum time in seconds to wait for other user to release the workspace lock |
Notes
Note
- Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
- To create or update an object, use state present directive.
- To delete an object, use state absent directive.
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure the FortiGuard run parameters.
fmgr_fmupdate_webspam_fgdsetting:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
fmupdate_webspam_fgdsetting:
as-cache: <value of integer>
as-log: <value in [disable, nospam, all]>
as-preload: <value in [disable, enable]>
av-cache: <value of integer>
av-log: <value in [disable, novirus, all]>
av-preload: <value in [disable, enable]>
av2-cache: <value of integer>
av2-log: <value in [disable, noav2, all]>
av2-preload: <value in [disable, enable]>
eventlog-query: <value in [disable, enable]>
fgd-pull-interval: <value of integer>
fq-cache: <value of integer>
fq-log: <value in [disable, nofilequery, all]>
fq-preload: <value in [disable, enable]>
linkd-log: <value in [emergency, alert, critical, ...]>
max-client-worker: <value of integer>
max-log-quota: <value of integer>
max-unrated-site: <value of integer>
restrict-as1-dbver: <value of string>
restrict-as2-dbver: <value of string>
restrict-as4-dbver: <value of string>
restrict-av-dbver: <value of string>
restrict-av2-dbver: <value of string>
restrict-fq-dbver: <value of string>
restrict-wf-dbver: <value of string>
server-override:
servlist:
-
id: <value of integer>
ip: <value of string>
ip6: <value of string>
port: <value of integer>
service-type:
- fgd
- fgc
- fsa
status: <value in [disable, enable]>
stat-log-interval: <value of integer>
stat-sync-interval: <value of integer>
update-interval: <value of integer>
update-log: <value in [disable, enable]>
wf-cache: <value of integer>
wf-dn-cache-expire-time: <value of integer>
wf-dn-cache-max-number: <value of integer>
wf-log: <value in [disable, nourl, all]>
wf-preload: <value in [disable, enable]>
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
request_url string |
always |
The full url requested
Sample: /sys/login/user |
response_code integer |
always |
The status of api request
|
response_message string |
always |
The descriptive message of the api response
Sample: OK. |
Authors
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Frank Shen (@fshen01)
- Hongbin Lu (@fgtdev-hblu)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/fortinet/fortimanager/fmgr_fmupdate_webspam_fgdsetting_module.html