FortiAnalyzer Ansible Collection includes the modules that are able to configure FortiAnalyzer.
Documentation for the collection.
- Ansible 2.15.0 or newer is required to support the newer Ansible Collections format
- Python 3 is prefered when running Ansible with
fortinet.fortianalyzercollection.
This collection is distributed via ansible-galaxy, the installation steps are as follows:
- Install or upgrade to Ansible >= 2.15.0
- Download this collection from galaxy:
ansible-galaxy collection install fortinet.fortianalyzer:1.6.0
The collection provides the following modules:
faz_cli_exec_fgfm_reclaimdevtunnelReclaim management tunnel to device.Request without device name specified will reclaim tunnels for all managed devices.faz_cli_fmupdate_analyzer_virusreportSend virus detection notification to FortiGuard.faz_cli_fmupdate_avips_advancedlogEnable/disable logging of FortiGuard antivirus and IPS update packages received by FortiManagers built-in FortiGuard.faz_cli_fmupdate_avips_webproxyConfigure the web proxy for use with FortiGuard antivirus and IPS updates.faz_cli_fmupdate_customurllistConfigure the URL database for rating and filtering.faz_cli_fmupdate_diskquotaConfigure disk space available for use by the Upgrade Manager.faz_cli_fmupdate_fctservicesConfigure FortiGuard to provide services to FortiClient installations.faz_cli_fmupdate_fdssettingConfigure FortiGuard settings.faz_cli_fmupdate_fdssetting_pushoverrideEnable/disable push updates, and override the default IP address and port used by FortiGuard to send antivirus and IPS push messages...faz_cli_fmupdate_fdssetting_pushoverridetoclientEnable/disable push updates, and override the default IP address and port used by FortiGuard to send antivirus and IPS push messages...faz_cli_fmupdate_fdssetting_pushoverridetoclient_announceipAnnounce IP addresses for the device.faz_cli_fmupdate_fdssetting_serveroverrideServer override configure.faz_cli_fmupdate_fdssetting_serveroverride_servlistOverride server.faz_cli_fmupdate_fdssetting_updatescheduleConfigure the schedule when built-in FortiGuard retrieves antivirus and IPS updates.faz_cli_fmupdate_fwmsettingConfigure firmware management settings.faz_cli_fmupdate_fwmsetting_upgradetimeoutConfigure the timeout value of image upgrade process.faz_cli_fmupdate_multilayerConfigure multilayer mode.faz_cli_fmupdate_publicnetworkEnable/disable access to the public FortiGuard.faz_cli_fmupdate_serveraccessprioritiesConfigure priorities for FortiGate units accessing antivirus updates and web filtering services.faz_cli_fmupdate_serveraccesspriorities_privateserverConfigure multiple FortiManager units and private servers.faz_cli_fmupdate_serveroverridestatusConfigure strict/loose server override.faz_cli_fmupdate_serviceEnable/disable services provided by the built-in FortiGuard.faz_cli_fmupdate_webspam_fgdsettingConfigure the FortiGuard run parameters.faz_cli_fmupdate_webspam_fgdsetting_serveroverrideServer override configure.faz_cli_fmupdate_webspam_fgdsetting_serveroverride_servlistOverride server.faz_cli_fmupdate_webspam_webproxyConfigure the web proxy for use with FortiGuard antivirus and IPS updates.faz_cli_metafields_system_admin_userCli meta fields system admin user.faz_cli_system_admin_groupUser group.faz_cli_system_admin_group_memberGroup members.faz_cli_system_admin_ldapLDAP server entry configuration.faz_cli_system_admin_ldap_adomAdmin domain.faz_cli_system_admin_profileAdmin profile.faz_cli_system_admin_profile_datamaskcustomfieldsCustomized datamask fields.faz_cli_system_admin_profile_writepasswdprofilesProfile list.faz_cli_system_admin_profile_writepasswduserlistUser list.faz_cli_system_admin_radiusConfigure radius.faz_cli_system_admin_settingAdmin setting.faz_cli_system_admin_tacacsTACACS+ server entry configuration.faz_cli_system_admin_userAdmin user.faz_cli_system_admin_user_adomAdmin domain.faz_cli_system_admin_user_adomexcludeExcluding admin domain.faz_cli_system_admin_user_dashboardCustom dashboard widgets.faz_cli_system_admin_user_dashboardtabsCustom dashboard.faz_cli_system_admin_user_metadataConfigure meta data.faz_cli_system_admin_user_policypackagePolicy package access.faz_cli_system_admin_user_restrictdevvdomRestricted to these devices/VDOMs.faz_cli_system_alertconsoleAlert console.faz_cli_system_alertemailConfigure alertemail.faz_cli_system_alerteventAlert events.faz_cli_system_alertevent_alertdestinationAlert destination.faz_cli_system_autodeleteAutomatic deletion policy for logs, reports, archived, and quarantined files.faz_cli_system_autodelete_dlpfilesautodeletionAutomatic deletion policy for DLP archives.faz_cli_system_autodelete_logautodeletionAutomatic deletion policy for device logs.faz_cli_system_autodelete_quarantinefilesautodeletionAutomatic deletion policy for quarantined files.faz_cli_system_autodelete_reportautodeletionAutomatic deletion policy for reports.faz_cli_system_backup_allsettingsScheduled backup settings.faz_cli_system_centralmanagementCentral management configuration.faz_cli_system_certificate_caCA certificate.faz_cli_system_certificate_crlCertificate Revocation List.faz_cli_system_certificate_localLocal keys and certificates.faz_cli_system_certificate_oftpOFTP certificates and keys.faz_cli_system_certificate_remoteRemote certificate.faz_cli_system_certificate_sshSSH certificates and keys.faz_cli_system_connectorConfigure connector.faz_cli_system_csfAdd this device to a Security Fabric or set up a new Security Fabric on this device.faz_cli_system_csf_fabricconnectorFabric connector configuration.faz_cli_system_csf_trustedlistPre-authorized and blocked security fabric nodes.faz_cli_system_dnsDNS configuration.faz_cli_system_dockerDocker host.faz_cli_system_fipsSettings for FIPS-CC mode.faz_cli_system_fortiview_autocacheFortiView auto-cache settings.faz_cli_system_fortiview_settingFortiView settings.faz_cli_system_globalGlobal range attributes.faz_cli_system_guiactSystem settings through GUI.faz_cli_system_haHA configuration.faz_cli_system_ha_peerPeers.faz_cli_system_ha_privatepeerPeer.faz_cli_system_ha_vipVIPs.faz_cli_system_interfaceInterface configuration.faz_cli_system_interface_ipv6IPv6 of interface.faz_cli_system_interface_memberPhysical interfaces that belong to the aggregate or redundant interface.faz_cli_system_localinpolicyIPv4 local in policy configuration.faz_cli_system_localinpolicy6IPv6 local in policy configuration.faz_cli_system_locallog_disk_filterFilter for disk logging.faz_cli_system_locallog_disk_settingSettings for local disk logging.faz_cli_system_locallog_fortianalyzer2_filterFilter for FortiAnalyzer2 logging.faz_cli_system_locallog_fortianalyzer2_settingSettings for locallog to fortianalyzer.faz_cli_system_locallog_fortianalyzer3_filterFilter for FortiAnalyzer3 logging.faz_cli_system_locallog_fortianalyzer3_settingSettings for locallog to fortianalyzer.faz_cli_system_locallog_fortianalyzer_filterFilter for FortiAnalyzer logging.faz_cli_system_locallog_fortianalyzer_settingSettings for locallog to fortianalyzer.faz_cli_system_locallog_memory_filterFilter for memory logging.faz_cli_system_locallog_memory_settingSettings for memory buffer.faz_cli_system_locallog_settingSettings for locallog logging.faz_cli_system_locallog_syslogd2_filterFilter for syslog logging.faz_cli_system_locallog_syslogd2_settingSettings for remote syslog server.faz_cli_system_locallog_syslogd3_filterFilter for syslog logging.faz_cli_system_locallog_syslogd3_settingSettings for remote syslog server.faz_cli_system_locallog_syslogd_filterFilter for syslog logging.faz_cli_system_locallog_syslogd_settingSettings for remote syslog server.faz_cli_system_log_alertLog based alert settings.faz_cli_system_log_devicedisableDisable client device logging.faz_cli_system_log_fospolicystatsFortiOS policy statistics settings.faz_cli_system_log_interfacestatsInterface statistics settings.faz_cli_system_log_iocIoC settings.faz_cli_system_log_maildomainFortiMail domain setting.faz_cli_system_log_pcapfileLog pcap-file settings.faz_cli_system_log_ratelimitLogging rate limit.faz_cli_system_log_ratelimit_deviceDevice log rate limit.faz_cli_system_log_ratelimit_ratelimitsPer device or ADOM log rate limits.faz_cli_system_log_settingsLog settings.faz_cli_system_log_settings_rollinganalyzerLog rolling policy for Network Analyzer logs.faz_cli_system_log_settings_rollinglocalLog rolling policy for local logs.faz_cli_system_log_settings_rollingregularLog rolling policy for device logs.faz_cli_system_log_topologyLogging topology settings.faz_cli_system_log_uebaUEBAsettings.faz_cli_system_logfetch_clientprofileLog-fetch client profile settings.faz_cli_system_logfetch_clientprofile_devicefilterList of device filter.faz_cli_system_logfetch_clientprofile_logfilterLog content filters.faz_cli_system_logfetch_serversettingsLog-fetch server settings.faz_cli_system_logforwardLog forwarding.faz_cli_system_logforward_devicefilterLog aggregation client device filters.faz_cli_system_logforward_logfieldexclusionLog field exclusion configuration.faz_cli_system_logforward_logfilterLog content filters.faz_cli_system_logforward_logmaskingcustomLog field masking configuration.faz_cli_system_logforwardserviceLog forwarding service.faz_cli_system_mailAlert emails.faz_cli_system_metadata_adminsConfigure admins.faz_cli_system_ntpNTP settings.faz_cli_system_ntp_ntpserverNTP server.faz_cli_system_passwordpolicyPassword policy.faz_cli_system_report_autocacheReport auto-cache settings.faz_cli_system_report_estbrowsetimeReport estimated browse time settings.faz_cli_system_report_groupReport group.faz_cli_system_report_group_chartalternativeChart alternatives.faz_cli_system_report_group_groupbyGroup-by variables.faz_cli_system_report_settingReport settings.faz_cli_system_routeRouting table configuration.faz_cli_system_route6Routing table configuration.faz_cli_system_samlGlobal settings for SAML authentication.faz_cli_system_saml_fabricidpAuthorized identity providers.faz_cli_system_saml_serviceprovidersAuthorized service providers.faz_cli_system_snifferInterface sniffer.faz_cli_system_snmp_communitySNMP community configuration.faz_cli_system_snmp_community_hostsAllow hosts configuration.faz_cli_system_snmp_community_hosts6Allow hosts configuration for IPv6.faz_cli_system_snmp_sysinfoSNMP configuration.faz_cli_system_snmp_userSNMP user configuration.faz_cli_system_socfabricSOC Fabric.faz_cli_system_socfabric_trustedlistPre-authorized security fabric nodes.faz_cli_system_sqlSQL settings.faz_cli_system_sql_customindexList of SQL index fields.faz_cli_system_sql_customskipidxList of aditional SQL skip index fields.faz_cli_system_sql_tsindexfieldList of SQL text search index fields.faz_cli_system_sslciphersuitesConfigure preferred SSL/TLS cipher suites.faz_cli_system_syslogSyslog servers.faz_cli_system_webproxyConfigure system web proxy.faz_cli_system_workflow_approvalmatrixworkflow approval matrix.faz_cli_system_workflow_approvalmatrix_approverApprover.faz_dvm_cmd_add_deviceAdd a device to the Device Manager database.faz_dvm_cmd_add_devlistAdd multiple devices to the Device Manager database.faz_dvm_cmd_del_deviceDelete a device.faz_dvm_cmd_del_devlistDelete a list of devices.faz_dvm_cmd_import_devlistImport a list of ADOMs and devices.faz_dvmdb_adomADOM table, most attributes are read-only and can only be changed internally.faz_dvmdb_adom_objectmemberADOM table, most attributes are read-only and can only be changed internally.faz_dvmdb_deviceDevice table, most attributes are read-only and can only be changed internally.faz_dvmdb_device_vdomDevice VDOM table.faz_dvmdb_folderDevice manager database folder.faz_dvmdb_groupDevice group table.faz_dvmdb_group_objectmemberDevice group table.faz_report_config_chartConfig chart.faz_report_config_chart_drilldowntableConfig drill-down-table.faz_report_config_chart_tablecolumnsConfig table-columns.faz_report_config_chart_variabletemplateConfig variable-template.faz_report_config_datasetConfig dataset.faz_report_config_dataset_variableConfig variable.faz_report_config_layoutConfig layout.faz_report_config_layout_componentConfig component.faz_report_config_layout_component_variableConfig variable.faz_report_config_layout_footerConfig footer.faz_report_config_layout_headerConfig header.faz_report_config_layoutfolderConfig layout-folder.faz_report_config_macroConfig macro.faz_report_config_outputConfig output.faz_report_config_output_emailrecipientsConfig email-recipients.faz_report_config_scheduleConfig schedule.faz_report_config_schedule_addressfilterConfig address-filter.faz_report_config_schedule_devicesConfig devices.faz_report_config_schedule_filterConfig filter.faz_report_config_schedule_reportlayoutConfig report-layout.faz_report_configfile_importImport report config files.faz_report_graphfileHandle graph files.faz_report_graphfile_deleteHandle graph files.faz_report_reports_data_deleteHandle generated reports.faz_report_runStart report requests.faz_report_run_deleteHandle report requests by task ID.faz_report_template_deleteDelete report template language package files.faz_report_template_importImport report templates.faz_report_template_installInstall report template language packages from files.faz_sys_api_sdnconnectorQuery SDN connector data.faz_sys_generate_wsdlGenerate WSDL for specific module and objects.faz_sys_login_challengeAnswer a log in challenge question, used following a login/user or login/challenge command.faz_sys_login_userLog into the device with user name and password.faz_sys_logoutLog out a session.faz_sys_proxy_jsonSend and receive JSON request to/from managed devices.faz_sys_rebootRestart FortiAnalyzer.faz_um_image_upgradeThe older API for updating the firmware of specific device.faz_um_image_upgrade_extUpdate the firmware of specific device.
FortiManager Ansible Collection follows GNU General Public License v3.0.