source: fortios_log_fact.py
orphan

fortios_log_fact -- Retrieve Log Data of Fortios Log Objects.

2.10

Synopsis

Collects log data from network devices running the fortios operating system. This module will only collect the log data specified in the playbook.

Requirements

The below requirements are needed on the host that executes this module.

install galaxy collection fortinet.fortios >= 2.1.0.

Parameters

vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str required: False default: root
enable_log - Enable/Disable logging for task. type: bool required: False default: False
access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: False

filters - A list of expressions to filter the returned results. type: list required: False more...

Filter item must be in the following format: [key][operator][pattern], operators could be found in the table:

`Operator`	`Case sensitive`	`Description`
==	Yes	Pattern must be identical to the value.
=*	No	Pattern must be identical to the value.
!=	Yes	Pattern does not match the value.
!*	No	Pattern does not match the value.
=@	No	Pattern found within value.
!@	No	Pattern not found within value.
<=	n/a	Value must be less than or equal to pattern.
<	n/a	Value must be less than pattern.
>=	n/a	Value must be greater than or equal to pattern.
>	n/a	Value must be greater than pattern.

sorters - A list of expressions to sort the returned results. type: list required: False more...
Sorter item must be a [key] followed by a ,asc or ,dsc order derective.
examples: name,asc to sort the result by name in ascending order; vlanid,asc to sort the result by vlanid in descending order.
formatters - A list of fields to display for returned results. type: list required: False
selector - selector of the retrieved log data type: str choices:
Show full selector list...
- disk_anomaly_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_app-ctrl_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
  - roll - Log roll number. (required if source is not fortianalyzer) type: int
  - mkey - Archive identifier. type: int
- disk_app-ctrl_archive-download - Download an archived file.
  - roll - Log roll number (required if source is not fortianalyzer). type: int
  - mkey - Archive identifier. type: int
  - filename - File name to use when saving the file in the browser. type: string
- disk_app-ctrl_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_cifs_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_dlp_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_dns_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_emailfilter_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_event_compliance-check - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_event_connector - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_event_endpoint - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_event_fortiextender - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_event_ha - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_event_router - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_event_security-rating - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_event_system - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_event_user - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_event_vpn - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_event_wad - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_event_wireless - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_file-filter_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_gtp_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_ips_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
  - roll - Log roll number. (required if source is not fortianalyzer) type: int
  - mkey - Archive identifier. type: int
- disk_ips_archive-download - Download an archived file.
  - roll - Log roll number (required if source is not fortianalyzer). type: int
  - mkey - Archive identifier. type: int
  - filename - File name to use when saving the file in the browser. type: string
- disk_ips_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_ssh_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_ssl_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_traffic_fortiview - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_traffic_forward - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_traffic_local - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_traffic_multicast - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_traffic_sniffer - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_traffic_threat - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_virus_archive - Return a description of the quarantined virus file.
  - mkey - checksum column from the virus log. type: int
  - filename - Filename of the antivirus archive. (virus type only) type: string
- disk_virus_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_voip_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_waf_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- disk_webfilter_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_anomaly_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_app-ctrl_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
  - roll - Log roll number. (required if source is not fortianalyzer) type: int
  - mkey - Archive identifier. type: int
- fortianalyzer_app-ctrl_archive-download - Download an archived file.
  - roll - Log roll number (required if source is not fortianalyzer). type: int
  - mkey - Archive identifier. type: int
  - filename - File name to use when saving the file in the browser. type: string
- fortianalyzer_app-ctrl_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_cifs_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_dlp_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_dns_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_emailfilter_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_event_compliance-check - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_event_connector - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_event_endpoint - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_event_fortiextender - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_event_ha - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_event_router - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_event_security-rating - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_event_system - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_event_user - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_event_vpn - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_event_wad - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_event_wireless - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_file-filter_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_gtp_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_ips_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
  - roll - Log roll number. (required if source is not fortianalyzer) type: int
  - mkey - Archive identifier. type: int
- fortianalyzer_ips_archive-download - Download an archived file.
  - roll - Log roll number (required if source is not fortianalyzer). type: int
  - mkey - Archive identifier. type: int
  - filename - File name to use when saving the file in the browser. type: string
- fortianalyzer_ips_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_ssh_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_ssl_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_traffic_fortiview - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_traffic_forward - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_traffic_local - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_traffic_multicast - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_traffic_sniffer - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_traffic_threat - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_virus_archive - Return a description of the quarantined virus file.
  - mkey - checksum column from the virus log. type: int
  - filename - Filename of the antivirus archive. (virus type only) type: string
- fortianalyzer_virus_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_voip_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_waf_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- fortianalyzer_webfilter_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_anomaly_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_app-ctrl_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
  - roll - Log roll number. (required if source is not fortianalyzer) type: int
  - mkey - Archive identifier. type: int
- forticloud_app-ctrl_archive-download - Download an archived file.
  - roll - Log roll number (required if source is not fortianalyzer). type: int
  - mkey - Archive identifier. type: int
  - filename - File name to use when saving the file in the browser. type: string
- forticloud_app-ctrl_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_cifs_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_dlp_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_dns_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_emailfilter_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_event_compliance-check - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_event_connector - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_event_endpoint - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_event_fortiextender - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_event_ha - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_event_router - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_event_security-rating - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_event_system - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_event_user - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_event_vpn - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_event_wad - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_event_wireless - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_file-filter_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_gtp_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_ips_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
  - roll - Log roll number. (required if source is not fortianalyzer) type: int
  - mkey - Archive identifier. type: int
- forticloud_ips_archive-download - Download an archived file.
  - roll - Log roll number (required if source is not fortianalyzer). type: int
  - mkey - Archive identifier. type: int
  - filename - File name to use when saving the file in the browser. type: string
- forticloud_ips_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_ssh_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_ssl_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_traffic_fortiview - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_traffic_forward - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_traffic_local - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_traffic_multicast - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_traffic_sniffer - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_traffic_threat - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_virus_archive - Return a description of the quarantined virus file.
  - mkey - checksum column from the virus log. type: int
  - filename - Filename of the antivirus archive. (virus type only) type: string
- forticloud_virus_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_voip_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_waf_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- forticloud_webfilter_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_anomaly_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_app-ctrl_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
  - roll - Log roll number. (required if source is not fortianalyzer) type: int
  - mkey - Archive identifier. type: int
- memory_app-ctrl_archive-download - Download an archived file.
  - roll - Log roll number (required if source is not fortianalyzer). type: int
  - mkey - Archive identifier. type: int
  - filename - File name to use when saving the file in the browser. type: string
- memory_app-ctrl_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_cifs_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_dlp_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_dns_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_emailfilter_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_event_compliance-check - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_event_connector - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_event_endpoint - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_event_fortiextender - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_event_ha - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_event_router - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_event_security-rating - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_event_system - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_event_user - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_event_vpn - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_event_wad - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_event_wireless - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_file-filter_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_gtp_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_ips_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
  - roll - Log roll number. (required if source is not fortianalyzer) type: int
  - mkey - Archive identifier. type: int
- memory_ips_archive-download - Download an archived file.
  - roll - Log roll number (required if source is not fortianalyzer). type: int
  - mkey - Archive identifier. type: int
  - filename - File name to use when saving the file in the browser. type: string
- memory_ips_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_ssh_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_ssl_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_traffic_fortiview - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_traffic_forward - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_traffic_local - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_traffic_multicast - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_traffic_sniffer - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_traffic_threat - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
  - rows - Number of rows to return. type: int
  - extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_virus_archive - Return a description of the quarantined virus file.
  - mkey - checksum column from the virus log. type: int
  - filename - Filename of the antivirus archive. (virus type only) type: string
- memory_virus_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_voip_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_waf_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
- memory_webfilter_raw - Log data for the given log type in raw format.
  - rows - Number of rows to return. type: int
  - serial_no - Retrieve log from the specified device. type: string
  - session_id - Provide a session_id to continue getting data for that request. type: int
  - filter - Filter expression(s). type: string
  - start - Row number for the first row to return. type: int
  - is_ha_member - Is the specified device an HA member. type: boolean
params - the parameter for each selector, see definition in above list.type: dict

Notes

Note

Different selector may have different parameters, users are expected to look up them for a specific selector.
For some selectors, the objects are global, no params are allowed to appear.
Not all parameters are required for a slector.
This module is exclusivly for FortiOS monitor API.
The result of API request is stored in results.
There are three filtering parameters: filters, sorters and formatters, please see filtering spec for more information.

Examples

- hosts: fortigate03
  connection: httpapi
  collections:
  - fortinet.fortios
  vars:
   vdom: "root"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 443
  tasks:
  - name: Get system event log with logid==0100032038
    fortios_log_fact:
      filters:
        - logid==0100032038
      selector: "disk_event_system"
      params:
        rows: 100

  - name: Get a description of the quarantined virus file
    fortios_log_fact:
      selector: "forticloud_virus_archive"

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

build - Build number of the fortigate image returned: always type: str sample: 1547
rows - Number of rows to return returned: always type: int sample: 400
serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
session_id - Session id for the request returned: always type: int sample: 7
start - Row number for the first row to return returned: always type: int sample: 0
status - Indication of the operation's result returned: always type: str sample: success
subcategory - Type of log that can be retrieved returned: always type: str sample: system
total_lines - Total lines returned from the result returned: always type: int sample: 510
vdom - Virtual domain used returned: always type: str sample: root
version - Version of the FortiGate returned: always type: str sample: v5.6.3

Status

This module is not guaranteed to have a backwards compatible interface.

Authors

Link Zheng (@chillancezen)
Jie Xue (@JieX19)
Hongbin Lu (@fgtdev-hblu)
Frank Shen (@fshen01)

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fortios_log_fact.rst

fortios_log_fact.rst

fortios_log_fact -- Retrieve Log Data of Fortios Log Objects.

Synopsis

Requirements

Parameters

Show full selector list...

Notes

Examples

Return Values

Status

Authors

Files

fortios_log_fact.rst

Latest commit

History

fortios_log_fact.rst

File metadata and controls

fortios_log_fact -- Retrieve Log Data of Fortios Log Objects.

Synopsis

Requirements

Parameters

Show full selector list...

Notes

Examples

Return Values

Status

Authors