You are reading an unmaintained version of the Ansible documentation. Unmaintained Ansible versions can contain unfixed security vulnerabilities (CVE). Please upgrade to a maintained version. See the latest Ansible documentation.

fortinet.fortios.fortios_configuration_fact module – Retrieve Facts of FortiOS Configurable Objects.

Note

This module is part of the fortinet.fortios collection (version 2.1.6).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install fortinet.fortios.

To use it in a playbook, specify: fortinet.fortios.fortios_configuration_fact.

New in version 2.0.0: of fortinet.fortios

Synopsis
Requirements
Parameters
Notes
Examples
Return Values

Synopsis 

Collects facts from network devices running the fortios operating system. This module places the facts gathered in the fact tree keyed by the respective resource name. This facts module will only collect those facts which user specified in playbook.

Requirements 

The below requirements are needed on the host that executes this module.

install galaxy collection fortinet.fortios >= 2.0.0.

Parameters 

Parameter	Comments
access_token string	Token-based authentication. Generated from GUI of Fortigate.
enable_log boolean	Enable/Disable logging for task. Choices: no ← (default) yes
filters list / elements=string	A list of expressions to filter the returned results. The items of the list are combined as LOGICAL AND with operator ampersand. One item itself could be concatenated with a comma as LOGICAL OR.
formatters list / elements=string	A list of fields to display for returned results.
params dictionary	the parameter for each selector, see definition in above list.
selector string	selector for retrieving the fortigate facts Choices: log_gui-display system_fortiguard-service router_route-map system_sso-admin wireless-controller_address vpn.ssl_monitor system.auto-update_status system_cmdb authentication_rule log.fortianalyzer_override-setting firewall.ssl_setting vpn.ipsec_phase2-interface router_key-chain system_ddns firewall_traffic-class system_replacemsg-group system_ftm-push system_sms-server firewall_central-snat-map firewall_multicast-address6 dlp_fp-sensitivity system.replacemsg_sslvpn ips_view-map firewall_pfcp system_pppoe-interface webfilter_categories firewall_addrgrp6 log.disk_filter system.session-info_full-stat firewall_proxy-address extender-controller_extender-profile emailfilter_block-allow-list router_bgp router_auth-path system_resource-limits system.replacemsg_auth system.autoupdate_schedule switch-controller.qos_ip-dscp-map firewall_local-in-policy6 log.fortianalyzer2_override-setting wireless-controller.hotspot20_h2qp-osu-provider-nai log.fortianalyzer_override-filter system.replacemsg_icap system_object-tagging spamfilter_profile switch-controller_remote-log router_rip switch-controller.security-policy_local-access vpn.ipsec.stats_tunnel log.fortianalyzer-cloud_override-filter firewall.shaper_traffic system_smc-ntp user_adgrp system_auto-script switch-controller_quarantine firewall.service_category system_standalone-cluster system_link-monitor switch-controller_stp-settings user_security-exempt-list log.fortianalyzer-cloud_setting switch-controller.qos_qos-policy firewall_sniffer wireless-controller_ssid-policy wireless-controller_wag-profile firewall_internet-service-reputation switch-controller_vlan system.replacemsg_mm7 system.replacemsg_mm4 firewall_internet-service system.replacemsg_mm3 system.replacemsg_mm1 firewall.iprope.appctrl_status firewall_vipgrp46 log.webtrends_filter application_name system_sso-forticloud-admin gtp_apngrp log_setting firewall_address6-template wireless-controller.hotspot20_anqp-3gpp-cellular wireless-controller.hotspot20_h2qp-wan-metric system_automation-action system.autoupdate_tunneling router_prefix-list6 webfilter_ips-urlfilter-setting wanopt_peer pfcp_message-filter switch-controller_network-monitor-settings system_alias file-filter_profile web-proxy_forward-server-group system_session-helper router_community-list wireless-controller_qos-profile extender_session-info firewall_dnstranslation vpn.ssl.web_portal firewall_internet-service-custom system.replacemsg_device-detection-portal wireless-controller_ble-profile firewall_internet-service-custom-group system.performance.firewall_statistics firewall_profile-group system_vxlan system.autoupdate_push-update firewall_address6 system.performance_top wireless-controller_vap-status wireless-controller_wids-profile emailfilter_bword log.fortiguard_filter firewall_ipv6-eh-filter switch-controller.ptp_settings endpoint-control_fctems user_device-category firewall_identity-based-route system.session-helper-info_list system_console certificate_local system_ntp webfilter_ftgd-local-cat report_layout log.tacacs+accounting3_setting wireless-controller_timers wireless-controller.hotspot20_icon log.tacacs+accounting2_filter log.memory_global-setting router_multicast-flow ssh-filter_profile system_fortisandbox system_dns64 system_virtual-wan-link ips_sensor firewall.wildcard-fqdn_custom router_static alertemail_setting user_peergrp user_fortitoken web-proxy_debug-url vpn.ike_gateway webfilter_override switch-controller_nac-device system_fsso-polling user_peer vpn.ssl.web_host-check-software gtp_message-filter-v0v1 switch-controller_lldp-profile switch-controller_dynamic-port-policy vpn.ssl.web_realm log.tacacs+accounting_setting user_nac-policy wireless-controller_snmp emailfilter_fortishield switch-controller.security-policy_captive-portal firewall_shaping-policy wireless-controller_wlchanlistlic log_custom-field switch-controller_mac-policy firewall_address certificate_crl firewall.ssh_setting switch-controller.auto-config_policy system_nd-proxy log.memory_setting system_alarm system_ips-urlfilter-dns6 wireless-controller_log extender_lte-carrier-by-mcc-mnc webfilter_ftgd-statistics hardware.npu.np6_ipsec-stats firewall_vendor-mac-summary system_cluster-sync wanopt_settings emailfilter_dnsbl endpoint-control_registered-forticlient system_dedicated-mgmt log.tacacs+accounting3_filter log.fortianalyzer-cloud_override-setting firewall_policy46 system.source-ip_status system_modem certificate_remote firewall_decrypted-traffic-mirror antivirus_settings switch-controller_storm-control-policy switch-controller_802-1X-settings system_session-ttl system_storage system_isf-queue-profile log.memory_filter firewall_auth-portal antivirus_notification user_ldap ips_global wanopt_remote-storage system_speed-test-schedule wireless-controller.hotspot20_qos-map system.session-info_ttl vpn_l2tp system_fortiai system_npu firewall_vip46 authentication_setting vpn.certificate_ocsp-server antivirus_heuristic spamfilter_bword system_custom-language web-proxy_explicit vpn.ipsec_concentrator wireless-controller_wtp-group log.tacacs+accounting2_setting system_vdom-sflow switch-controller_igmp-snooping waf_signature log.null-device_setting gtp_tunnel-limit ips_rule-settings firewall_access-proxy system.session-info_expectation spamfilter_options switch-controller.security-policy_802-1X system_np6 ips_decoder firewall_proute6 user_setting system.performance_status system_geoip-override vpn.ipsec_phase1 vpn.ipsec_phase2 wireless-controller.hotspot20_anqp-network-auth-type webfilter_ips-urlfilter-cache-setting firewall.ipmacbinding_setting log.fortianalyzer2_filter system.ip-conflict_status application_rule-settings switch-controller_flow-tracking log.syslogd4_filter system_speed-test-server firewall_acl system_proxy-arp webfilter_ftgd-local-rating switch-controller_snmp-user nsxt_setting ips_custom switch-controller_switch-interface-tag router_policy6 waf_sub-class web-proxy_forward-server log_eventfilter system_vdom-property switch-controller_traffic-sniffer firewall_security-policy system_external-resource user_exchange sctp-filter_profile system_ipv6-neighbor-cache vpn.ipsec.tunnel_details report_style log.syslogd2_override-filter wireless-controller_wtp wireless-controller_rf-analysis system_stp system_saml system.dhcp6_server emailfilter_profile hardware.npu.np6_sse-stats log.fortianalyzer3_override-filter hardware_status firewall_multicast-policy vpn_ocvpn system.replacemsg_mms spamfilter_bwl switch-controller_fortilink-settings system_arp firewall_internet-service-addition webfilter_status system_ips emailfilter_bwl system_password-policy report_dataset switch-controller_virtual-port-pool wireless-controller_setting system.3g-modem_custom wireless-controller.hotspot20_anqp-ip-address-type firewall_vipgrp firewall_city web-proxy_profile system_switch-interface router_isis firewall_policy log.syslogd_override-setting hardware_memory router_info system.performance.firewall_packet-distribution switch-controller_mac-sync-settings webfilter_content firewall_vipgrp6 switch-controller.initial-config_template spamfilter_mheader firewall.schedule_onetime vpn.status_pptp gtp_ie-allow-list log.fortianalyzer_setting videofilter_youtube-key vpn.ipsec.tunnel_name firewall_ippool6 wireless-controller_status system_central-management system.replacemsg_http vpn.status.ssl_list vpn.ipsec.tunnel_summary hardware.npu.np6_session-stats cifs_domain-controller firewall_policy6 system_zone system_vdom-dns firewall_multicast-address wireless-controller_wtp-profile vpn.ssl_settings router_ospf switch-controller.qos_queue-policy dpdk_cpus wireless-controller.hotspot20_h2qp-terms-and-conditions router_static6 ftp-proxy_explicit hardware.npu.np6_port-list system_fortimanager system.lldp_network-policy vpn.certificate_crl system.replacemsg_admin router_multicast webfilter_profile switch-controller_storm-control firewall_ssl-ssh-profile vpn.ssl_client gtp_ie-white-list firewall_country user_certificate log.disk_setting nsxt_service-chain dlp_filepattern firewall_acl6 firewall_ippool web-proxy_url-match vpn.status.ssl_hw-acceleration-status system_interface log.syslogd3_override-filter router_bfd switch-controller_custom-command firewall_internet-service-extension system.replacemsg_webproxy user_password-policy wireless-controller_inter-controller log.syslogd4_setting log.fortianalyzer_filter hardware_cpu switch-controller_switch-group user_fsso emailfilter_mheader firewall_vipgrp64 user_quarantine system_ips-urlfilter-dns wireless-controller_addrgrp system_fm wireless-controller_apcfg-profile system_global vpn.ipsec.stats_crypto wireless-controller.hotspot20_anqp-nai-realm system_physical-switch system_affinity-packet-redistribution system_status firewall_gtp log.fortiguard_override-setting firewall_proute videofilter_profile log.fortianalyzer3_setting system.auto-update_versions firewall_vip system_virtual-switch firewall_mms-profile wanopt_auth-group wanopt_webcache system.snmp_user firewall_ip-translation system_settings log.fortianalyzer2_setting wireless-controller_vap ipsec_tunnel wanopt_cache-service log.syslogd4_override-filter switch-controller_switch-log firewall_internet-service-group system.replacemsg_mail extender_modem-status system_replacemsg-image system_acme antivirus_quarantine log.fortianalyzer2_override-filter system.session-info_list vpn.certificate_ca endpoint-control_forticlient-registration-sync system_sdn-connector vpn.ssl.web_user-group-bookmark system_fortiguard-log-service endpoint-control_settings system_central-mgmt hardware_nic log.null-device_filter gtp_message-filter-v2 firewall.shaper_per-ip-shaper wireless-controller_utm-profile router_aspath-list firewall.schedule_group system_ipam firewall_internet-service-list system_dscp-based-priority dlp_sensitivity icap_server vpn.ipsec_phase1-interface authentication_scheme firewall_access-proxy-virtual-host gtp_apn-shaper log.fortianalyzer3_filter system_email-server log.tacacs+accounting_filter dlp_sensor application_list firewall_internet-service-append vpn.ssl.web_user-bookmark report_theme firewall.shaper_traffic-shaper switch-controller_traffic-policy system_csf dlp_settings log.syslogd_setting switch-controller.ptp_policy switch-controller_stp-instance wireless-controller.hotspot20_h2qp-advice-of-charge mgmt-data_status dnsfilter_profile user_device-access-list system_ha-monitor monitoring_npu-hpe system.replacemsg_nntp wireless-controller.hotspot20_anqp-venue-name system.snmp_sysinfo monitoring_np6-ipsec-engine application_custom ips_session system_api-user system.info.admin_ssh ips_rule spamfilter_fortishield log.fortianalyzer-cloud_filter system_netflow vpn.ipsec_forticlient system_automation-trigger firewall_policy64 wireless-controller.hotspot20_h2qp-osu-provider webfilter_ips-urlfilter-setting6 switch-controller_sflow firewall.service_custom spamfilter_iptrust firewall_internet-service-botnet firewall_internet-service-definition gtp_rat-timeout-profile system_mobile-tunnel log.syslogd3_override-setting wireless-controller_nac-profile user_saml firewall_ttl-policy wireless-controller_client-info system_vne-tunnel webfilter_fortiguard gtp_apn vpn_pptp wireless-controller.hotspot20_hs-profile log.webtrends_setting firewall_local-in-policy extender-controller_dataplan system_gi-gk wireless-controller_region router_policy switch-controller_port-policy switch-controller.qos_dot1p-map firewall_multicast-policy6 switch-controller.initial-config_vlans firewall_DoS-policy wanopt_content-delivery-network-rule firewall_region system_dns-database vpn.ipsec_fec waf_main-class system.replacemsg_nac-quar system_vdom-radius-server system_vdom user_tacacs+ system_ipip-tunnel log.syslogd3_setting wireless-controller_mpsk-profile system_lte-modem router_multicast6 vpn.certificate_remote extender_lte-carrier-list system_fips-cc switch-controller_snmp-community system_geneve system_ha log.syslogd3_filter user_radius firewall_DoS-policy6 switch-controller.auto-config_default system_tos-based-priority vpn.certificate_local system_accprofile wireless-controller_global log.syslogd_filter vpn.status_l2tp system_ipsec-aggregate wireless-controller_ap-status switch-controller_poe log.syslogd2_filter log.syslogd2_setting system_password-policy-guest-admin user_pop3 switch-controller_vlan-policy system_geoip-country switch-controller_system videofilter_youtube-channel-filter voip_profile vpn.ipsec_manualkey-interface emailfilter_options system.info.admin_status switch-controller_snmp-sysinfo firewall_internet-service-sld system_vdom-netflow firewall.ipmacbinding_table system_automation-destination dlp_fp-doc-source firewall_ldb-monitor firewall.ssh_host-key system_vdom-link spamfilter_dnsbl system_fortianalyzer-connectivity router_ospf6 user_device log.fortiguard_setting system.snmp_community wireless-controller_arrp-profile ips_settings firewall_internet-service-ipbl-vendor system_vdom-exception system_wccp antivirus_mms-checksum router_info6 system_ha-nonsync-csum system_automation-stitch system_mem-mgr firewall_profile-protocol-options router_prefix-list wireless-controller.hotspot20_anqp-venue-url firewall.ssh_local-key system_mgmt-csum endpoint-control_profile firewall_vip64 web-proxy_wisp switch-controller_switch-profile system.checksum_status endpoint-control_forticlient-ems system_dns-server system.replacemsg_alertmail log.fortiguard_override-filter endpoint-control_client firewall_access-proxy-ssh-client-cert system_fortiguard web-proxy_global wanopt_profile system_management-tunnel wireless-controller_scan system.replacemsg_ec report_setting firewall.service_group switch-controller_snmp-trap-threshold webfilter_search-engine system_ipv6-tunnel firewall.iprope.appctrl_list user_device-group user_fsso-polling system.dhcp_server report_chart vpn.certificate_setting router_bfd6 router_access-list system.session-info_statistics firewall_proxy-policy system_dns icap_profile firewall_internet-service-ipbl-reason webfilter_override-usr system_session dnsfilter_domain-filter report.sql_status switch-controller.auto-config_custom wireless-controller_vap-group emailfilter_iptrust antivirus_profile system_startup-error-log firewall_internet-service-name system_affinity-interrupt firewall_shaping-profile log.syslogd4_override-setting firewall_interface-policy6 vpn.ipsec_manualkey firewall.shaper_per-ip firewall_vendor-mac switch-controller_global router_setting user_local firewall.schedule_recurring system_sit-tunnel system_arp-table firewall_carrier-endpoint-bwl switch-controller_lldp-settings webfilter_content-header system_auto-install log.fortianalyzer3_override-setting user_domain-controller wireless-controller_wtp-status firewall_ssl-server system.replacemsg_traffic-quota system_virtual-wire-pair system_mac-address-table system.replacemsg_automation firewall_internet-service-owner system_network-visibility log.syslogd_override-filter switch-controller_nac-settings firewall_interface-policy extender_extender-info system.replacemsg_fortiguard-wf system_nat64 wireless-controller_bonjour-profile system_sdwan webfilter_urlfilter wireless-controller_spectral-info credential-store_domain-controller hardware.npu.np6_synproxy-stats system_probe-response wireless-controller.hotspot20_h2qp-operator-name wireless-controller_access-control-list cifs_profile system.replacemsg_utm extender_sys-info wireless-controller.hotspot20_anqp-roaming-consortium system_federated-upgrade firewall_proxy-addrgrp firewall_addrgrp system_sflow router_ripng firewall_vip6 wireless-controller_syslog-profile system.replacemsg_spam certificate_ca firewall.ssh_local-ca system_admin wireless-controller.hotspot20_h2qp-conn-capability switch-controller_location firewall.consolidated_policy router_access-list6 hardware.npu.np6_dce waf_profile firewall.wildcard-fqdn_group system_gre-tunnel user_group log.syslogd2_override-setting user_krb-keytab firewall.iprope_list system_ptp dpdk_global application_group system.replacemsg_ftp log_threat-weight extender-controller_extender firewall_access-proxy6 system_session6 switch-controller_managed-switch system_ike
selectors list / elements=dictionary	a list of selector for retrieving the fortigate facts
filters list / elements=string	A list of expressions to filter the returned results. The items of the list are combined as LOGICAL AND with operator ampersand. One item itself could be concatenated with a comma as LOGICAL OR.
formatters list / elements=string	A list of fields to display for returned results.
params dictionary	the parameter for each selector, see definition in above list.
selector string / required	selector for retrieving the fortigate facts Choices: log_gui-display system_fortiguard-service router_route-map system_sso-admin wireless-controller_address vpn.ssl_monitor system.auto-update_status system_cmdb authentication_rule log.fortianalyzer_override-setting firewall.ssl_setting vpn.ipsec_phase2-interface router_key-chain system_ddns firewall_traffic-class system_replacemsg-group system_ftm-push system_sms-server firewall_central-snat-map firewall_multicast-address6 dlp_fp-sensitivity system.replacemsg_sslvpn ips_view-map firewall_pfcp system_pppoe-interface webfilter_categories firewall_addrgrp6 log.disk_filter system.session-info_full-stat firewall_proxy-address extender-controller_extender-profile emailfilter_block-allow-list router_bgp router_auth-path system_resource-limits system.replacemsg_auth system.autoupdate_schedule switch-controller.qos_ip-dscp-map firewall_local-in-policy6 log.fortianalyzer2_override-setting wireless-controller.hotspot20_h2qp-osu-provider-nai log.fortianalyzer_override-filter system.replacemsg_icap system_object-tagging spamfilter_profile switch-controller_remote-log router_rip switch-controller.security-policy_local-access vpn.ipsec.stats_tunnel log.fortianalyzer-cloud_override-filter firewall.shaper_traffic system_smc-ntp user_adgrp system_auto-script switch-controller_quarantine firewall.service_category system_standalone-cluster system_link-monitor switch-controller_stp-settings user_security-exempt-list log.fortianalyzer-cloud_setting switch-controller.qos_qos-policy firewall_sniffer wireless-controller_ssid-policy wireless-controller_wag-profile firewall_internet-service-reputation switch-controller_vlan system.replacemsg_mm7 system.replacemsg_mm4 firewall_internet-service system.replacemsg_mm3 system.replacemsg_mm1 firewall.iprope.appctrl_status firewall_vipgrp46 log.webtrends_filter application_name system_sso-forticloud-admin gtp_apngrp log_setting firewall_address6-template wireless-controller.hotspot20_anqp-3gpp-cellular wireless-controller.hotspot20_h2qp-wan-metric system_automation-action system.autoupdate_tunneling router_prefix-list6 webfilter_ips-urlfilter-setting wanopt_peer pfcp_message-filter switch-controller_network-monitor-settings system_alias file-filter_profile web-proxy_forward-server-group system_session-helper router_community-list wireless-controller_qos-profile extender_session-info firewall_dnstranslation vpn.ssl.web_portal firewall_internet-service-custom system.replacemsg_device-detection-portal wireless-controller_ble-profile firewall_internet-service-custom-group system.performance.firewall_statistics firewall_profile-group system_vxlan system.autoupdate_push-update firewall_address6 system.performance_top wireless-controller_vap-status wireless-controller_wids-profile emailfilter_bword log.fortiguard_filter firewall_ipv6-eh-filter switch-controller.ptp_settings endpoint-control_fctems user_device-category firewall_identity-based-route system.session-helper-info_list system_console certificate_local system_ntp webfilter_ftgd-local-cat report_layout log.tacacs+accounting3_setting wireless-controller_timers wireless-controller.hotspot20_icon log.tacacs+accounting2_filter log.memory_global-setting router_multicast-flow ssh-filter_profile system_fortisandbox system_dns64 system_virtual-wan-link ips_sensor firewall.wildcard-fqdn_custom router_static alertemail_setting user_peergrp user_fortitoken web-proxy_debug-url vpn.ike_gateway webfilter_override switch-controller_nac-device system_fsso-polling user_peer vpn.ssl.web_host-check-software gtp_message-filter-v0v1 switch-controller_lldp-profile switch-controller_dynamic-port-policy vpn.ssl.web_realm log.tacacs+accounting_setting user_nac-policy wireless-controller_snmp emailfilter_fortishield switch-controller.security-policy_captive-portal firewall_shaping-policy wireless-controller_wlchanlistlic log_custom-field switch-controller_mac-policy firewall_address certificate_crl firewall.ssh_setting switch-controller.auto-config_policy system_nd-proxy log.memory_setting system_alarm system_ips-urlfilter-dns6 wireless-controller_log extender_lte-carrier-by-mcc-mnc webfilter_ftgd-statistics hardware.npu.np6_ipsec-stats firewall_vendor-mac-summary system_cluster-sync wanopt_settings emailfilter_dnsbl endpoint-control_registered-forticlient system_dedicated-mgmt log.tacacs+accounting3_filter log.fortianalyzer-cloud_override-setting firewall_policy46 system.source-ip_status system_modem certificate_remote firewall_decrypted-traffic-mirror antivirus_settings switch-controller_storm-control-policy switch-controller_802-1X-settings system_session-ttl system_storage system_isf-queue-profile log.memory_filter firewall_auth-portal antivirus_notification user_ldap ips_global wanopt_remote-storage system_speed-test-schedule wireless-controller.hotspot20_qos-map system.session-info_ttl vpn_l2tp system_fortiai system_npu firewall_vip46 authentication_setting vpn.certificate_ocsp-server antivirus_heuristic spamfilter_bword system_custom-language web-proxy_explicit vpn.ipsec_concentrator wireless-controller_wtp-group log.tacacs+accounting2_setting system_vdom-sflow switch-controller_igmp-snooping waf_signature log.null-device_setting gtp_tunnel-limit ips_rule-settings firewall_access-proxy system.session-info_expectation spamfilter_options switch-controller.security-policy_802-1X system_np6 ips_decoder firewall_proute6 user_setting system.performance_status system_geoip-override vpn.ipsec_phase1 vpn.ipsec_phase2 wireless-controller.hotspot20_anqp-network-auth-type webfilter_ips-urlfilter-cache-setting firewall.ipmacbinding_setting log.fortianalyzer2_filter system.ip-conflict_status application_rule-settings switch-controller_flow-tracking log.syslogd4_filter system_speed-test-server firewall_acl system_proxy-arp webfilter_ftgd-local-rating switch-controller_snmp-user nsxt_setting ips_custom switch-controller_switch-interface-tag router_policy6 waf_sub-class web-proxy_forward-server log_eventfilter system_vdom-property switch-controller_traffic-sniffer firewall_security-policy system_external-resource user_exchange sctp-filter_profile system_ipv6-neighbor-cache vpn.ipsec.tunnel_details report_style log.syslogd2_override-filter wireless-controller_wtp wireless-controller_rf-analysis system_stp system_saml system.dhcp6_server emailfilter_profile hardware.npu.np6_sse-stats log.fortianalyzer3_override-filter hardware_status firewall_multicast-policy vpn_ocvpn system.replacemsg_mms spamfilter_bwl switch-controller_fortilink-settings system_arp firewall_internet-service-addition webfilter_status system_ips emailfilter_bwl system_password-policy report_dataset switch-controller_virtual-port-pool wireless-controller_setting system.3g-modem_custom wireless-controller.hotspot20_anqp-ip-address-type firewall_vipgrp firewall_city web-proxy_profile system_switch-interface router_isis firewall_policy log.syslogd_override-setting hardware_memory router_info system.performance.firewall_packet-distribution switch-controller_mac-sync-settings webfilter_content firewall_vipgrp6 switch-controller.initial-config_template spamfilter_mheader firewall.schedule_onetime vpn.status_pptp gtp_ie-allow-list log.fortianalyzer_setting videofilter_youtube-key vpn.ipsec.tunnel_name firewall_ippool6 wireless-controller_status system_central-management system.replacemsg_http vpn.status.ssl_list vpn.ipsec.tunnel_summary hardware.npu.np6_session-stats cifs_domain-controller firewall_policy6 system_zone system_vdom-dns firewall_multicast-address wireless-controller_wtp-profile vpn.ssl_settings router_ospf switch-controller.qos_queue-policy dpdk_cpus wireless-controller.hotspot20_h2qp-terms-and-conditions router_static6 ftp-proxy_explicit hardware.npu.np6_port-list system_fortimanager system.lldp_network-policy vpn.certificate_crl system.replacemsg_admin router_multicast webfilter_profile switch-controller_storm-control firewall_ssl-ssh-profile vpn.ssl_client gtp_ie-white-list firewall_country user_certificate log.disk_setting nsxt_service-chain dlp_filepattern firewall_acl6 firewall_ippool web-proxy_url-match vpn.status.ssl_hw-acceleration-status system_interface log.syslogd3_override-filter router_bfd switch-controller_custom-command firewall_internet-service-extension system.replacemsg_webproxy user_password-policy wireless-controller_inter-controller log.syslogd4_setting log.fortianalyzer_filter hardware_cpu switch-controller_switch-group user_fsso emailfilter_mheader firewall_vipgrp64 user_quarantine system_ips-urlfilter-dns wireless-controller_addrgrp system_fm wireless-controller_apcfg-profile system_global vpn.ipsec.stats_crypto wireless-controller.hotspot20_anqp-nai-realm system_physical-switch system_affinity-packet-redistribution system_status firewall_gtp log.fortiguard_override-setting firewall_proute videofilter_profile log.fortianalyzer3_setting system.auto-update_versions firewall_vip system_virtual-switch firewall_mms-profile wanopt_auth-group wanopt_webcache system.snmp_user firewall_ip-translation system_settings log.fortianalyzer2_setting wireless-controller_vap ipsec_tunnel wanopt_cache-service log.syslogd4_override-filter switch-controller_switch-log firewall_internet-service-group system.replacemsg_mail extender_modem-status system_replacemsg-image system_acme antivirus_quarantine log.fortianalyzer2_override-filter system.session-info_list vpn.certificate_ca endpoint-control_forticlient-registration-sync system_sdn-connector vpn.ssl.web_user-group-bookmark system_fortiguard-log-service endpoint-control_settings system_central-mgmt hardware_nic log.null-device_filter gtp_message-filter-v2 firewall.shaper_per-ip-shaper wireless-controller_utm-profile router_aspath-list firewall.schedule_group system_ipam firewall_internet-service-list system_dscp-based-priority dlp_sensitivity icap_server vpn.ipsec_phase1-interface authentication_scheme firewall_access-proxy-virtual-host gtp_apn-shaper log.fortianalyzer3_filter system_email-server log.tacacs+accounting_filter dlp_sensor application_list firewall_internet-service-append vpn.ssl.web_user-bookmark report_theme firewall.shaper_traffic-shaper switch-controller_traffic-policy system_csf dlp_settings log.syslogd_setting switch-controller.ptp_policy switch-controller_stp-instance wireless-controller.hotspot20_h2qp-advice-of-charge mgmt-data_status dnsfilter_profile user_device-access-list system_ha-monitor monitoring_npu-hpe system.replacemsg_nntp wireless-controller.hotspot20_anqp-venue-name system.snmp_sysinfo monitoring_np6-ipsec-engine application_custom ips_session system_api-user system.info.admin_ssh ips_rule spamfilter_fortishield log.fortianalyzer-cloud_filter system_netflow vpn.ipsec_forticlient system_automation-trigger firewall_policy64 wireless-controller.hotspot20_h2qp-osu-provider webfilter_ips-urlfilter-setting6 switch-controller_sflow firewall.service_custom spamfilter_iptrust firewall_internet-service-botnet firewall_internet-service-definition gtp_rat-timeout-profile system_mobile-tunnel log.syslogd3_override-setting wireless-controller_nac-profile user_saml firewall_ttl-policy wireless-controller_client-info system_vne-tunnel webfilter_fortiguard gtp_apn vpn_pptp wireless-controller.hotspot20_hs-profile log.webtrends_setting firewall_local-in-policy extender-controller_dataplan system_gi-gk wireless-controller_region router_policy switch-controller_port-policy switch-controller.qos_dot1p-map firewall_multicast-policy6 switch-controller.initial-config_vlans firewall_DoS-policy wanopt_content-delivery-network-rule firewall_region system_dns-database vpn.ipsec_fec waf_main-class system.replacemsg_nac-quar system_vdom-radius-server system_vdom user_tacacs+ system_ipip-tunnel log.syslogd3_setting wireless-controller_mpsk-profile system_lte-modem router_multicast6 vpn.certificate_remote extender_lte-carrier-list system_fips-cc switch-controller_snmp-community system_geneve system_ha log.syslogd3_filter user_radius firewall_DoS-policy6 switch-controller.auto-config_default system_tos-based-priority vpn.certificate_local system_accprofile wireless-controller_global log.syslogd_filter vpn.status_l2tp system_ipsec-aggregate wireless-controller_ap-status switch-controller_poe log.syslogd2_filter log.syslogd2_setting system_password-policy-guest-admin user_pop3 switch-controller_vlan-policy system_geoip-country switch-controller_system videofilter_youtube-channel-filter voip_profile vpn.ipsec_manualkey-interface emailfilter_options system.info.admin_status switch-controller_snmp-sysinfo firewall_internet-service-sld system_vdom-netflow firewall.ipmacbinding_table system_automation-destination dlp_fp-doc-source firewall_ldb-monitor firewall.ssh_host-key system_vdom-link spamfilter_dnsbl system_fortianalyzer-connectivity router_ospf6 user_device log.fortiguard_setting system.snmp_community wireless-controller_arrp-profile ips_settings firewall_internet-service-ipbl-vendor system_vdom-exception system_wccp antivirus_mms-checksum router_info6 system_ha-nonsync-csum system_automation-stitch system_mem-mgr firewall_profile-protocol-options router_prefix-list wireless-controller.hotspot20_anqp-venue-url firewall.ssh_local-key system_mgmt-csum endpoint-control_profile firewall_vip64 web-proxy_wisp switch-controller_switch-profile system.checksum_status endpoint-control_forticlient-ems system_dns-server system.replacemsg_alertmail log.fortiguard_override-filter endpoint-control_client firewall_access-proxy-ssh-client-cert system_fortiguard web-proxy_global wanopt_profile system_management-tunnel wireless-controller_scan system.replacemsg_ec report_setting firewall.service_group switch-controller_snmp-trap-threshold webfilter_search-engine system_ipv6-tunnel firewall.iprope.appctrl_list user_device-group user_fsso-polling system.dhcp_server report_chart vpn.certificate_setting router_bfd6 router_access-list system.session-info_statistics firewall_proxy-policy system_dns icap_profile firewall_internet-service-ipbl-reason webfilter_override-usr system_session dnsfilter_domain-filter report.sql_status switch-controller.auto-config_custom wireless-controller_vap-group emailfilter_iptrust antivirus_profile system_startup-error-log firewall_internet-service-name system_affinity-interrupt firewall_shaping-profile log.syslogd4_override-setting firewall_interface-policy6 vpn.ipsec_manualkey firewall.shaper_per-ip firewall_vendor-mac switch-controller_global router_setting user_local firewall.schedule_recurring system_sit-tunnel system_arp-table firewall_carrier-endpoint-bwl switch-controller_lldp-settings webfilter_content-header system_auto-install log.fortianalyzer3_override-setting user_domain-controller wireless-controller_wtp-status firewall_ssl-server system.replacemsg_traffic-quota system_virtual-wire-pair system_mac-address-table system.replacemsg_automation firewall_internet-service-owner system_network-visibility log.syslogd_override-filter switch-controller_nac-settings firewall_interface-policy extender_extender-info system.replacemsg_fortiguard-wf system_nat64 wireless-controller_bonjour-profile system_sdwan webfilter_urlfilter wireless-controller_spectral-info credential-store_domain-controller hardware.npu.np6_synproxy-stats system_probe-response wireless-controller.hotspot20_h2qp-operator-name wireless-controller_access-control-list cifs_profile system.replacemsg_utm extender_sys-info wireless-controller.hotspot20_anqp-roaming-consortium system_federated-upgrade firewall_proxy-addrgrp firewall_addrgrp system_sflow router_ripng firewall_vip6 wireless-controller_syslog-profile system.replacemsg_spam certificate_ca firewall.ssh_local-ca system_admin wireless-controller.hotspot20_h2qp-conn-capability switch-controller_location firewall.consolidated_policy router_access-list6 hardware.npu.np6_dce waf_profile firewall.wildcard-fqdn_group system_gre-tunnel user_group log.syslogd2_override-setting user_krb-keytab firewall.iprope_list system_ptp dpdk_global application_group system.replacemsg_ftp log_threat-weight extender-controller_extender firewall_access-proxy6 system_session6 switch-controller_managed-switch system_ike
sorters list / elements=string	A list of expressions to sort the returned results. The items of the list are in ascending order with operator ampersand. One item itself could be in decending order with a comma inside.
sorters list / elements=string	A list of expressions to sort the returned results. The items of the list are in ascending order with operator ampersand. One item itself could be in decending order with a comma inside.
vdom string	Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. Default: “root”

Notes 

Note

Different selector may have different parameters, users are expected to look up them for a specific selector.
For some selectors, the objects are global, no params are allowed to appear.
If params is empty a non-unique object, the whole object list is returned.
This module has support for all configuration API, excluding any monitor API.
The result of API request is stored in results as a list.

Examples 

- hosts: fortigateslab
  connection: httpapi
  collections:
    - fortinet.fortios
  vars:
    ansible_httpapi_use_ssl: yes
    ansible_httpapi_validate_certs: no
    ansible_httpapi_port: 443
    vdom: "root"
  tasks:
  - name: Get multiple selectors info concurrently
    fortios_configuration_fact:
      selectors:
        - selector: firewall_address
          params:
            name: "gmail.com"
        - selector: system_interface
        - selector: log_eventfilter
          params: {}

  - name: fact gathering
    fortios_configuration_fact:
        vdom: ""
        filters:
            - name==port1
            - vlanid==0
        sorters:
            - name,vlanid
            - management-ip
        formatters:
         - name
         - management-ip
         - vlanid
        selector: 'system_interface'

  - name: get all
    fortios_configuration_fact:
      vdom: ""
      access_token: ""
      selector: log_custom-field

  - name: get single
    fortios_configuration_fact:
      vdom: ""
      access_token: ""
      selector: log_custom-field
      #optionally list or single get
      params:
        id: "3"

  - name: fetch one firewall address
    fortios_configuration_fact:
      selector: firewall_address
      params:
        name: "login.microsoft.com"

  - name: fetch all firewall addresses
    fortios_configuration_fact:
      selector: firewall_address

Return Values 

Common return values are documented here, the following are the fields unique to this module:

Key	Description
build string	Build number of the fortigate image Returned: always Sample: “1547”
http_method string	Last method used to provision the content into FortiGate Returned: always Sample: “GET”
name string	Name of the table used to fulfill the request Returned: always Sample: “firmware”
path string	Path of the table used to fulfill the request Returned: always Sample: “system”
revision string	Internal revision number Returned: always Sample: “17.0.2.10658”
serial string	Serial number of the unit Returned: always Sample: “FGVMEVYYQT3AB5352”
status string	Indication of the operation’s result Returned: always Sample: “success”
vdom string	Virtual domain used Returned: always Sample: “root”
version string	Version of the FortiGate Returned: always Sample: “v5.6.3”

Authors

Jie Xue (@JieX19)
Link Zheng (@chillancezen)
Hongbin Lu (@fgtdev-hblu)
Frank Shen (@fshen01)

Collection links

Issue Tracker Homepage Repository (Sources)

fortinet.fortios.fortios_configuration_fact module – Retrieve Facts of FortiOS Configurable Objects.

Synopsis

Requirements

Parameters

Notes

Examples

Return Values