fortinet.fortios.fortios_monitor – Ansible Module for FortiOS Monitor API

Note

This plugin is part of the fortinet.fortios collection (version 2.1.2).

To install it use: ansible-galaxy collection install fortinet.fortios.

To use it in a playbook, specify: fortinet.fortios.fortios_monitor.

New in version 2.10: of fortinet.fortios

Synopsis

  • Request FortiOS appliances to perform specific actions or procedures. This module contain all the FortiOS monitor API.

Requirements

The below requirements are needed on the host that executes this module.

  • install galaxy collection fortinet.fortios >= 2.0.0.

Parameters

Parameter Choices/Defaults Comments
access_token
string
Token-based authentication. Generated from GUI of Fortigate.
enable_log
boolean
    Choices:
  • no ←
  • yes
Enable/Disable logging for task.
params
dictionary
the parameter for each selector, see definition in above list.
selector
string / required
    Choices:
  • format.system.logdisk
  • update.switch-controller.managed-switch
  • update.system.ha-peer
  • add-license.registration.vdom
  • geoip.geoip-query
  • clear-statistics.system.fortiguard
  • enable-app-bandwidth-tracking.system.traffic-history
  • upgrade.license.database
  • run.system.compliance
  • clear_counters.firewall.policy
  • test-availability.system.fortiguard
  • download.wifi.firmware
  • provision.user.fortitoken
  • reset.firewall.per-ip-shaper
  • start.system.sniffer
  • update.system.modem
  • update.web-ui.custom-language
  • stop.wifi.vlan-probe
  • import.vpn-certificate.local
  • create.registration.forticare
  • save.system.config
  • tunnel_reset_stats.vpn.ipsec
  • toggle-vdom-mode.system.admin
  • register-device.registration.forticloud
  • quarantine.endpoint-control.registration
  • set_status.wifi.rogue_ap
  • email.user.guest
  • add.firewall.clearpass-address
  • transfer.registration.forticare
  • import.vpn-certificate.crl
  • clear.vpn.ike
  • disassociate.wifi.client
  • reset.webfilter.category-quota
  • upgrade.system.firmware
  • tunnel_up.vpn.ipsec
  • read-info.system.certificate
  • deregister.endpoint-control.registration
  • clear-soft-out.router.bgp
  • factory-reset.switch-controller.managed-switch
  • clear-soft-in.router.bgp
  • stop.system.sniffer
  • delete.log.local-report
  • add-license.registration.forticare
  • verify-cert.endpoint-control.ems
  • cancel.fortiview.session
  • restart.wifi.managed_ap
  • delete.webfilter.override
  • unblock.endpoint-control.registration
  • stop.system.usb-log
  • close.firewall.session
  • reset.firewall.shaper
  • clear_all.firewall.session
  • clear_counters.firewall.acl
  • reset.wifi.euclid
  • revoke.system.dhcp
  • add_users.user.banned
  • start.system.fsck
  • clear_counters.firewall.multicast-policy6
  • clear_counters.firewall.policy6
  • change-vdom-mode.system.admin
  • refresh-server.user.fsso
  • clear_counters.firewall.consolidated-policy
  • trigger.system.security-rating
  • webhook.system.automation-stitch
  • generate.vpn-certificate.csr
  • upload.system.vmlicense
  • reset.firewall.multicast-policy6
  • push.wifi.firmware
  • eject.system.usb-device
  • reboot.system.os
  • reset.firewall.consolidated-policy
  • set.system.time
  • remove.user.device
  • import.vpn-certificate.remote
  • upload.webproxy.pacfile
  • push.switch-controller.fsw-firmware
  • reset.wanopt.peer_stats
  • delete.vpn.ssl
  • block.endpoint-control.registration
  • backup-action.system.fortimanager
  • start.system.usb-log
  • system.change-password
  • reset.firewall.multicast-policy
  • tunnel_down.vpn.ipsec
  • clear_all.wifi.rogue_ap
  • import-seed.user.fortitoken
  • poe-reset.switch-controller.managed-switch
  • logout.registration.forticloud
  • clear_counters.firewall.acl6
  • restore.system.config
  • import.vpn-certificate.ca
  • upload.switch-controller.fsw-firmware
  • test.user.tacacs-plus
  • upload.system.config-script
  • system.password-policy-conform
  • sms.user.guest
  • delete.system.config-script
  • reset.wanopt.history
  • reset.firewall.policy6
  • import-mobile.user.fortitoken
  • download.switch-controller.fsw-firmware
  • stop.wifi.spectrum
  • login.registration.forticare
  • create.registration.forticloud
  • upload.wifi.firmware
  • start.wifi.spectrum
  • disconnect.system.modem
  • disconnect.system.ha-peer
  • keep-alive.wifi.spectrum
  • reset.system.modem
  • activate.user.fortitoken
  • register-appliance.system.csf
  • refresh.azure.application-list
  • start.wifi.vlan-probe
  • clear.system.sniffer
  • reset.extender-controller.extender
  • validate-gcp-key.system.sdn-connector
  • restart.system.sniffer
  • import.web-ui.language
  • import-trial.user.fortitoken
  • dump.system.com-log
  • diagnose.extender-controller.extender
  • update-comments.system.config-revision
  • refresh.user.fortitoken
  • reset.firewall.policy
  • shutdown.system.os
  • reset.log.stats
  • revoke.system.dhcp6
  • login.registration.forticloud
  • reset.wanopt.webcache
  • save.system.config-revision
  • set_status.wifi.managed_ap
  • deauth.user.firewall
  • upgrade.extender-controller.extender
  • delete.system.config-revision
  • clear_users.user.banned
  • send-activation.user.fortitoken
  • reset.webcache.stats
  • clear_counters.firewall.proxy-policy
  • utm.rating-lookup
  • test.system.automation-stitch
  • refresh.system.external-resource
  • auth.user.firewall
  • dhcp-renew.system.interface
  • migrate.registration.forticloud
  • clear_counters.firewall.multicast-policy
  • connect.wifi.network
  • test-connect.user.radius
  • speed-test-trigger.system.interface
  • generate-key.system.api-user
  • upload.wifi.region-image
  • run.system.config-script
  • clear_tunnel.vpn.ssl
  • add.nsx.service
  • update.system.fortiguard
  • restart.switch-controller.managed-switch
  • unquarantine.endpoint-control.registration
  • led-blink.wifi.managed_ap
  • update.system.sdn-connector
  • config.system.fortimanager
  • system.disconnect-admins
  • provision-user.vpn.ssl
  • create.web-ui.custom-language
  • check.endpoint-control.registration-password
  • scan.wifi.network
  • clear_counters.firewall.security-policy
  • clear_all.user.banned
  • delete.firewall.clearpass-address
  • connect.system.modem
  • generate-keys.wifi.ssid
selector of the retrieved fortimanager facts
vdom
string
Default:
"root"
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.

Notes

Note

  • Different selector may have different parameters, users are expected to look up them for a specific selector.

  • For some selectors, the objects are global, no params are allowed to appear.

  • Not all parameters are required for a selector.

  • This module is exclusivly for FortiOS monitor API.

  • The result of API request is stored in results.

Examples

- hosts: fortigate03
  connection: httpapi
  collections:
  - fortinet.fortios
  vars:
   vdom: "root"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 443
  tasks:

  - name: Activate FortiToken
    fortios_monitor:
       vdom: "root"
       access_token: "<fortios_access_token>"
       selector: 'activate.user.fortitoken'
       params:
           tokens: '<token string>'

  - name: Reboot This Device
    fortios_monitor:
       vdom: "root"
       access_token: "<fortios_access_token>"
       selector: 'reboot.system.os'
       params:
           event_log_message: 'Reboot Request From Ansible'

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
build
string
always
Build number of the fortigate image

Sample:
1547
http_method
string
always
Last method used to provision the content into FortiGate

Sample:
GET
name
string
always
Name of the table used to fulfill the request

Sample:
firmware
path
string
always
Path of the table used to fulfill the request

Sample:
system
revision
string
always
Internal revision number

Sample:
17.0.2.10658
serial
string
always
Serial number of the unit

Sample:
FGVMEVYYQT3AB5352
status
string
always
Indication of the operation's result

Sample:
success
vdom
string
always
Virtual domain used

Sample:
root
version
string
always
Version of the FortiGate

Sample:
v5.6.3


Authors

  • Jie Xue (@JieX19)

  • Link Zheng (@chillancezen)

  • Hongbin Lu (@fgtdev-hblu)

  • Frank Shen (@fshen01)