fortios_monitor – Ansible Module for FortiOS Monitor API.

New in version 2.10.

Synopsis

• Request FortiOS appliances to perform specific actions or procedures. This module contain all the FortiOS monitor API.

Requirements

The below requirements are needed on the host that executes this module.

• install galaxy collection fortinet.fortios >= 2.0.0.

Parameters

• vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str required: False default: root
• enable_log - Enable/Disable logging for task. type: bool required: False default: False
• access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: False
• selector - Action taken in FortiOS appliance. type: str choices:

• Show full selector list...

  • abort.user.query - Abort a running user device unified query.
    • query_id - Provide a query ID to abort an unified type query. type: int required: True
  • activate.user.fortitoken - Activate a set of FortiTokens by serial number.
    • tokens - List of FortiToken serial numbers to activate. If omitted, all tokens will be used. type: array required: False
  • add-license.registration.forticare - Add a FortiCare license.
    • registration_code - FortiCare contract number. type: string required: True
  • add-license.registration.vdom - Add a VDOM license.
    • license - VDOM license key. type: string required: True
  • add.firewall.clearpass-address - Add ClearPass address with SPT (System Posture Token) value.
    • endpoint_ip - Endpoint IPv4 address. type: array required: True
    • spt - SPT value [healthy|checkup|transient|quarantine|infected|unknown*]. type: string required: False
  • add.nsx.service - Add NSX service to connector.
    • mkey - NSX connector name. type: string required: True
  • add_users.user.banned - Immediately add one or more users to the banned list.
    • ip_addresses - List of IP Addresses to ban. IPv4 and IPv6 addresses are allowed. type: array required: True
    • expiry - Time until expiry in seconds. 0 for indefinite ban. type: int required: False
  • auth.user.firewall - Trigger authentication for a single firewall user.
    • username - User name. type: string required: True
    • ip - User IP address. type: string required: True
    • server - Name of an existing LDAP server entry. If supplied, authenticate that user against any matched groups on that LDAP server. type: string required: False
  • backup-action.system.fortimanager - Import or update from FortiManager objects.
    • operation - Operation to perform on the given CMDB objects [import|update]. type: string required: True
    • objects - Array of CMDB tables and mkeys. type: array required: True
  • backup.system.config - Backup system config
    • destination - Configuration file destination [file* | usb]. type: string required: False
    • usb_filename - When using 'usb' destination: the filename to save to on the connected USB device. type: string required: False
    • password - Password to encrypt configuration data. type: string required: False
    • scope - Specify global or VDOM only backup [global | vdom]. type: string required: True
    • vdom - If 'vdom' scope specified, the name of the VDOM to backup configuration. type: string required: False
    • password_mask - True to replace all the secrects and passwords with a mask. type: boolean required: False
    • file_format - Configuration file format [fos* | yaml]. type: string required: False
  • block.endpoint-control.registration - Block endpoint by FortiClient UID or MAC.
    • uid - Single FortiClient UID to block. type: string required: False
    • mac - Single MAC to block. type: string required: False
  • bounce-port.switch-controller.managed-switch - Reset the port to force all connected clients to re-request DHCP lease. All active client sessions will be terminated.
    • mkey - FortiSwitch ID. type: string required: True
    • port - FortiSwitch Port ID. type: string required: True
    • duration - Duration in seconds from 1 to 5 for port to be down. Defaults to 1 second if not provided. type: int required: False
    • stop - Stop a bounce in progress. type: boolean required: False
  • cancel.fortiview.session - Cancel a FortiView request session.
    • sessionid - Session ID to cancel. type: int required: False
    • device - FortiView request session's device. [disk|faz] type: string required: False
    • report_by - Report by field. type: string required: False
    • view_level - FortiView View level. type: string required: False
  • change-vdom-mode.system.admin - Switch between VDOM modes.
    • vdom-mode - VDOM mode [no-vdom|split-vdom|multi-vdom] type: string required: True
  • check.endpoint-control.registration-password - Check if provided registration password is valid for current VDOM.
    • password - Registration password to test. type: string required: True
  • clear-counters.firewall.central-snat-map - Reset traffic statistics for one or more firewall central SNAT policy by policy ID.
    • policy - Single policy ID to reset. type: int required: False
  • clear-counters.firewall.dnat - Reset hit count statistics for one or more firewall virtual IP/server by ID.
    • id - Single IDs to reset. type: int required: False
  • clear-soft-in.router.bgp - Inbound soft-reconfiguration for BGP peers.
  • clear-soft-out.router.bgp - Outbound soft-reconfiguration for BGP peers.
  • clear-statistics.system.fortiguard - Immediately clear all FortiGuard statistics.
  • clear.system.crash-log - Clear system crash log.
  • clear.system.sniffer - Clear the results of a specified packet capture.
    • mkey - ID of packet capture entry. type: int required: True
  • clear.vpn.ike - Clear IKE gateways.
    • mkey - Name of the IKE gateway to clear. type: string required: True
  • clear_all.firewall.session - Immediately clear all active IPv4 and IPv6 sessions and IPS sessions of current VDOM.
  • clear_all.user.banned - Immediately clear all banned users.
  • clear_all.wifi.rogue_ap - Clear all detected rogue APs.
  • clear_counters.firewall.acl - Reset counters for one or more IPv4 ACLs by policy ID.
    • policy - Single policy ID to reset. type: int required: False
  • clear_counters.firewall.acl6 - Reset counters for one or more IPv6 ACLs by policy ID.
    • policy - Single policy ID to reset. type: int required: False
  • clear_counters.firewall.consolidated-policy - Reset traffic statistics for one or more consolidated policies by policy ID.
    • policy - Single policy ID to reset. type: int required: False
  • clear_counters.firewall.multicast-policy - Reset traffic statistics for one or more firewall IPv4 multicast policies by policy ID.
    • policy - Single policy ID to reset. type: int required: False
  • clear_counters.firewall.multicast-policy6 - Reset traffic statistics for one or more firewall IPv6 multicast policies by policy ID.
    • policy - Single policy ID to reset. type: int required: False
  • clear_counters.firewall.policy - Reset traffic statistics for one or more firewall policies by policy ID.
    • policy - Single policy ID to reset. type: int required: False
  • clear_counters.firewall.policy6 - Reset traffic statistics for one or more IPv6 policies by policy ID.
    • policy - Single policy ID to reset. type: int required: False
  • clear_counters.firewall.proxy-policy - Reset traffic statistics for one or more explicit proxy policies by policy ID.
    • policy - Single policy ID to reset. type: int required: False
  • clear_counters.firewall.security-policy - Reset traffic statistics for one or more security policies by policy ID.
    • policy - Single policy ID to reset. type: int required: False
  • clear_tunnel.vpn.ssl - Remove all active tunnel sessions in current virtual domain.
  • clear_users.user.banned - Immediately clear a list of specific banned users by IP.
    • ip_addresses - List of banned user IPs to clear. IPv4 and IPv6 addresses are allowed. type: array required: True
  • close-all.firewall.session - Immediately close all active IPv4 and IPv6 sessions, as well as IPS sessions of the current VDOM.
  • close-multiple.firewall.session - Close multiple IPv4 firewall sessions which match the provided criteria.
    • proto - Protocol name [tcp|udp|icmp|...] or number. type: string required: False
    • saddr - Source address. type: string required: False
    • daddr - Destination address. type: string required: False
    • sport - Source port. type: int required: False
    • dport - Destination port. type: int required: False
    • naddr - NAT'd source IP address. type: string required: False
    • nport - NAT'd source port. type: int required: False
    • policy - Policy ID. type: int required: False
  • close-multiple.firewall.session6 - Close multiple IPv6 firewall sessions which match the provided criteria.
    • proto - Protocol name [tcp|udp|icmp|...] or number. type: string required: False
    • saddr - Source address. type: string required: False
    • daddr - Destination address. type: string required: False
    • sport - Source port. type: int required: False
    • dport - Destination port. type: int required: False
    • policy - Policy ID. type: int required: False
  • close.firewall.session - Close a single firewall session that matches all provided criteria.
    • pro - Protocol name [tcp|udp|icmp|...]. type: string required: True
    • saddr - Source address. type: string required: True
    • daddr - Destination address. type: string required: True
    • sport - Source port. type: int required: True
    • dport - Destination port. type: int required: True
  • config.system.fortimanager - Configure FortiManager IP. Register FortiManager if 'fortimanager_ip' is provided. Unregister FortiManager if only 'unregister' parameter is specified and set to true.
    • fortimanager_ip - FortiManager IP address. type: string required: False
    • unregister - Unregister the FortiManager (default=false). type: boolean required: False
  • connect.system.modem - Trigger a connect for the configured modem.
  • connect.wifi.network - When FortiWiFi is in client mode, connect to the specified network, if configured in the 'wifi' interface.
    • ssid - SSID of network to connect to. type: string required: True
  • create.registration.forticare - Create a new FortiCare account.
    • email - Account email. type: string required: True
    • password - Account password. type: string required: True
    • first_name - First name. type: string required: True
    • last_name - Last name. type: string required: True
    • title - Title. type: string required: False
    • company - Company. type: string required: True
    • address - Address. type: string required: True
    • city - City. type: string required: True
    • country_code - Country code. type: int required: True
    • state - State/Province. type: string required: True
    • state_code - State/Province code. type: string required: False
    • postal_code - Postal code. type: string required: True
    • phone - Phone number. type: string required: True
    • industry - Industry. type: string required: True
    • industry_id - Industry ID. type: int required: True
    • orgsize_id - Organization size ID. type: int required: True
    • reseller_name - Reseller name. type: string required: True
    • reseller_id - Reseller ID. type: int required: True
    • is_government - Set to true if the end-user is affiliated with a government. type: boolean required: False
  • create.registration.forticloud - Create a FortiCloud account.
    • email - Account email. type: string required: True
    • password - Account password. type: string required: True
    • send_logs - Send logs to FortiCloud. type: boolean required: False
  • create.vpn-certificate.local - Generate a new certificate signed by Fortinet_CA_SSL.
    • certname - Certificate name. type: string required: True
    • common_name - Certificate common name. type: string required: True
    • scope - Scope of local certificate [vdom*|global]. Global scope is only accessible for global administrators. type: string required: True
  • create.web-ui.custom-language - Upload custom language file to this Fortigate.
    • filename - Name of custom language file. type: string required: True
    • lang_name - Name of custom language entry. type: string required: True
    • lang_comments - Comments of custom language entry. type: string required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • deauth.user.firewall - Deauthenticate single, multiple, or all firewall users.
    • user_type - User type [proxy|firewall]. Required for both proxy and firewall users. type: string required: False
    • id - User ID. Required for both proxy and firewall users. type: int required: False
    • ip - User IP address. Required for both proxy and firewall users. type: string required: False
    • ip_version - IP version [ip4|ip6]. Only required if user_type is firewall. type: string required: False
    • method - Authentication method [fsso|rsso|ntlm|firewall|wsso|fsso_citrix|sso_guest]. Only required if user_type is firewall. type: string required: False
    • all - Set to true to deauthenticate all users. Other parameters will be ignored. type: boolean required: False
    • users - Array of user objects to deauthenticate. Use this to deauthenticate multiple users at once. Each object should include the above properties. type: array required: False
  • delete.firewall.clearpass-address - Delete ClearPass address with SPT (System Posture Token) value.
    • endpoint_ip - Endpoint IPv4 address. type: array required: True
    • spt - SPT value [healthy|checkup|transient|quarantine|infected|unknown*]. type: string required: False
  • delete.log.local-report - Delete a local report.
    • mkeys - Local Report Name. type: array required: True
  • delete.system.config-revision - Deletes one or more system configuration revisions.
    • config_ids - List of configuration ids. type: array required: True
  • delete.system.config-script - Delete the history of config scripts.
    • id_list - List of config script history ids to delete. type: array required: True
  • delete.vpn.ssl - Terminate the provided SSL-VPN session.
    • type - The session type [websession|subsession]. type: string required: True
    • index - The session index. type: int required: True
  • delete.webfilter.override - Delete a configured webfilter override.
    • mkey - ID of webfilter override to delete. type: string required: False
  • deregister-device.registration.forticare - Deregister the FortiGate from a FortiCare account.
    • email - FortiCare email. type: string required: True
    • password - Account password. type: string required: True
  • deregister.endpoint-control.registration - Deregister endpoint by FortiClient UID or MAC.
    • uid - Single FortiClient UID to deregister. type: string required: False
    • mac - Single MAC to deregister. type: string required: False
  • dhcp-renew.system.interface - Renew DHCP lease of an interface.
    • mkey - Name of the interface. type: string required: True
    • ipv6 - Renew the DHCPv6 lease. type: boolean required: False
  • diagnose.extender-controller.extender - Execute diagnotic commands.
    • id - FortiExtender ID. type: string required: True
    • cmd - Command to execute. type: string required: True
  • disassociate.wifi.client - Disassociate a WiFi client from the FortiAP it's currently connected to. The client will need to reassociate with the same FortiAP or another to resume connectivity.
    • mac - MAC address. type: string required: True
  • disconnect.system.ha-peer - Update configuration of peer in HA cluster.
    • serial_no - Serial number of the HA member. type: string required: True
    • interface - Name of the interface which should be assigned for management. type: string required: True
    • ip - IP to assign to the selected interface. type: string required: True
    • mask - Full network mask to assign to the selected interface. type: string required: True
  • disconnect.system.modem - Trigger a disconnect for the configured modem.
  • download-eval.system.vmlicense - Download Evaluation VM License and reboot immediately if successful.
    • account_id - FortiCare account email. type: string required: True
    • account_password - FortiCare account password. type: string required: True
    • is_government - Is the account in use by a government user? type: boolean required: False
  • download.switch-controller.fsw-firmware - Download FortiSwitch firmware from FortiGuard to the FortiGate according to FortiSwitch image ID.
    • image_id - FortiSwitch image ID. type: string required: True
  • download.system.vmlicense - Download Flex-VM license and reboot immediately if successful.
    • token - VM license token. type: string required: False
    • proxy_url - HTTP proxy URL in the form: http://user:pass@proxyip:proxyport. type: string required: False
  • download.wifi.firmware - Download FortiAP firmware from FortiGuard to the FortiGate according to FortiAP image ID.
    • image_id - FortiAP image ID. type: string required: True
  • dump.system.com-log - Dump system com-log to file.
  • dynamic.system.external-resource - Push updates to the specified external resource.
    • commands - List of push commands to run. Each push command requires name of external resource, the push command name and a list of entries that the push command acts on. E.g [{"name":"Threat Feed","command":"snapshot","entries":["192.168.1.1","192.168.1.2"]}] type: array required: True
  • eject.system.usb-device - Eject USB drives for safe removal.
  • email.user.guest - Sent guest login details via email.
    • group - Guest group name. type: string required: True
    • guest - Guest user IDs. type: array required: True
  • enable-app-bandwidth-tracking.system.traffic-history - Enable FortiView application bandwidth tracking.
  • factory-reset.switch-controller.managed-switch - Send 'Factory Reset' command to a given FortiSwitch.
    • mkey - Name of managed FortiSwitch. type: string required: True
  • flush.firewall.gtp - Flush GTP tunnels.
    • scope - Scope from which to flush tunnels from [global|*vdom]. type: string required: False
    • gtp_profile - Filter: GTP profile. type: string required: False
    • version - Filter: GTP version. type: int required: False
    • imsi - Filter: International mobile subscriber identity. type: string required: False
    • msisdn - Filter: Mobile station international subscriber directory number type: string required: False
    • ms_addr - Filter: Mobile user IP address. type: string required: False
    • ms_addr6 - Filter: Mobile user IPv6 address. type: string required: False
    • cteid - Filter: Control plane fully qualified tunnel endpoint identifier. type: int required: False
    • cteid_addr - Filter: Control plane TEID IP address. type: string required: False
    • cteid_addr6 - Filter: Control plane TEID IPv6 address. type: string required: False
    • fteid - Filter: Data plane fully qualified tunnel endpoint identifier. type: int required: False
    • fteid_addr - Filter: Data plane TEID IP address. type: string required: False
    • fteid_addr6 - Filter: Data plane TEID IPv6 address. type: string required: False
    • apn - Filter: Access point name. type: string required: False
  • format.system.logdisk - Format log disk.
  • generate-key.system.api-user - Generate a new api-key for the specified api-key-auth admin. The old api-key will be replaced. The response contains the only chance to read the new api-key plaintext in the api_key field.
    • api-user - Generate a new token for this api-user. type: string required: True
  • generate-keys.wifi.ssid - Generate pre-shared keys for specific multi pre-shared key profile.
    • mpsk_profile - Multi pre-shared key profile to add keys to. type: string required: True
    • group - Multi pre-shared key group to add keys to. type: string required: True
    • prefix - Prefix to be added at the start of the generated key's name. type: string required: True
    • count - Number of keys to be generated [1-512]. type: int required: True
    • key_length - Length of the keys to be generated [8-63]. type: int required: True
  • generate.vpn-certificate.csr - Generate a certificate signing request (CSR) and a private key. The CSR can be retrieved / downloaded from CLI, GUI and REST API.
    • certname - Certicate name. Used to retrieve / download the CSR. Not included in CSR and key content. type: string required: True
    • subject - Subject (Host IP/Domain Name/E-Mail). Common Name (CN) of the certificate subject. type: string required: True
    • keytype - Generate a RSA or an elliptic curve certificate request [rsa|ec]. The Elliptic Curve option is unavailable if the FortiGate is a Low Encryption Device (LENC) type: string required: True
    • keysize - Key size.[1024|1536|2048|4096]. 512 only if the FortiGate is a Low Encryption Device (LENC). Required when keytype is RSA. type: int required: False
    • curvename - Elliptic curve name. [secp256r1|secp384r1|secp521r1]. Unavailable if the FortiGate is a Low Encryption Device (LENC). Required when keytype is ec. type: string required: False
    • orgunits - List of organization units. Organization Units (OU) of the certificate subject. type: array required: False
    • org - Organization (O) of the certificate subject. type: string required: False
    • city - Locality (L) of the certificate subject. type: string required: False
    • state - State (ST) of the certificate subject. type: string required: False
    • countrycode - Country (C) of the certificate subject. type: string required: False
    • email - Email of the certificate subject. type: string required: False
    • subject_alt_name - Subject alternative name (SAN) of the certificate. type: string required: False
    • password - Password / pass phrase for the private key. If not provided, FortiGate generates a random one. type: string required: False
    • scep_url - SCEP server URL. If provided, use the url to enroll the csr through SCEP. type: string required: False
    • scep_password - SCEP challenge password. Some SCEP servers may require challege password. Provide it when SCEP server requires. type: string required: False
    • scope - Scope of CSR [vdom*|global]. Global scope is only accessible for global administrators type: string required: False
  • geoip.geoip-query - Retrieve location details for IPs queried against FortiGuard's geoip service.
    • ip_addresses - One or more IP address strings to query for location details. type: array required: True
  • import-mobile.user.fortitoken - Import a list of tokens from FortiGuard to the FortiGate unit.
    • code - Activation code on redemption certificate. type: string required: True
  • import-seed.user.fortitoken - Import a FortiToken seed file.
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • import-trial.user.fortitoken - Import trial mobile FortiTokens.
  • import.vpn-certificate.ca - Import CA certificate.
    • import_method - Method of importing CA certificate.[file|scep] type: string required: True
    • scep_url - SCEP server URL. Required for import via SCEP type: string required: False
    • scep_ca_id - SCEP server CA identifier for import via SCEP. type: string required: False
    • scope - Scope of CA certificate [vdom*|global]. Global scope is only accessible for global administrators type: string required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • import.vpn-certificate.crl - Import certificate revocation lists (CRL) from file content.
    • scope - Scope of CRL [vdom*|global]. Global scope is only accessible for global administrators type: string required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • import.vpn-certificate.local - Import local certificate.
    • type - Type of certificate.[local|pkcs12|regular] type: string required: True
    • certname - Certificate name for pkcs12 and regular certificate types. type: string required: False
    • password - Optional password for pkcs12 and regular certificate types. type: string required: False
    • key_file_content - Key content encoded in BASE64 for regular certificate type. type: string required: False
    • scope - Scope of local certificate [vdom*|global]. Global scope is only accessible for global administrators type: string required: False
    • acme_domain - A valid domain that resolves to an IP whose TCP port 443 reaches this FortiGate. type: string required: False
    • acme_email - Contact email address that is required by some CAs such as LetsEncrypt. type: string required: False
    • acme_ca_url - URL for the ACME CA server. type: string required: False
    • acme_rsa_key_size - Length of the RSA private key for the generated cert. type: int required: False
    • acme_renew_window - Certificate renewal window in days. type: int required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • import.vpn-certificate.remote - Import remote certificate.
    • scope - Scope of CRL [vdom*|global]. Global scope is only accessible for global administrators type: string required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • import.web-ui.language - Import localization language file to this FortiGate.
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • keep-alive.wifi.spectrum - Extend duration of an existing spectrum analysis for a specific FortiAP.
    • wtp_id - FortiAP ID. type: string required: True
    • radio_id - Radio ID. type: int required: True
    • duration - Duration in seconds. type: int required: True
  • kill.system.process - Kill a running process.
    • pid - The process ID. type: int required: True
    • signal - Signal to use when killing the process [9 (SIGKILL) | 11 (SIGSEGV) | 15 (SIGTERM)]. Defaults to 15. type: int required: False
  • led-blink.wifi.managed_ap - Turn a managed FortiAP's LED blinking on or off.
    • serials - FortiAP IDs to turn LED blink on/off. type: array required: True
    • blink - True to turn on blinking, false to turn off. type: boolean required: True
    • duration - Time to blink, in seconds. 0 or omit for indefinite. type: int required: False
  • login.registration.forticare - Login to FortiCare.
    • email - Account email. type: string required: True
    • password - Account password. type: string required: True
    • reseller_name - Reseller name. type: string required: True
    • reseller_id - Reseller ID. type: int required: True
    • is_government - Set to true if the end-user is affiliated with a government. type: boolean required: False
  • login.registration.forticloud - Login to FortiCloud.
    • email - Account email. type: string required: True
    • password - Account password. type: string required: True
    • send_logs - Send logs to FortiCloud. type: boolean required: False
    • domain - FortiCloud domain. type: string required: False
  • logout.registration.forticloud - Logout from FortiCloud.
  • manual-update.system.fortiguard - Manually update entitlements.
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • migrate.registration.forticloud - Migrate standalone FortiGate Cloud account to FortiCloud.
    • email - Account email. type: string required: True
    • password - Account password. type: string required: True
  • poe-reset.switch-controller.managed-switch - Reset PoE on a given FortiSwitch's port.
    • mkey - Name of managed FortiSwitch. type: string required: True
    • port - Name of port to reset PoE on. type: string required: True
  • port-stats-reset.switch-controller.managed-switch - Reset port statistics for a given FortiSwitch.
    • mkey - FortiSwitch ID. type: string required: True
    • ports - Name of ports to reset statistics on. type: array required: False
  • provision-user.vpn.ssl - Provision SSL-VPN users with target applications. The provisioning message (email or SMS) is sent with no confirmation of success.
    • host - The hostname/IP address of the VPN server. type: string required: True
    • port - The port of the VPN server. type: int required: True
    • vpn_name - The name of the VPN configuration. type: string required: True
    • method - Method to send [email|sms]. If not set, email will be the default. type: string required: False
    • email_list - The email address that the VPN configuration message should be sent to. Required if "method" is "email". type: string required: False
    • phone_user_list - The user that the VPN configuration SMS should be sent to. At least one of "phone_user_list" or "phone_number_list" is required if "method" is "sms". type: string required: False
    • phone_number_list - The phone number that the VPN configuration SMS should be sent to. At least one of "phone_user_list" or "phone_number_list" is required if "method" is "sms". type: string required: False
    • sms_method - The method to be used for sending the SMS [fortiguard|custom]. Default is "fortiguard". type: string required: False
    • sms_server - The SMS server to be used for sending SMS messages, required if "custom" SMS method is chosen. type: string required: False
  • provision.user.fortitoken - Provision a set of FortiTokens by serial number.
    • tokens - List of FortiToken serial numbers to provision. If omitted, all tokens will be used. type: array required: False
  • purdue-level.user.device - Update the Purdue level of device from device store.
    • mac - Main MAC address of the device. type: string required: True
    • ip - IP address of the device. type: string required: False
    • level - Purdue level of the device [1|1.5|2|2.5|3|3.5|4|5|5.5]. type: string required: True
  • push.switch-controller.fsw-firmware - Push FortiSwitch firmware to the given device.
    • serial - The target device's serial. type: string required: True
    • image_id - FortiSwitch image ID. type: string required: True
  • push.wifi.firmware - Push FortiAP firmware to the given device.
    • serial - The target device's serial. type: string required: True
    • image_id - FortiAP image ID. type: string required: True
  • quarantine.endpoint-control.registration - Quarantine endpoint by FortiClient UID or MAC.
    • uid - Single FortiClient UID to quarantine. type: string required: False
    • mac - Single MAC to quarantine. type: string required: False
  • read-info.system.certificate - Get certificate information from a certificate string.
    • value - PEM formatted certificate. type: string required: True
  • reboot.system.os - Immediately reboot this device.
    • event_log_message - Message to be logged in event log. type: string required: False
  • refresh-server.user.fsso - Refresh remote agent group list for all fsso agents.
  • refresh.azure.application-list - Update the Azure application list data or get the status of an update.
    • last_update_time - Timestamp of a previous update request. If this is not provided then it will refresh the Azure application list data. type: int required: False
  • refresh.system.external-resource - Fetch the external resource file and refresh status for the specified external resource.
    • mkey - The name of the external resource to query. type: string required: True
    • check_status_only - Set to true to return only the refresh status. type: boolean required: False
    • last_connection_time - The timestamp of last connection to the resource; used for checking refresh status. type: int required: False
  • refresh.user.fortitoken - Refresh a set of FortiTokens by serial number.
    • tokens - List of FortiToken serial numbers to refresh. If omitted, all tokens will be used. type: array required: False
  • register-appliance.system.csf - Register appliance to Security Fabric.
    • type - Appliance type (Example: 'faz'). type: string required: True
    • mgmt_ip - Management IP or FQDN. type: string required: True
    • mgmt_port - Management port. type: int required: False
    • mgmt_url_parameters - Array of URL parameters. Each item is a key/value pair. If provided, the URL parameters will be included in the management IP URL. type: array required: False
    • serial - Serial number. type: string required: True
    • hostname - Host name. type: string required: False
  • register-device.registration.forticloud - Register a device to FortiCloud through FortiGate. Currently FortiSwitch and FortiAP are supported.
    • serial - Device serial number type: string required: True
    • email - FortiCloud email. type: string required: True
    • password - Password. type: string required: True
    • reseller - Reseller. type: string required: True
    • reseller_id - Reseller ID. type: int required: True
    • country - Country. type: string required: True
    • is_government - Set to true if the end-user is affiliated with a government. type: boolean required: False
  • remove.user.device - Remove single or multiple user devices specified by host MAC addresses.
    • macs - An array of host MAC addresses to be removed. type: array required: False
  • reset.extender-controller.extender - Reset a specific FortiExtender unit.
    • id - FortiExtender ID to reset. type: string required: True
  • reset.firewall.central-snat-map - Reset traffic statistics for all firewall central SNAT policies.
  • reset.firewall.consolidated-policy - Reset traffic statistics for all consolidated policies.
  • reset.firewall.dnat - Reset hit count statistics for all firewall virtual IPs/servers.
  • reset.firewall.multicast-policy - Reset traffic statistics for all IPv4 firewall multicast policies.
  • reset.firewall.multicast-policy6 - Reset traffic statistics for all IPv6 firewall multicast policies.
  • reset.firewall.per-ip-shaper - Reset statistics for all configured firewall per-IP traffic shapers.
  • reset.firewall.policy - Reset traffic statistics for all firewall policies.
  • reset.firewall.policy6 - Reset traffic statistics for all IPv6 policies.
  • reset.firewall.shaper - Reset statistics for all configured traffic shapers.
  • reset.log.stats - Reset logging statistics for all log devices.
  • reset.system.modem - Reset statistics for internal/external configured modem.
  • reset.wanopt.history - Reset WAN opt. statistics.
  • reset.wanopt.peer_stats - Reset WAN opt peer statistics.
  • reset.wanopt.webcache - Reset webcache statistics.
  • reset.webcache.stats - Reset all webcache statistics.
  • reset.webfilter.category-quota - Reset webfilter quota for user or IP.
    • profile - Webfilter profile to reset. type: string required: False
    • user - User or IP to reset with. type: string required: False
  • reset.wifi.euclid - Reset presence analytics statistics.
  • restart.switch-controller.managed-switch - Restart a given FortiSwitch.
    • mkey - Name of managed FortiSwitch. type: string required: True
  • restart.system.sniffer - Restart specified packet capture.
    • mkey - ID of packet capture entry. type: int required: True
  • restart.wifi.managed_ap - Restart a given FortiAP.
    • wtpname - FortiAP name. type: string required: False
  • restore.system.config - Restore system configuration from uploaded file or from USB.
    • source - Configuration file data source [upload | usb | revision]. type: string required: True
    • usb_filename - When using 'usb' source: the filename to restore from the connected USB device. type: string required: False
    • config_id - When using 'revision' source: valid ID of configuration stored on disk to revert to. type: int required: False
    • password - Password to decrypt configuration data. type: string required: False
    • scope - Specify global or VDOM only restore [global | vdom]. type: string required: True
    • vdom - If 'vdom' scope specified, the name of the VDOM to restore configuration. type: string required: False
    • file_format - Configuration file format [fos* | yaml]. type: string required: False
    • confirm_password_mask - True to upload password mask config file. type: boolean required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • revoke.system.dhcp - Revoke IPv4 DHCP leases.
    • ip - Optional list of addresses to revoke. Defaults to all addresses if not provided. type: array required: False
  • revoke.system.dhcp6 - Revoke IPv6 DHCP leases.
    • ip - Optional list of addresses to revoke. Defaults to all addresses if not provided. type: array required: False
  • run.system.compliance - Immediately run compliance checks for the selected VDOM.
  • run.system.config-script - Run remote config scripts.
    • remote_script - Name of remote config script to run. type: string required: True
  • save.system.config - Explicitly save all configuration.
  • save.system.config-revision - Create a new config revision checkpoint.
    • comments - Optional revision comments type: string required: False
  • scan.wifi.network - When FortiWiFi is in client mode, start a scan for local WiFi networks.
  • send-activation.user.fortitoken - Send a FortiToken activation code to a user via SMS or Email.
    • token - FortiToken serial number. The token must be assigned to a user/admin. type: string required: True
    • method - Method to send activation code [email|sms]. If not set, SMS will be attempted first, then email. type: string required: False
    • email - Override email address. type: string required: False
    • sms_phone - Override SMS phone number. SMS provider must be set in the assigned user/admin. type: string required: False
  • set-tier1.switch-controller.mclag-icl - Setup a tier-1 MC-LAG link between a pair of FortiSwitches.
    • fortilink - FortiLink interface name. type: string required: True
    • peer1 - FortiSwitch ID for MC-LAG peer 1. type: string required: True
    • peer2 - FortiSwitch ID for MC-LAG peer 2. type: string required: True
  • set.system.time - Sets current system time stamp.
    • year - Specifies the year for setting/updating time manually. type: int required: True
    • month - Specifies the month (0 - 11) for setting/updating time manually. type: int required: True
    • day - Specifies the day for setting/updating time manually. type: int required: True
    • hour - Specifies the hour (0 - 23) for setting/updating time manually. type: int required: True
    • minute - Specifies the minute (0 - 59) for setting/updating time manually. type: int required: True
    • second - Specifies the second (0 - 59) for setting/updating time manually. type: int required: True
  • set_status.wifi.managed_ap - Update administrative state for a given FortiAP (enable or disable authorization).
    • wtpname - FortiAP name. type: string required: False
    • admin - New FortiAP administrative state [enable|disable|discovered]. type: string required: False
  • set_status.wifi.rogue_ap - Mark detected APs as rogue APs.
    • bssid - List of rogue AP MAC addresses. type: array required: False
    • ssid - Corresponding list of rogue AP SSIDs. type: array required: False
    • status - Status to assign matching APs [unclassified|rogue|accepted|suppressed]. type: string required: False
  • shutdown.system.os - Immediately shutdown this device.
    • event_log_message - Message to be logged in event log. type: string required: False
  • sms.user.guest - Sent guest login details via SMS.
    • group - Guest group name. type: string required: True
    • guest - Guest user IDs. type: array required: True
  • soft-reset-neighbor.router.bgp - BGP Neighbor soft reset.
    • ip - IP address of neighbor to perform soft reset on. type: string required: True
  • speed-test-trigger.system.interface - Run a speed-test on the given interface.
    • mkey - Name of the interface. type: string required: True
  • start.network.debug-flow - Start debug flow packet capture.
    • num_packets - Number of packets. type: int required: True
    • ipv6 - Whether we are debugging IPv6 traffic. type: boolean required: True
    • negate - Inverse IPv4 or IPv6 filter. type: boolean required: False
    • addr_from - IPv4 or IPv6 address start of range. type: string required: False
    • addr_to - IPv4 or IPv6 address end of range. type: string required: False
    • daddr_from - Destination IPv4 or IPv6 address start of range. type: string required: False
    • daddr_to - Destination IPv4 or IPv6 address end of range. type: string required: False
    • saddr_from - Source IPv4 or IPv6 address start of range. type: string required: False
    • saddr_to - Source IPv4 or IPv6 address end of range. type: string required: False
    • port_from - Port from. type: int required: False
    • port_to - Port to. type: int required: False
    • dport_from - Destination port from. type: int required: False
    • dport_to - Destination port to. type: int required: False
    • sport_from - Source port from. type: int required: False
    • sport_to - Source port to. type: int required: False
    • proto - Protocol number. type: int required: False
  • start.system.fsck - Set file system check flag so that it will be executed on next device reboot.
  • start.system.sniffer - Start specified packet capture.
    • mkey - ID of packet capture entry. type: int required: True
  • start.system.usb-log - Start backup of logs from current VDOM to USB drive.
  • start.wifi.spectrum - Start spectrum analysis for a specific FortiAP for a duration of time.
    • wtp_id - FortiAP ID. type: string required: True
    • radio_id - Radio ID. type: int required: True
    • channels - Channels. type: array required: True
    • duration - Duration in seconds. type: int required: True
  • start.wifi.vlan-probe - Start a VLAN probe.
    • ap_interface - FortiAP interface to send the probe on. type: int required: True
    • wtp - FortiAP ID. type: string required: True
    • start_vlan_id - The starting VLAN ID for the probe. type: int required: True
    • end_vlan_id - The ending VLAN ID for the probe. type: int required: True
    • retries - Number of times to retry a probe for a particular VLAN. type: int required: True
    • timeout - Timeout duration (in seconds) to wait for a VLAN probe response. type: int required: True
  • stop.network.debug-flow - Stop debug flow packet capture.
  • stop.system.sniffer - Stop specified packet capture.
    • mkey - ID of packet capture entry. type: int required: True
  • stop.system.usb-log - Stop backup of logs to USB drive.
  • stop.wifi.spectrum - Stop spectrum analysis for a specific FortiAP.
    • wtp_id - FortiAP ID. type: string required: True
    • radio_id - Radio ID. type: int required: True
  • stop.wifi.vlan-probe - Stop a VLAN probe.
    • ap_interface - FortiAP interface to send the probe on. type: int required: True
    • wtp - FortiAP ID. type: string required: True
  • system.change-password - Save admin and guest-admin passwords.
    • mkey - User ID for password change. type: string required: False
    • old_password - Old password. type: string required: False
    • new_password - New password. type: string required: True
  • system.disconnect-admins - Disconnects logged in administrators.
    • id - Admin ID type: int required: False
    • method - Login method used to connect admin to FortiGate. type: string required: False
    • admins - List of objects with admin id and method. type: array required: False
  • system.password-policy-conform - Check whether password conforms to the password policy.
    • mkey - User ID for password change. type: string required: False
    • apply_to - Password Policy ID. type: string required: False
    • password - Password. type: string required: False
    • old_password - Old password. type: string required: False
  • test-availability.system.fortiguard - Test availability of FortiGuard services.
    • protocol - Protocol to check. [https | udp | http] type: string required: True
    • port - Port to check. type: int required: True
    • service - Service to check. [emailfilter | webfilter] type: string required: True
  • test-connect.user.radius - Test the connectivity of the given RADIUS server and, optionally, the validity of a username & password.
    • mkey - Name of FortiGate's RADIUS object whose settings to test. type: string required: False
    • ordinal - If 'mkey' is provided, the server-secret pair to use from the object: 'primary', 'secondary' or 'tertiary'. Defaults to 'primary'. type: string required: False
    • server - Host name or IP of a RADIUS server. If 'mkey' is provided, this overrides the 'server' value in the object. type: string required: False
    • secret - Secret password for the RADIUS server. If 'mkey' is provided, this overrides the 'secret' value in the object. type: string required: False
    • auth_type - Authentication protocol to use [auto|ms_chap_v2|ms_chap|chap|pap]. If 'mkey' is provided, this overrides the 'auth-type' value in the object. type: string required: False
    • user - User name whose access to check. type: string required: False
    • password - User's password. type: string required: False
  • test.system.automation-stitch - Triggers an automation stitch for testing purposes.
    • mkey - ID of automation stitch to trigger. type: string required: True
    • log - Message to store in the log buffer when triggering an event. For example, "logid=\"32102\" eventtime=1528840790000000000 logdesc=\"Sample description\" msg=\"Sample message\"". This parameter is required for the 'event-log' event type. For the test to run, the 'logid' argument value must match the trigger-defined value. If 'logid' is not provided, the test will use the trigger-defined value. type: string required: False
  • test.user.tacacs-plus - Test the connectivity of the given TACACS+ server.
    • mkey - Name of FortiGate's TACACS+ object whose settings to test. type: string required: False
    • ordinal - If 'mkey' is provided, the server-key pair to use from the object: 'primary', 'secondary' or 'tertiary'. Defaults to 'primary'. type: string required: False
    • server - Host name of IP of a TACACS+ server. If 'mkey' is provided, this overrides the 'server' value in the object. type: string required: False
    • secret - Secret key for the TACACS+ server. If 'mkey' is provided, this overrides the 'key' value in the object. type: string required: False
    • port - Port number of the TACACS+ server. If 'mkey' is provided, this overrides the 'port' value in the object. Defaults to 49. type: int required: False
    • source_ip - Source IP for communications to TACACS+ server. If 'mkey' is provided, this overrides the 'source-ip' value in the object. type: string required: False
  • toggle-vdom-mode.system.admin - Toggles VDOM mode on/off. Enables or disables VDOM mode if it is disabled or enabled respectively.
  • transfer.registration.forticare - Transfer to a new FortiCare account.
    • email - Account email. type: string required: True
    • password - Account password. type: string required: True
    • old_email - Old account email. type: string required: True
    • old_password - Old account password. type: string required: True
  • trigger.system.security-rating - Run a Security Rating report.
    • report_type - Security Rating report to run, run all reports when unspecified. type: string required: False
    • report_types - Multiple Security Rating reports to run, run all reports when unspecified. type: array required: False
  • tunnel_down.vpn.ipsec - Bring down a specific IPsec VPN tunnel.
    • p1name - IPsec phase1 name. type: string required: True
    • p2name - IPsec phase2 name. type: string required: True
    • p2serial - IPsec phase2 serial. type: int required: False
  • tunnel_reset_stats.vpn.ipsec - Reset statistics for a specific IPsec VPN tunnel.
    • p1name - IPsec phase1 name. type: string required: True
  • tunnel_up.vpn.ipsec - Bring up a specific IPsec VPN tunnel.
    • p1name - IPsec phase1 name. type: string required: True
    • p2name - IPsec phase2 name. type: string required: True
    • p2serial - IPsec phase2 serial. type: int required: False
  • unblock.endpoint-control.registration - Unblock endpoint by FortiClient UID or MAC.
    • uid - Single FortiClient UID to unblock. type: string required: False
    • mac - Single MAC to unblock. type: string required: False
  • unquarantine.endpoint-control.registration - Unquarantine endpoint by FortiClient UID or MAC.
    • uid - Single FortiClient UID to unquarantine. type: string required: False
    • mac - Single MAC to unquarantine. type: string required: False
  • update-comments.system.config-revision - Updates comments for a system configuration file.
    • config_id - Configuration id. type: int required: False
    • comments - Configuration comments. type: string required: False
  • update.switch-controller.managed-switch - Update administrative state for a given FortiSwitch (enable or disable authorization).
    • mkey - FortiSwitch name. type: string required: False
    • admin - New FortiSwitch administrative state [enable|disable|discovered]. type: string required: False
  • update.system.fortiguard - Immediately update status for FortiGuard services.
  • update.system.ha-peer - Update configuration of peer in HA cluster.
    • serial_no - Serial number of the HA member. type: string required: True
    • vcluster_id - Virtual cluster number. type: int required: False
    • priority - Priority to assign to HA member. type: int required: False
    • hostname - Name to assign the HA member. type: string required: False
  • update.system.modem - Update supported modem list from FortiGuard.
  • update.system.sdn-connector - Update an SDN connector's connection status.
    • mkey - SDN connector name. type: string required: True
  • update.web-ui.custom-language - Update custom language file to this Fortigate.
    • mkey - Name of custom language entry. type: string required: True
    • lang_name - New name of custom language entry. type: string required: False
    • filename - Name of custom language file. type: string required: False
    • lang_comments - Comments of custom language entry. type: string required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • upgrade.extender-controller.extender - Upgrade FortiExtender.
    • id - FortiExtender ID to upgrade. type: string required: True
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • upgrade.license.database - Upgrade or downgrade UTM engine or signature package (IPS/AntiVirus/Application Control/Industrial database/Security Rating/Internet Service Database) using uploaded file.
    • db_name - Security service database name [ips|appctrl|industrial_db|antivirus|security_rating|isdb|iotddb] type: string required: True
    • confirm_not_signed - Confirm whether unsigned pkg files may be uploaded. type: boolean required: False
    • file_id - File id of existing pkg file from a previous upload. type: string required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • upgrade.system.firmware - Upgrade firmware image on this device using uploaded file.
    • source - Firmware file data source [upload|usb|fortiguard]. type: string required: True
    • filename - Name of file on fortiguard or USB disk to upgrade to. type: string required: False
    • format_partition - Set to true to format boot partition before upgrade. type: boolean required: False
    • ignore_invalid_signature - Set to true to allow upgrade of firmware images with invalid signatures. type: boolean required: False
    • file_id - File ID of the uploaded firmware image to allow upgrade of firmware images with invalid signatures. type: string required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • upgrade.system.lte-modem - Upgrade LTE modem firmware image on this device using uploaded files.
  • upload.switch-controller.fsw-firmware - Upload FortiSwitch firmware to the management FortiGate and then push to target FortiSwitches.
    • serials - The target device's serial. type: string required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • upload.system.config-script - Upload and run a new configuration script file.
    • filename - Name of configuration script file. type: string required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • upload.system.hscalefw-license - Update Hyperscale firewall license for hardware acceleration using license key.
    • license_key - License key. Format:0000-0000-0000-0000-0000-0000-00. type: string required: True
  • upload.system.lte-modem - Upload the modem firmware upgrade files.
    • filename - Firmware file being uploaded. type: string required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • upload.system.vmlicense - Update VM license using uploaded file. Reboots immediately if successful.
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • upload.webproxy.pacfile - Upload webproxy PAC file.
    • filename - Name of PAC file. type: string required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • upload.wifi.firmware - Upload FortiAP firmware to the management FortiGate and then push to target FortiAPs.
    • serials - The target device's serial. type: string required: False
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • upload.wifi.region-image - Saves a floorplan/region image to an existing region.
    • region_name - Region name to save image to. type: string required: True
    • image_type - MIME type of the image (png|jpeg|gif). type: string required: True
    • file_content - Provided when uploading a file: base64 encoded file data. Must not contain whitespace or other invalid base64 characters. Must be included in HTTP body. type: string required: False
  • utm.rating-lookup - Lookup FortiGuard rating for a specific URL.
    • url - List of URLs to query. type: array required: False
    • lang - Language for the rating response. type: string required: False
  • validate-gcp-key.system.sdn-connector - Validate a string representing a private key from GCP in PEM format.
    • private-key - Private key in PEM format. type: string required: True
  • verify-cert.endpoint-control.ems - Verify EMS server certificate for a specific EMS.
    • ems_id - EMS server ID (as defined in CLI table endpoint-control.fctems). type: int required: True
    • fingerprint - EMS server certificate fingerprint to check with. type: string required: True
  • wake-on-lan.system.interface - Send wake on lan packet to device.
    • mkey - Name of the interface that will send out the packet. type: string required: True
    • mac - MAC of device to wake up. type: string required: True
    • protocol_option - protocol [wol | udp]. Default is udp type: string required: False
    • port - Port used by UDP WoL packets (0, 7, or 9). Port 9 will be used by default. type: int required: False
    • address - Broadcast IP address used by UDP WoL packets. type: string required: False
    • secureon_password - Password of the destination host if SecureOn is enabled. type: string required: False
  • webhook.system.automation-stitch - Triggers an incoming webhook for an automation stitch.
    • mkey - The incoming webhook name to trigger. type: string required: True
• params - the parameter for each action, see definition in above list.type: dict

Notes

Note

• Different selector may have different parameters, users are expected to look up them in the dropdown list above..
• For some selectors, no params are allowed to appear.
• Not all parameters are required for a selector.
• This module is exclusivly for FortiOS monitor API.
• The result of API request is stored in results.

Examples

- hosts: fortigate03
  connection: httpapi
  collections:
  - fortinet.fortios
  vars:
   vdom: "root"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 443
  tasks:

  - name: Activate FortiToken
    fortios_monitor:
       vdom: "root"
       access_token: "<fortios_access_token>"
       selector: 'activate.user.fortitoken'
       params:
           tokens: '<token string>'

  - name: Reboot This Device
    fortios_monitor:
       vdom: "root"
       access_token: "<fortios_access_token>"
       selector: 'reboot.system.os'
       params:
           event_log_message: 'Reboot Request From Ansible'

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

• build - Build number of the fortigate image returned: always type: str sample: 1547
• http_method - Last method used to provision the content into FortiGate returned: always type: str sample: GET
• name - Name of the table used to fulfill the request returned: always type: str sample: firmware
• path - Path of the table used to fulfill the request returned: always type: str sample: system
• results - Object list retrieved from device. returned: always type: list
• revision - Internal revision number returned: always type: str sample: 17.0.2.10658
• serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
• status - Indication of the operation's result returned: always type: str sample: success
• vdom - Virtual domain used returned: always type: str sample: root
• version - Version of the FortiGate returned: always type: str sample: v5.6.3
• ansible_facts - The list of fact subsets collected from the device returned: always type: dict

Status

• This module is not guaranteed to have a backwards compatible interface.

Authors

• Link Zheng (@chillancezen)
• Jie Xue (@JieX19)
• Hongbin Lu (@fgtdev-hblu)
• Frank Shen (@fshen01)

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.