fortios_log_fact – Retrieve Log Data of Fortios Log Objects.¶
New in version 2.10.
Synopsis¶
- Collects log data from network devices running the fortios operating system. This module will only collect the log data specified in the playbook.
Requirements¶
The below requirements are needed on the host that executes this module.
- install galaxy collection fortinet.fortios >=
2.1.0
.
Parameters¶
- vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str required: False default: root
- enable_log - Enable/Disable logging for task. type: bool required: False default: False
- access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: False
- filters - A list of expressions to filter the returned results. type: list required: False more...
- sorters - A list of expressions to sort the returned results. type: list required: False more...
- formatters - A list of fields to display for returned results. type: list required: False
- selector - selector of the retrieved log data type: str choices:
-
disk_anomaly_raw
- disk_anomaly_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_app-ctrl_archive
- disk_app-ctrl_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
- mkey - Archive identifier. type: int
- roll - Log roll number. (required if source is not fortianalyzer) type: int
disk_app-ctrl_archive-download
- disk_app-ctrl_archive-download - Download an archived file.
- mkey - Archive identifier. type: int
- roll - Log roll number (required if source is not fortianalyzer). type: int
- filename - File name to use when saving the file in the browser. type: string
disk_app-ctrl_raw
- disk_app-ctrl_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_cifs_raw
- disk_cifs_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_dlp_raw
- disk_dlp_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_dns_raw
- disk_dns_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_emailfilter_raw
- disk_emailfilter_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_event_compliance-check
- disk_event_compliance-check - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_event_connector
- disk_event_connector - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_event_endpoint
- disk_event_endpoint - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_event_fortiextender
- disk_event_fortiextender - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_event_ha
- disk_event_ha - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_event_router
- disk_event_router - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_event_security-rating
- disk_event_security-rating - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_event_system
- disk_event_system - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_event_user
- disk_event_user - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_event_vpn
- disk_event_vpn - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_event_wad
- disk_event_wad - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_event_wireless
- disk_event_wireless - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_file-filter_raw
- disk_file-filter_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_gtp_raw
- disk_gtp_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_ips_archive
- disk_ips_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
- mkey - Archive identifier. type: int
- roll - Log roll number. (required if source is not fortianalyzer) type: int
disk_ips_archive-download
- disk_ips_archive-download - Download an archived file.
- mkey - Archive identifier. type: int
- roll - Log roll number (required if source is not fortianalyzer). type: int
- filename - File name to use when saving the file in the browser. type: string
disk_ips_raw
- disk_ips_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_ssh_raw
- disk_ssh_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_ssl_raw
- disk_ssl_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_traffic_fortiview
- disk_traffic_fortiview - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_traffic_forward
- disk_traffic_forward - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_traffic_local
- disk_traffic_local - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_traffic_multicast
- disk_traffic_multicast - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_traffic_sniffer
- disk_traffic_sniffer - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_traffic_threat
- disk_traffic_threat - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
disk_virus_archive
- disk_virus_archive - Return a description of the quarantined virus file.
- mkey - checksum column from the virus log. type: int
- filename - Filename of the antivirus archive. (virus type only) type: string
disk_virus_raw
- disk_virus_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_voip_raw
- disk_voip_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_waf_raw
- disk_waf_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
disk_webfilter_raw
- disk_webfilter_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_anomaly_raw
- fortianalyzer_anomaly_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_app-ctrl_archive
- fortianalyzer_app-ctrl_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
- mkey - Archive identifier. type: int
- roll - Log roll number. (required if source is not fortianalyzer) type: int
fortianalyzer_app-ctrl_archive-download
- fortianalyzer_app-ctrl_archive-download - Download an archived file.
- mkey - Archive identifier. type: int
- roll - Log roll number (required if source is not fortianalyzer). type: int
- filename - File name to use when saving the file in the browser. type: string
fortianalyzer_app-ctrl_raw
- fortianalyzer_app-ctrl_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_cifs_raw
- fortianalyzer_cifs_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_dlp_raw
- fortianalyzer_dlp_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_dns_raw
- fortianalyzer_dns_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_emailfilter_raw
- fortianalyzer_emailfilter_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_event_compliance-check
- fortianalyzer_event_compliance-check - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_event_connector
- fortianalyzer_event_connector - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_event_endpoint
- fortianalyzer_event_endpoint - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_event_fortiextender
- fortianalyzer_event_fortiextender - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_event_ha
- fortianalyzer_event_ha - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_event_router
- fortianalyzer_event_router - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_event_security-rating
- fortianalyzer_event_security-rating - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_event_system
- fortianalyzer_event_system - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_event_user
- fortianalyzer_event_user - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_event_vpn
- fortianalyzer_event_vpn - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_event_wad
- fortianalyzer_event_wad - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_event_wireless
- fortianalyzer_event_wireless - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_file-filter_raw
- fortianalyzer_file-filter_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_gtp_raw
- fortianalyzer_gtp_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_ips_archive
- fortianalyzer_ips_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
- mkey - Archive identifier. type: int
- roll - Log roll number. (required if source is not fortianalyzer) type: int
fortianalyzer_ips_archive-download
- fortianalyzer_ips_archive-download - Download an archived file.
- mkey - Archive identifier. type: int
- roll - Log roll number (required if source is not fortianalyzer). type: int
- filename - File name to use when saving the file in the browser. type: string
fortianalyzer_ips_raw
- fortianalyzer_ips_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_ssh_raw
- fortianalyzer_ssh_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_ssl_raw
- fortianalyzer_ssl_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_traffic_fortiview
- fortianalyzer_traffic_fortiview - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_traffic_forward
- fortianalyzer_traffic_forward - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_traffic_local
- fortianalyzer_traffic_local - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_traffic_multicast
- fortianalyzer_traffic_multicast - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_traffic_sniffer
- fortianalyzer_traffic_sniffer - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_traffic_threat
- fortianalyzer_traffic_threat - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
fortianalyzer_virus_archive
- fortianalyzer_virus_archive - Return a description of the quarantined virus file.
- mkey - checksum column from the virus log. type: int
- filename - Filename of the antivirus archive. (virus type only) type: string
fortianalyzer_virus_raw
- fortianalyzer_virus_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_voip_raw
- fortianalyzer_voip_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_waf_raw
- fortianalyzer_waf_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
fortianalyzer_webfilter_raw
- fortianalyzer_webfilter_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_anomaly_raw
- forticloud_anomaly_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_app-ctrl_archive
- forticloud_app-ctrl_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
- mkey - Archive identifier. type: int
- roll - Log roll number. (required if source is not fortianalyzer) type: int
forticloud_app-ctrl_archive-download
- forticloud_app-ctrl_archive-download - Download an archived file.
- mkey - Archive identifier. type: int
- roll - Log roll number (required if source is not fortianalyzer). type: int
- filename - File name to use when saving the file in the browser. type: string
forticloud_app-ctrl_raw
- forticloud_app-ctrl_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_cifs_raw
- forticloud_cifs_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_dlp_raw
- forticloud_dlp_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_dns_raw
- forticloud_dns_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_emailfilter_raw
- forticloud_emailfilter_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_event_compliance-check
- forticloud_event_compliance-check - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_event_connector
- forticloud_event_connector - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_event_endpoint
- forticloud_event_endpoint - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_event_fortiextender
- forticloud_event_fortiextender - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_event_ha
- forticloud_event_ha - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_event_router
- forticloud_event_router - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_event_security-rating
- forticloud_event_security-rating - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_event_system
- forticloud_event_system - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_event_user
- forticloud_event_user - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_event_vpn
- forticloud_event_vpn - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_event_wad
- forticloud_event_wad - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_event_wireless
- forticloud_event_wireless - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_file-filter_raw
- forticloud_file-filter_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_gtp_raw
- forticloud_gtp_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_ips_archive
- forticloud_ips_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
- mkey - Archive identifier. type: int
- roll - Log roll number. (required if source is not fortianalyzer) type: int
forticloud_ips_archive-download
- forticloud_ips_archive-download - Download an archived file.
- mkey - Archive identifier. type: int
- roll - Log roll number (required if source is not fortianalyzer). type: int
- filename - File name to use when saving the file in the browser. type: string
forticloud_ips_raw
- forticloud_ips_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_ssh_raw
- forticloud_ssh_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_ssl_raw
- forticloud_ssl_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_traffic_fortiview
- forticloud_traffic_fortiview - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_traffic_forward
- forticloud_traffic_forward - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_traffic_local
- forticloud_traffic_local - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_traffic_multicast
- forticloud_traffic_multicast - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_traffic_sniffer
- forticloud_traffic_sniffer - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_traffic_threat
- forticloud_traffic_threat - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
forticloud_virus_archive
- forticloud_virus_archive - Return a description of the quarantined virus file.
- mkey - checksum column from the virus log. type: int
- filename - Filename of the antivirus archive. (virus type only) type: string
forticloud_virus_raw
- forticloud_virus_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_voip_raw
- forticloud_voip_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_waf_raw
- forticloud_waf_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
forticloud_webfilter_raw
- forticloud_webfilter_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_anomaly_raw
- memory_anomaly_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_app-ctrl_archive
- memory_app-ctrl_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
- mkey - Archive identifier. type: int
- roll - Log roll number. (required if source is not fortianalyzer) type: int
memory_app-ctrl_archive-download
- memory_app-ctrl_archive-download - Download an archived file.
- mkey - Archive identifier. type: int
- roll - Log roll number (required if source is not fortianalyzer). type: int
- filename - File name to use when saving the file in the browser. type: string
memory_app-ctrl_raw
- memory_app-ctrl_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_cifs_raw
- memory_cifs_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_dlp_raw
- memory_dlp_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_dns_raw
- memory_dns_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_emailfilter_raw
- memory_emailfilter_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_event_compliance-check
- memory_event_compliance-check - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_event_connector
- memory_event_connector - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_event_endpoint
- memory_event_endpoint - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_event_fortiextender
- memory_event_fortiextender - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_event_ha
- memory_event_ha - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_event_router
- memory_event_router - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_event_security-rating
- memory_event_security-rating - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_event_system
- memory_event_system - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_event_user
- memory_event_user - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_event_vpn
- memory_event_vpn - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_event_wad
- memory_event_wad - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_event_wireless
- memory_event_wireless - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_file-filter_raw
- memory_file-filter_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_gtp_raw
- memory_gtp_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_ips_archive
- memory_ips_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
- mkey - Archive identifier. type: int
- roll - Log roll number. (required if source is not fortianalyzer) type: int
memory_ips_archive-download
- memory_ips_archive-download - Download an archived file.
- mkey - Archive identifier. type: int
- roll - Log roll number (required if source is not fortianalyzer). type: int
- filename - File name to use when saving the file in the browser. type: string
memory_ips_raw
- memory_ips_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_ssh_raw
- memory_ssh_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_ssl_raw
- memory_ssl_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_traffic_fortiview
- memory_traffic_fortiview - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_traffic_forward
- memory_traffic_forward - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_traffic_local
- memory_traffic_local - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_traffic_multicast
- memory_traffic_multicast - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_traffic_sniffer
- memory_traffic_sniffer - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_traffic_threat
- memory_traffic_threat - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
memory_virus_archive
- memory_virus_archive - Return a description of the quarantined virus file.
- mkey - checksum column from the virus log. type: int
- filename - Filename of the antivirus archive. (virus type only) type: string
memory_virus_raw
- memory_virus_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_voip_raw
- memory_voip_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_waf_raw
- memory_waf_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
memory_webfilter_raw
- memory_webfilter_raw - Log data for the given log type in raw format.
- start - Row number for the first row to return. type: int
- rows - Number of rows to return. type: int
- session_id - Provide a session_id to continue getting data for that request. type: int
- serial_no - Retrieve log from the specified device. type: string
- is_ha_member - Is the specified device an HA member. type: boolean
- filter - Filter expression(s). type: string
- disk_anomaly_raw - Log data for the given log type in raw format.
- params - the parameter for each selector, see definition in above list.type: dict
Notes¶
Note
- Different
selector
may have different parameters, users are expected to look up them for a specific selector. - For some selectors, the objects are global, no
params
are allowed to appear. - Not all parameters are required for a slector.
- This module is exclusivly for FortiOS monitor API.
- The result of API request is stored in
results
. - There are three filtering parameters:
filters
,sorters
andformatters
, please see filtering spec for more information.
Examples¶
- hosts: fortigate03
connection: httpapi
collections:
- fortinet.fortios
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Get system event log with logid==0100032038
fortios_log_fact:
filters:
- logid==0100032038
selector: "disk_event_system"
params:
rows: 100
- name: Get a description of the quarantined virus file
fortios_log_fact:
selector: "forticloud_virus_archive"
Return Values¶
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- build - Build number of the fortigate image returned: always type: str sample: 1547
- rows - Number of rows to return returned: always type: int sample: 400
- serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
- session_id - Session id for the request returned: always type: int sample: 7
- start - Row number for the first row to return returned: always type: int sample: 0
- status - Indication of the operation's result returned: always type: str sample: success
- subcategory - Type of log that can be retrieved returned: always type: str sample: system
- total_lines - Total lines returned from the result returned: always type: int sample: 510
- vdom - Virtual domain used returned: always type: str sample: root
- version - Version of the FortiGate returned: always type: str sample: v5.6.3