fortios_monitor_fact – Retrieve Facts of FortiOS Monitor Objects.

New in version 2.10.

Synopsis

• Collects monitor facts from network devices running the fortios operating system. This facts module will only collect those facts which user specified in playbook.

Requirements

The below requirements are needed on the host that executes this module.

• install galaxy collection fortinet.fortios >= 2.0.0.

Parameters

• vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str required: False default: root
• enable_log - Enable/Disable logging for task. type: bool required: False default: False
• access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: False
• selector - selector of the retrieved fortimanager facts type: str choices:

• Show full selector list...

  • endpoint-control_avatar_download - Download an endpoint avatar image.
    • default - Default avatar name ['authuser'|'unauthuser'|'authuser_72'|'unauthuser_72']. Default avatar when endpoint / device avatar is not available. If default is not set, Not found 404 is returned. type: string
    • uid - Single FortiClient UID. type: string
    • user - User name of the endpoint. type: string
  • endpoint-control_ems_cert-status - Retrieve authentication status of the EMS server certificate for a specific EMS.
    • with_cert - Return detailed certificate information. Available when the certificate is authenticated by installed CA certificates. type: boolean
    • ems_name - EMS server name (as defined in CLI table endpoint-control.fctems). type: string
  • endpoint-control_ems_status - Retrieve EMS connection status for a specific EMS.
    • ems_name - EMS server name (as defined in CLI table endpoint-control.fctems). type: string
  • endpoint-control_installer - List available FortiClient installers.
    • min_version - Filter: Minimum installer version. (String of the format n[.n[.n]]). type: string
  • endpoint-control_installer_download - Download a FortiClient installer via FortiGuard.
    • mkey - Name of installer (image_id). type: string
  • endpoint-control_record-list - List endpoint records.
    • intf_name - Filter: Name of interface where the endpoint was detected. type: string
  • endpoint-control_summary
  • extender-controller_extender - Retrieve statistics for specific configured FortiExtender units.
    • type - Statistic type.'type' options are [system | modem | usage | last]. If 'type' is not specified, all types of statistics are retrieved. type: string
    • id - List of FortiExtender IDs to query. type: array
  • firewall_acl
  • firewall_acl6
  • firewall_address-dynamic
  • firewall_address-fqdns
  • firewall_address-fqdns6
  • firewall_address6-dynamic
  • firewall_health
  • firewall_internet-service-details - List all details for a given Internet Service ID.
    • count - Maximum number of entries to return. Valid range is [20, 1000]; if a value is specified out of that range, it will be rounded up or down. Default value is 1000. type: int
    • region_id - Filter: Region ID. type: int
    • summary_only - Only return number of entries instead of entries. type: boolean
    • city_id - Filter: City ID. type: int
    • country_id - Filter: Country ID. type: int
    • start - Starting entry index. If a value is less than zero, it will be set to zero. type: int
    • id - ID of the Internet Service to get details for. type: int
  • firewall_internet-service-match - List internet services that exist at a given IP or Subnet.
    • ip - IP (in dot-decimal notation). type: string
    • mask - IP Mask (in dot-decimal notation). type: string
  • firewall_ippool
  • firewall_load-balance - List all firewall load balance servers.
    • count - Maximum number of entries to return. type: int
    • start - Starting entry index. type: int
  • firewall_local-in
  • firewall_per-ip-shaper
  • firewall_policy - List traffic statistics for firewall policies.
    • ip_version - Filter: Traffic IP Version. [ ipv4 | ipv6 ], if left empty, will retrieve data for both ipv4 and ipv6. type: string
    • policyid - Filter: Policy ID. type: int
  • firewall_policy-lookup - Performs a policy lookup by creating a dummy packet and asking the kernel which policy would be hit.
    • protocol - Protocol. type: string
    • dest - Destination IP/FQDN. type: string
    • icmpcode - ICMP code. type: int
    • icmptype - ICMP type. type: int
    • srcintf - Source interface. type: string
    • ipv6 - Perform an IPv6 lookup? type: boolean
    • sourceport - Source port. type: int
    • sourceip - Source IP. type: string
    • destport - Destination port. type: int
  • firewall_proxy-policy - List traffic statistics for all explicit proxy policies.
    • policyid - Filter: Policy ID. type: int
  • firewall_sdn-connector-filters - List all available filters for a specified SDN Fabric Connector. Used for Fabric Connector address objects.
    • connector - Name of the SDN Fabric Connector to get the filters from. type: string
  • firewall_security-policy - List IPS engine statistics for security policies.
    • policyid - Filter: Policy ID. type: int
  • firewall_session - List all active firewall sessions (optionally filtered).
    • since - Filter: Only return sessions generated since this Unix timestamp. type: int
    • protocol - Filter: Protocol name [all|igmp|tcp|udp|icmp|etc]. type: string
    • nturbo - Filter: 1 to include nTurbo sessions, 0 to exclude. type: int
    • srcintfrole - Filter: Source interface roles. type: array
    • owner - Filter: Destination owner. type: string
    • srcuuid - Filter: Source UUID. type: string
    • dstintfrole - Filter: Destination interface roles. type: array
    • natsourceaddress - Filter: NAT source address. type: string
    • source - Filter: Source IP address. type: string
    • destination - Filter: Destination IP address. type: string
    • application - Filter: Application PROTO/PORT. (e.g. "TCP/443") type: string
    • sourceport - Filter: Source port. type: int
    • natsourceport - Filter: NAT source port. type: int
    • start - Starting entry index. type: int
    • dstuuid - Filter: Destination UUID. type: string
    • username - Filter: Authenticated username. type: string
    • seconds - Filter: Only return sessions generated in the last N seconds. type: int
    • policyid - Filter: Policy ID. type: int
    • srcintf - Filter: Source interface name. type: string
    • fortiasic - Filter: 1 to include NPU accelerated sessions, 0 to exclude. type: int
    • destport - Filter: Destination port. type: int
    • count - Maximum number of entries to return. Valid range is [20, 1000]; if a value is specified out of that range, it will be rounded up or down. type: int
    • filter-csf - Filter: Include sessions from downstream fortigates. type: boolean
    • country - Filter: Destination country name. type: string
    • summary - Enable/disable inclusion of session summary (setup rate, total sessions, etc). type: boolean
    • shaper - Filter: Forward traffic shaper name. type: string
    • ip_version - IP version [*ipv4 | ipv6 | ipboth]. type: string
    • dstintf - Filter: Destination interface name. type: string
  • firewall_shaper
  • firewall_uuid-list
  • firewall_uuid-type-lookup - Retrieve a mapping of UUIDs to their firewall object type for given UUIDs.
    • uuids - List of UUIDs to be resolved. type: array
  • fortiguard_redirect-portal
  • fortiguard_service-communication-stats - Retrieve historical statistics for communication with FortiGuard services.
    • service_type - To get stats for [forticare|fortiguard_download|fortiguard_query|forticloud_log|fortisandbox_cloud|fortiguard.com|ocvpn|sdns|fortitoken_registration|sms_service]. Defaults to all stats if not provided. type: string
    • timeslot - History timeslot of stats [1_hour|24_hour|1_week]. Defaults to all timeslots if not provided. type: string
  • fortiview_sandbox-file-details - Retrieve FortiSandbox analysis details for a specific file checksum.
    • checksum - Checksum of a specific file that has been analyzed by the connected FortiSandbox. type: string
  • fortiview_sandbox-file-list
  • fortiview_statistics - Retrieve drill-down and summary data for FortiView (both realtime and historical).
    • count - Maximum number of details to return. type: int
    • end - End timestamp. type: int
    • realtime - Set to true to retrieve realtime results (from kernel). type: boolean
    • chart_only - Only return graph values in results. type: boolean
    • sort_by - Sort by field. type: string
    • filter - A map of filter keys to arrays of values. type: object
    • start - Start timestamp. type: int
    • sessionid - FortiView request Session ID. type: int
    • report_by - Report by field. type: string
    • device - FortiView source device [disk|fortianalyzer|forticloud]. type: string
    • ip_version - IP version [*ipv4 | ipv6 | ipboth]. type: string
  • ips_anomaly
  • ips_metadata
  • ips_rate-based
  • license_fortianalyzer-status
  • license_forticare-org-list
  • license_forticare-resellers - Get current FortiCare resellers for the requested country.
    • country_code - FortiGuard country code type: int
  • license_status
  • log_av-archive_download - Download file quarantined by AntiVirus.
    • mkey - Checksum for quarantined file. type: string
  • log_current-disk-usage
  • log_device_state
  • log_event
  • log_fortianalyzer - Return FortiAnalyzer/FortiManager log status.
    • srcip - The IP to use to make the request to the FortiAnalyzer [|auto]. When set to "auto" it will use the FortiGate's routing table to determine the IP to make the request from. type: string
    • scope - Scope from which to test the connectivity of the FortiAnalyzer address [vdom|global]. type: string
    • server - FortiAnalyzer/FortiManager address. type: string
  • log_fortianalyzer-queue - Retrieve information on FortiAnalyzer's queue state. Note:- FortiAnalyzer logs are queued only if upload-option is realtime.
    • scope - Scope from which to retrieve FortiAnalyzer's queue state [vdom*|global]. type: string
  • log_forticloud
  • log_forticloud-report-list
  • log_forticloud-report_download - Download PDF report from FortiCloud.
    • inline - Set to 1 to download the report inline. type: int
    • mkey - FortiCloud Report ID. type: int
  • log_historic-daily-remote-logs - Returns the amount of logs in bytes sent daily to a remote logging service (FortiCloud or FortiAnalyzer).
    • server - Service name [forticloud | fortianalyzer]. type: string
  • log_hourly-disk-usage
  • log_ips-archive_download - Download IPS/application control packet capture files. Uses configured log display device.
    • pcap_no - Packet capture roll number (required when log device is 'disk') type: int
    • pcap_category - Packet capture category (required when log device is 'disk') type: int
    • mkey - IPS archive ID. type: int
  • log_local-report-list
  • log_local-report_download - Download local report
    • mkey - Local Report Name. type: string
  • log_policy-archive_download - Download policy-based packet capture archive.
    • srcip - Source IP. type: string
    • dstip - Destination IP. type: string
    • mkey - Session ID (from traffic log). type: int
  • log_stats - Return number of logs sent by category per day for a specific log device.
    • dev - Log device [*memory | disk | fortianalyzer | forticloud]. type: string
  • network_ddns_lookup - Check DDNS FQDN availability.
    • domain - Filter: domain to check. type: string
  • network_ddns_servers
  • network_dns_latency
  • network_fortiguard_live-services-latency
  • network_lldp_neighbors
  • network_lldp_ports - List all active LLDP ports.
    • mkey - Filter: specific port name. type: string
  • network_reverse-ip-lookup - Retrieve the resolved DNS domain name for a given IP address.
    • ip - IP address (in dot-decimal notation). type: string
  • nsx_instance - List NSX instances and their resource statistics.
    • mkey - Filter: NSX SDN name. type: string
  • nsx_service_status - Retrieve NSX service status.
    • mkey - Filter: NSX SDN name. type: string
  • registration_forticloud_device-status - Fetch device registration status from FortiCloud. Currently FortiSwitch and FortiAP are supported.
    • serials - Serials of FortiSwitch and FortiAP to fetch registration status. type: array
    • update_cache - Clear cache and retrieve updated data. type: array
  • registration_forticloud_disclaimer
  • registration_forticloud_domains
  • router_ipv4 - List all active IPv4 routing table entries.
    • count - Maximum number of entries to return (Default for all routes). type: int
    • ip_mask - Filter: IP/netmask. type: string
    • start - Starting entry index. type: int
    • interface - Filter: interface name. type: string
    • type - Filter: route type. type: string
    • gateway - Filter: gateway. type: string
  • router_ipv6 - List all active IPv6 routing table entries.
    • count - Maximum number of entries to return (Default for all routes). type: int
    • ip_mask - Filter: IP/netmask. type: string
    • start - Starting entry index. type: int
    • interface - Filter: interface name. type: string
    • type - Filter: route type. type: string
    • gateway - Filter: gateway. type: string
  • router_lookup - Performs a route lookup by querying the routing table.
    • destination - Destination IP/FQDN. type: string
    • ipv6 - Perform an IPv6 lookup. type: boolean
  • router_lookup-policy - Performs a route lookup by querying the policy routing table.
    • protocol_number - IP Protocol Number. type: int
    • destination - Destination IP/FQDN. type: string
    • source - Source IP/FQDN. type: string
    • ipv6 - Perform an IPv6 lookup. type: boolean
    • destination_port - Destination Port. type: int
    • interface_name - Incoming Interface. type: string
  • router_policy - Retrieve a list of active IPv4 policy routes.
    • count - Maximum number of entries to return. type: int
    • start - Starting entry index. type: int
    • count_only - Returns the number of IPv4 policy routes only. type: boolean
  • router_policy6 - Retrieve a list of active IPv6 policy routes.
    • count - Maximum number of entries to return. type: int
    • start - Starting entry index. type: int
    • count_only - Returns the number of IPv6 policy routes only. type: boolean
  • router_statistics - Retrieve routing table statistics, including number of matched routes.
    • ip_version - IP version (4|6). If not present, IPv4 and IPv6 will be returned. type: int
    • ip_mask - Filter: IP/netmask. type: string
    • interface - Filter: interface name. type: string
    • type - Filter: route type. type: string
    • gateway - Filter: gateway. type: string
  • switch-controller_detected-device
  • switch-controller_fsw-firmware - Retrieve a list of recommended firmware for managed FortiSwitches.
    • timeout - FortiGuard connection timeout (defaults to 3 seconds). type: string
    • mkey - Filter: FortiSwitch ID. type: string
  • switch-controller_managed-switch - Retrieve statistics for configured FortiSwitches
    • fsw_id - DEPRECATED since 5.6.1, will be removed in 6.4. Please use mkey instead. type: string
    • port_stats - Filter: Retrieve tx/rx statistics for ports of configured FortiSwitches. type: boolean
    • stp_status - Filter: Retrieve STP status for ports of configured FortiSwitches. type: boolean
    • igmp_snooping_group - Filter: Retrieve IGMP Snooping group for configured FortiSwitches. type: boolean
    • qos_stats - Filter: Retrieve QoS statistics for ports of configured FortiSwitches. type: boolean
    • transceiver - Filter: Retrieve transceiver information for ports of configured FortiSwitches. type: boolean
    • poe - Filter: Retrieve PoE statistics for ports of configured FortiSwitches. Port power usage is in Watt units. type: boolean
    • mkey - Filter: FortiSwitch ID. type: string
  • switch-controller_managed-switch_dhcp-snooping
  • switch-controller_managed-switch_faceplate-xml - Retrieve XML for rendering FortiSwitch faceplate widget.
    • mkey - Name of managed FortiSwitch. type: string
  • switch-controller_managed-switch_transceivers
  • switch-controller_validate-switch-prefix - Validate a FortiSwitch serial number prefix.
    • prefix - Prefix of FortiSwitch serial number. type: string
  • system_3g-modem
  • system_acquired-dns
  • system_automation-stitch_stats - Stats for automation stitches.
    • mkey - Filter: Automation stitch name. type: string
  • system_available-certificates - Get available certificates.
    • scope - Scope of certificate [vdom*|global]. type: string
    • with_remote - Include remote certificates. type: boolean
    • with_ca - Include certificate authorities. type: boolean
    • with_crl - Include certificate revocation lists. type: boolean
  • system_available-interfaces - Retrieve a list of all interfaces along with some meta information regarding their availability.
    • scope - Scope of interface list [vdom|global] type: string
    • view_type - Optionally include additional information for interfaces. This parameter can be repeated multiple times. 'poe': Includes PoE information for supported ports (DEPRECATED in 6.4). 'ha': Includes extra meta information useful when dealing with interfaces related to HA configuration. Interfaces that are used by an HA cluster as management interfaces are also included in this view. 'zone': Includes extra meta information for determining zone membership eligibility. 'vwp': Includes extra meta information for determining virtual wire pair eligibility. 'sdwan': Includes extra meta information for determining SD-WAN eligibility. 'switch': Includes extra meta information for determining switch eligibility. 'hard-switch': Includes extra meta information for determining hard-switch eligibility. 'limited': Includes limited information on parent interfaces that are in another VDOM. type: string
  • system_botnet - List all known IP-based botnet entries in FortiGuard botnet database.
    • count - Maximum number of entries to return. type: int
    • start - Starting entry index. type: int
    • include_hit_only - Include entries with hits only. type: boolean
  • system_botnet-domains - List all known domain-based botnet entries in FortiGuard botnet database.
    • count - Maximum number of entries to return. type: int
    • start - Starting entry index. type: int
  • system_botnet-domains_hits
  • system_botnet-domains_stat
  • system_botnet_stat
  • system_certificate_download - Download certificate.
    • scope - Scope of certificate [vdom*|global]. type: string
    • type - Type of certificate [local-cer|remote-cer|local-ca|remote-ca|local-csr|crl]. type: string
    • mkey - Name of certificate. type: string
  • system_check-port-availability - Check whether a list of TCP port ranges is available for a certain service.
    • port_ranges - List of TCP port range objects to check against. type: array
    • service - The service in which the ports could be available. 'service' options are [reserved | sysglobal | webproxy | ftpproxy | sslvpn | slaprobe | fsso | ftm_push]. If 'service' is not specified, the port ranges availability is checked against all services. type: string
  • system_com-log_download
  • system_com-log_update
  • system_config-revision
  • system_config-revision_file - Download a specific configuration revision.
    • config_id - Configuration id. type: int
  • system_config-revision_info - Retrieve meta information for a specific configuration revision.
    • config_id - Configuration id. type: int
  • system_config-script
  • system_config-sync_status
  • system_config_backup - Backup system config
    • password - Password to encrypt configuration data. type: string
    • usb_filename - When using 'usb' destination: the filename to save to on the connected USB device type: string
    • destination - Configuration file destination [file* | usb] type: string
    • vdom - If 'vdom' scope specified, the name of the VDOM to backup configuration. type: string
    • scope - Specify global or VDOM only backup [global | vdom]. type: string
  • system_config_usb-filelist
  • system_csf - Retrieve a full tree of downstream FortiGates registered to the Security Fabric.
    • scope - Scope from which to retrieve the Security Fabric tree [vdom*|global]. type: string
  • system_csf_pending-authorizations
  • system_current-admins
  • system_debug_download
  • system_dhcp - List all DHCP and DHCPv6 leases.
    • interface - Filter: Retrieve DHCP leases for this interface only. type: string
    • scope - Scope from which to retrieve DHCP leases [vdom*|global]. Global scope is only accessible for global administrators. type: string
    • ipv6 - Include IPv6 addresses in the response. type: boolean
  • system_firmware
  • system_firmware_upgrade-paths
  • system_fortiguard_server-info
  • system_fortimanager_backup-details - Get the properties of a FortiManager object.
    • datasource - Object datasource. type: string
    • mkey - Object name. type: string
  • system_fortimanager_backup-summary
  • system_fortimanager_status
  • system_global-resources
  • system_ha-checksums
  • system_ha-history
  • system_ha-peer - Get configuration of peer(s) in HA cluster. Uptime is expressed in seconds.
    • serial_no - Serial number of the HA member. If not specified, fetch information for all HA members type: string
    • vcluster_id - Virtual cluster number. If not specified, fetch information for all active vclusters type: int
  • system_ha-statistics
  • system_interface - Retrieve statistics for all system interfaces.
    • scope - Scope from which to retrieve the interface stats from [vdom|global]. type: string
    • interface_name - Filter: interface name. type: string
    • include_vlan - Enable to include VLANs in result list. type: boolean
    • include_aggregate - Enable to include Aggregate interfaces in result list. type: boolean
  • system_interface_dhcp-status - Retrieve the DHCP client status of an interface.
    • mkey - Name of the interface. type: string
  • system_interface_poe - Retrieve PoE statistics for system interfaces.
    • scope - Scope from which to retrieve the interface stats from [vdom|global] (default=vdom). type: string
    • mkey - Filter: Name of the interface to fetch PoE statistics for. type: string
  • system_interface_speed-test-status - Retrieve the current status of a speed-test with the results if finished.
    • id - ID of the speed test. type: int
  • system_interface_transceivers - Get a list of transceivers being used by the FortiGate.
    • scope - Scope from which to retrieve the transceiver information from [vdom|global]. type: string
  • system_ipconf - Determine if there is an IP conflict for a specific IP using ARP.
    • devs - List of interfaces to check for conflict. type: array
    • ipaddr - IPv4 address to check for conflict. type: string
  • system_link-monitor - Retrieve per-interface statistics for active link monitors.
    • mkey - Name of link monitor. type: string
  • system_modem
  • system_nat46-ippools
  • system_object_usage - Retrieve all objects that are currently using as well as objects that can use the given object.
    • scope - Scope of resource [vdom|global]. type: string
    • q_name - The CMDB table's name type: string
    • mkey - The mkey for the object type: string
    • qtypes - List of CMDB table qTypes type: array
    • q_path - The CMDB table's path type: string
  • system_resolve-fqdn - Resolves the provided FQDNs to FQDN -> IP mappings.
    • fqdn - List of FQDNs to be resolved type: array
    • ipv6 - Resolve for the AAAA record? type: boolean
  • system_resource_usage - Retreive current and historical usage data for a provided resource.
    • scope - Scope of resource [vdom|global]. This parameter is only applicable if the FGT is in VDOM mode. type: string
    • interval - Time interval of resource usage [1-min|10-min|30-min|1-hour|12-hour|24-hour]. Defaults to all intervals if not provided. type: string
    • resource - Resource to get usage data for [cpu|mem|disk|session|session6|setuprate|setuprate6|disk_lograte|faz_lograte|forticloud_lograte]. Defaults to all resources if not provided. Additionally, [npu_session|npu_session6] data is available for devices that have an NPU and [nturbo_session|nturbo_session6] data is available for NP6 devices that support NTurbo. type: string
  • system_sandbox_cloud-regions
  • system_sandbox_stats
  • system_sandbox_status
  • system_sandbox_test-connect - Test the connectivity of a given FortiSandbox IP.
    • server - IP of the FortiSandbox to test. type: string
  • system_sdn-connector_nsx-security-tags - Retrieve a list of NSX security tags for connected NSX servers.
    • mkey - Filter: NSX SDN connector name. type: string
  • system_sdn-connector_status - Retrieve connection status for SDN connectors.
    • type - Filter: SDN connector type. Ignored if mkey is specified. type: string
    • mkey - Filter: SDN connector name. type: string
  • system_security-rating - Retrieve a Security Rating report result. Without ID specified, returns the most recent result.
    • scope - Scope of the report [vdom*|global]. Global scope is only accessible for global administrators. type: string
    • id - Report ID. type: int
    • report_type - Report type to view, Security Report when unspecified. type: string
  • system_security-rating_history - Retrieve Security Rating history.
    • report_type - Security Rating report history to view, view Security Report when unspecified. type: string
  • system_security-rating_lang - Returns the requested Security Rating language mapping.
    • key - Requested language mapping (en, fr, big5, euc-kr, GB2312, pg, sp, x-sjis). type: string
  • system_security-rating_status - Check if a Security Rating report is currently running.
    • progress - Query report progress. type: boolean
    • id - Report ID. type: int
    • report_type - Report type to view, Security Report when unspecified. type: string
  • system_security-rating_supported-reports
  • system_sensor-info
  • system_sniffer
  • system_sniffer_download - Download a stored packet capture.
    • mkey - ID of packet capture entry. type: int
  • system_status
  • system_storage
  • system_time
  • system_timezone
  • system_trusted-cert-authorities - Get trusted certifiate authorities.
    • scope - Scope of certificate [vdom*|global]. type: string
  • system_usb-log
  • system_vdom-link - Gets a list of all NPU VDOM Links and VDOM Links.
    • scope - Scope from which to retrieve the VDOM link informaton from [vdom|global]. type: string
  • system_vdom-resource
  • system_vm-information
  • user_banned
  • user_collected-email - List email addresses collected from captive portal
    • ipv6 - Include collected email from IPv6 users. type: boolean
  • user_detected-device - Retrieve a list of detected devices.
    • with_fortiap - Retrieve FortiAP information. type: boolean
    • with_user - Retrieve authenticated user information. type: boolean
    • with_endpoint - Retrieve FortiClient endpoint information. type: boolean
    • with_dhcp - Retrieve DHCP lease information. type: boolean
    • expand_child_macs - Include child devices as separate entries in the list. type: boolean
    • with_fortilink - Retrieve FortiLink information. type: boolean
  • user_device - Retrieve a list of detected devices.
    • master_mac - Filter: Master MAC of a device. Multiple entries could be returned. type: string
    • master_only - List of master device only. type: boolean
  • user_firewall - List authenticated firewall users.
    • count - Maximum number of entries to return. type: int
    • start - Starting entry index. type: int
    • ipv4 - Include IPv4 user (default=true). type: boolean
    • ipv6 - Include IPv6 users. type: boolean
  • user_fortitoken
  • user_fsso - Get a list of fsso and fsso polling status.
    • type - Filter: Get the status for this type of FSSO entry [fsso|fsso-polling]. type: string
    • mkey - Filter: Get the status for a specific FSSO entry. `type` is required if this is set. type: string
  • user_info_query - Query user info.
    • keys - A list of keys to be returned. Omit to return all keys. Type: string type: array
    • start - Number of entries to skip from the beginning. type: int
    • number - Maximum number of entries to return. type: int
    • filters - A list of filters. Type: {"type": string, "value": string} type: array
  • user_info_thumbnail - Get user info thumbnail. Returns the first match to the filter.
    • filters - A list of filters. Type: {"type": string, "value": string} type: array
  • utm_antivirus_stats
  • utm_app-lookup - Query remote FortiFlow database to resolve hosts to application control entries.
    • hosts - List of hosts to resolve. type: array
  • utm_application-categories
  • utm_blacklisted-certificates - Retrieve a list of blacklisted SSL certificates.
    • count - Maximum number of entries to return. Limit is set to 2000. type: int
    • start - Starting entry index. type: int
  • utm_blacklisted-certificates_statistics
  • virtual-wan_health-check
  • virtual-wan_interface-log - Retrieve log of SD-WAN interface quality information.
    • interface - Filter: Interface name. type: string
    • seconds - Filter: Only return SLA logs generated in the last N seconds. type: int
    • since - Filter: Only return SLA logs generated since this Unix timestamp. type: int
  • virtual-wan_members
  • virtual-wan_sla-log - Retrieve log of SLA probe results for for each SD-WAN SLA rule.
    • interface - Filter: Interface name. type: string
    • seconds - Filter: Only return SLA logs generated in the last N seconds. type: int
    • since - Filter: Only return SLA logs generated since this Unix timestamp. type: int
    • sla - Filter: SLA name. type: string
  • vpn_ipsec - Return an array of active IPsec VPNs.
    • tunnel - Filter for a specific IPsec tunnel name. type: string
    • start - Starting entry index. type: int
    • count - Maximum number of entries to return. type: int
  • vpn_ocvpn_members
  • vpn_ocvpn_meta
  • vpn_ocvpn_status
  • vpn_ssl
  • vpn_ssl_stats
  • wanopt_history - Retrieve WAN opt. statistics history.
    • period - Statistics period [10-min*|hour|day|week|30-day]. type: string
  • wanopt_peer_stats
  • wanopt_webcache - Retrieve webcache statistics history.
    • period - Statistics period [10-min*|hour|day|week|30-day]. type: string
  • web-ui_custom-language_download - Download a custom language file.
    • filename - Name of custom language entry. type: string
  • webcache_stats - Retrieve webcache statistics.
    • period - Statistics period [10min|hour|day|month]. type: string
  • webfilter_category-quota - Retrieve quota usage statistics for webfilter categories.
    • profile - Webfilter profile. type: string
    • user - User or IP (required if profile specified). type: string
  • webfilter_fortiguard-categories - Return FortiGuard web filter categories.
    • convert_unrated_id - Convert Unrated category id to the one for CLI use. type: boolean
    • include_unrated - Include Unrated category in result list. type: boolean
  • webfilter_malicious-urls
  • webfilter_malicious-urls_stat
  • webfilter_override
  • webfilter_trusted-urls
  • webproxy_pacfile_download
  • wifi_ap_status
  • wifi_client - Retrieve a list of connected WiFi clients.
    • count - Maximum number of entries to return. type: int
    • start - Starting entry index. type: int
    • type - Request type [all*|fail-login]. type: string
  • wifi_euclid
  • wifi_firmware - Retrieve a list of current and recommended firmware for FortiAPs in use.
    • timeout - FortiGuard connection timeout (defaults to 2 seconds). type: string
  • wifi_interfering_ap - Retrieve a list of interfering APs for one FortiAP radio.
    • wtp - FortiAP ID to query. type: string
    • start - Starting entry index. type: int
    • radio - Radio ID. type: int
    • count - Maximum number of entries to return. type: int
  • wifi_managed_ap - Retrieve a list of managed FortiAPs.
    • incl_local - Enable to include the local FortiWiFi device in the results. type: boolean
    • wtp_id - Filter: single managed FortiAP by ID. type: string
  • wifi_network_list
  • wifi_network_status
  • wifi_region-image - Retrieves a floorplan/region image from a configured FortiAP region.
    • region_name - Region name to retrieve image from. type: string
  • wifi_rogue_ap - Retrieve a list of detected rogue APs.
    • count - Maximum number of entries to return. type: int
    • start - Starting entry index. type: int
  • wifi_spectrum - Retrieve spectrum analysis information for a specific FortiAP.
    • wtp_id - FortiAP ID to query. type: string
  • wifi_vlan-probe - Retrieve the VLAN probe results.
    • wtp - FortiAP ID. type: string
    • ap_interface - FortiAP interface to send the probe on. type: int
• params - the parameter for each selector, see definition in above list.type: dict

Notes

Note

• Different selector may have different parameters, users are expected to look up them for a specific selector.
• For some selectors, the objects are global, no params are allowed to appear.
• Not all parameters are required for a slector.
• This module is exclusivly for FortiOS monitor API.
• The result of API request is stored in results.

Examples

- hosts: fortigate03
  connection: httpapi
  collections:
  - fortinet.fortios
  vars:
   vdom: "root"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 443
  tasks:

  - name: fact gathering
    fortios_monitor_fact:
       vdom: ""
       access_token: ""
       selector: 'firewall_acl'

  - name: fact gathering
    fortios_monitor_fact:
       vdom: ""
       access_token: ""
       selector: 'firewall_security-policy'
       params:
           policyid: '1'

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

• build - Build number of the fortigate image returned: always type: str sample: 1547
• http_method - Last method used to provision the content into FortiGate returned: always type: str sample: GET
• name - Name of the table used to fulfill the request returned: always type: str sample: firmware
• path - Path of the table used to fulfill the request returned: always type: str sample: system
• results - Object list retrieved from device. returned: always type: list
• revision - Internal revision number returned: always type: str sample: 17.0.2.10658
• serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
• status - Indication of the operation's result returned: always type: str sample: success
• vdom - Virtual domain used returned: always type: str sample: root
• version - Version of the FortiGate returned: always type: str sample: v5.6.3
• ansible_facts - The list of fact subsets collected from the device returned: always type: dict

Status

• This module is not guaranteed to have a backwards compatible interface.

Authors

• Link Zheng (@chillancezen)
• Jie Xue (@JieX19)
• Hongbin Lu (@fgtdev-hblu)
• Frank Shen (@fshen01)

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.