fortios_log_fact – Retrieve Log Data of Fortios Log Objects.

New in version 2.10.

Synopsis

• Collects log data from network devices running the fortios operating system. This module will only collect the log data specified in the playbook.

Requirements

The below requirements are needed on the host that executes this module.

• install galaxy collection fortinet.fortios >= 2.1.0.

Parameters

• vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str required: False default: root
• enable_log - Enable/Disable logging for task. type: bool required: False default: False
• access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: False
• filters - A list of expressions to filter the returned results. type: list required: False more...
  Filter item must be in the following format: [key][operator][pattern], operators could be found in the table:

  Operator	Case sensitive	Description
  ==	Yes	Pattern must be identical to the value.
  =*	No	Pattern must be identical to the value.
  !=	Yes	Pattern does not match the value.
  !*	No	Pattern does not match the value.
  =@	No	Pattern found within value.
  !@	No	Pattern not found within value.
  <=	n/a	Value must be less than or equal to pattern.
  <	n/a	Value must be less than pattern.
  >=	n/a	Value must be greater than or equal to pattern.
  >	n/a	Value must be greater than pattern.

• sorters - A list of expressions to sort the returned results. type: list required: False more...
  Sorter item must be a [key] followed by a ,asc or ,dsc order derective.
  examples: name,asc to sort the result by name in ascending order; vlanid,asc to sort the result by vlanid in descending order.
• formatters - A list of fields to display for returned results. type: list required: False
• selector - selector of the retrieved log data type: str choices:

• Show full selector list...

  disk_anomaly_raw
  • disk_anomaly_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_app-ctrl_archive
  • disk_app-ctrl_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number. (required if source is not fortianalyzer) type: int
  disk_app-ctrl_archive-download
  • disk_app-ctrl_archive-download - Download an archived file.
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number (required if source is not fortianalyzer). type: int
    • filename - File name to use when saving the file in the browser. type: string
  disk_app-ctrl_raw
  • disk_app-ctrl_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_cifs_raw
  • disk_cifs_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_dlp_raw
  • disk_dlp_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_dns_raw
  • disk_dns_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_emailfilter_raw
  • disk_emailfilter_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_event_compliance-check
  • disk_event_compliance-check - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_event_connector
  • disk_event_connector - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_event_endpoint
  • disk_event_endpoint - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_event_fortiextender
  • disk_event_fortiextender - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_event_ha
  • disk_event_ha - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_event_router
  • disk_event_router - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_event_security-rating
  • disk_event_security-rating - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_event_system
  • disk_event_system - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_event_user
  • disk_event_user - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_event_vpn
  • disk_event_vpn - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_event_wad
  • disk_event_wad - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_event_wireless
  • disk_event_wireless - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_file-filter_raw
  • disk_file-filter_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_gtp_raw
  • disk_gtp_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_ips_archive
  • disk_ips_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number. (required if source is not fortianalyzer) type: int
  disk_ips_archive-download
  • disk_ips_archive-download - Download an archived file.
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number (required if source is not fortianalyzer). type: int
    • filename - File name to use when saving the file in the browser. type: string
  disk_ips_raw
  • disk_ips_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_ssh_raw
  • disk_ssh_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_ssl_raw
  • disk_ssl_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_traffic_fortiview
  • disk_traffic_fortiview - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_traffic_forward
  • disk_traffic_forward - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_traffic_local
  • disk_traffic_local - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_traffic_multicast
  • disk_traffic_multicast - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_traffic_sniffer
  • disk_traffic_sniffer - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_traffic_threat
  • disk_traffic_threat - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  disk_virus_archive
  • disk_virus_archive - Return a description of the quarantined virus file.
    • vdom - The name of the virtual domain type: str
    • mkey - checksum column from the virus log. type: int
    • filename - Filename of the antivirus archive. (virus type only) type: string
  disk_virus_raw
  • disk_virus_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_voip_raw
  • disk_voip_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_waf_raw
  • disk_waf_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  disk_webfilter_raw
  • disk_webfilter_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_anomaly_raw
  • fortianalyzer_anomaly_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_app-ctrl_archive
  • fortianalyzer_app-ctrl_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number. (required if source is not fortianalyzer) type: int
  fortianalyzer_app-ctrl_archive-download
  • fortianalyzer_app-ctrl_archive-download - Download an archived file.
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number (required if source is not fortianalyzer). type: int
    • filename - File name to use when saving the file in the browser. type: string
  fortianalyzer_app-ctrl_raw
  • fortianalyzer_app-ctrl_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_cifs_raw
  • fortianalyzer_cifs_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_dlp_raw
  • fortianalyzer_dlp_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_dns_raw
  • fortianalyzer_dns_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_emailfilter_raw
  • fortianalyzer_emailfilter_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_event_compliance-check
  • fortianalyzer_event_compliance-check - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_event_connector
  • fortianalyzer_event_connector - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_event_endpoint
  • fortianalyzer_event_endpoint - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_event_fortiextender
  • fortianalyzer_event_fortiextender - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_event_ha
  • fortianalyzer_event_ha - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_event_router
  • fortianalyzer_event_router - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_event_security-rating
  • fortianalyzer_event_security-rating - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_event_system
  • fortianalyzer_event_system - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_event_user
  • fortianalyzer_event_user - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_event_vpn
  • fortianalyzer_event_vpn - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_event_wad
  • fortianalyzer_event_wad - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_event_wireless
  • fortianalyzer_event_wireless - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_file-filter_raw
  • fortianalyzer_file-filter_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_gtp_raw
  • fortianalyzer_gtp_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_ips_archive
  • fortianalyzer_ips_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number. (required if source is not fortianalyzer) type: int
  fortianalyzer_ips_archive-download
  • fortianalyzer_ips_archive-download - Download an archived file.
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number (required if source is not fortianalyzer). type: int
    • filename - File name to use when saving the file in the browser. type: string
  fortianalyzer_ips_raw
  • fortianalyzer_ips_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_ssh_raw
  • fortianalyzer_ssh_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_ssl_raw
  • fortianalyzer_ssl_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_traffic_fortiview
  • fortianalyzer_traffic_fortiview - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_traffic_forward
  • fortianalyzer_traffic_forward - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_traffic_local
  • fortianalyzer_traffic_local - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_traffic_multicast
  • fortianalyzer_traffic_multicast - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_traffic_sniffer
  • fortianalyzer_traffic_sniffer - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_traffic_threat
  • fortianalyzer_traffic_threat - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  fortianalyzer_virus_archive
  • fortianalyzer_virus_archive - Return a description of the quarantined virus file.
    • vdom - The name of the virtual domain type: str
    • mkey - checksum column from the virus log. type: int
    • filename - Filename of the antivirus archive. (virus type only) type: string
  fortianalyzer_virus_raw
  • fortianalyzer_virus_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_voip_raw
  • fortianalyzer_voip_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_waf_raw
  • fortianalyzer_waf_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  fortianalyzer_webfilter_raw
  • fortianalyzer_webfilter_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_anomaly_raw
  • forticloud_anomaly_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_app-ctrl_archive
  • forticloud_app-ctrl_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number. (required if source is not fortianalyzer) type: int
  forticloud_app-ctrl_archive-download
  • forticloud_app-ctrl_archive-download - Download an archived file.
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number (required if source is not fortianalyzer). type: int
    • filename - File name to use when saving the file in the browser. type: string
  forticloud_app-ctrl_raw
  • forticloud_app-ctrl_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_cifs_raw
  • forticloud_cifs_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_dlp_raw
  • forticloud_dlp_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_dns_raw
  • forticloud_dns_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_emailfilter_raw
  • forticloud_emailfilter_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_event_compliance-check
  • forticloud_event_compliance-check - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_event_connector
  • forticloud_event_connector - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_event_endpoint
  • forticloud_event_endpoint - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_event_fortiextender
  • forticloud_event_fortiextender - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_event_ha
  • forticloud_event_ha - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_event_router
  • forticloud_event_router - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_event_security-rating
  • forticloud_event_security-rating - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_event_system
  • forticloud_event_system - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_event_user
  • forticloud_event_user - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_event_vpn
  • forticloud_event_vpn - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_event_wad
  • forticloud_event_wad - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_event_wireless
  • forticloud_event_wireless - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_file-filter_raw
  • forticloud_file-filter_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_gtp_raw
  • forticloud_gtp_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_ips_archive
  • forticloud_ips_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number. (required if source is not fortianalyzer) type: int
  forticloud_ips_archive-download
  • forticloud_ips_archive-download - Download an archived file.
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number (required if source is not fortianalyzer). type: int
    • filename - File name to use when saving the file in the browser. type: string
  forticloud_ips_raw
  • forticloud_ips_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_ssh_raw
  • forticloud_ssh_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_ssl_raw
  • forticloud_ssl_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_traffic_fortiview
  • forticloud_traffic_fortiview - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_traffic_forward
  • forticloud_traffic_forward - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_traffic_local
  • forticloud_traffic_local - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_traffic_multicast
  • forticloud_traffic_multicast - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_traffic_sniffer
  • forticloud_traffic_sniffer - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_traffic_threat
  • forticloud_traffic_threat - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  forticloud_virus_archive
  • forticloud_virus_archive - Return a description of the quarantined virus file.
    • vdom - The name of the virtual domain type: str
    • mkey - checksum column from the virus log. type: int
    • filename - Filename of the antivirus archive. (virus type only) type: string
  forticloud_virus_raw
  • forticloud_virus_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_voip_raw
  • forticloud_voip_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_waf_raw
  • forticloud_waf_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  forticloud_webfilter_raw
  • forticloud_webfilter_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_anomaly_raw
  • memory_anomaly_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_app-ctrl_archive
  • memory_app-ctrl_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number. (required if source is not fortianalyzer) type: int
  memory_app-ctrl_archive-download
  • memory_app-ctrl_archive-download - Download an archived file.
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number (required if source is not fortianalyzer). type: int
    • filename - File name to use when saving the file in the browser. type: string
  memory_app-ctrl_raw
  • memory_app-ctrl_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_cifs_raw
  • memory_cifs_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_dlp_raw
  • memory_dlp_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_dns_raw
  • memory_dns_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_emailfilter_raw
  • memory_emailfilter_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_event_compliance-check
  • memory_event_compliance-check - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_event_connector
  • memory_event_connector - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_event_endpoint
  • memory_event_endpoint - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_event_fortiextender
  • memory_event_fortiextender - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_event_ha
  • memory_event_ha - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_event_router
  • memory_event_router - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_event_security-rating
  • memory_event_security-rating - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_event_system
  • memory_event_system - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_event_user
  • memory_event_user - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_event_vpn
  • memory_event_vpn - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_event_wad
  • memory_event_wad - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_event_wireless
  • memory_event_wireless - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_file-filter_raw
  • memory_file-filter_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_gtp_raw
  • memory_gtp_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_ips_archive
  • memory_ips_archive - Return a list of archived items for the desired type. :type can be app-ctrl or ips
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number. (required if source is not fortianalyzer) type: int
  memory_ips_archive-download
  • memory_ips_archive-download - Download an archived file.
    • vdom - The name of the virtual domain type: str
    • mkey - Archive identifier. type: int
    • roll - Log roll number (required if source is not fortianalyzer). type: int
    • filename - File name to use when saving the file in the browser. type: string
  memory_ips_raw
  • memory_ips_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_ssh_raw
  • memory_ssh_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_ssl_raw
  • memory_ssl_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_traffic_fortiview
  • memory_traffic_fortiview - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_traffic_forward
  • memory_traffic_forward - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_traffic_local
  • memory_traffic_local - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_traffic_multicast
  • memory_traffic_multicast - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_traffic_sniffer
  • memory_traffic_sniffer - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_traffic_threat
  • memory_traffic_threat - Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
    • extra - Flag(s) for extra data to be included [reverse_lookup|country_id]. type: string
  memory_virus_archive
  • memory_virus_archive - Return a description of the quarantined virus file.
    • vdom - The name of the virtual domain type: str
    • mkey - checksum column from the virus log. type: int
    • filename - Filename of the antivirus archive. (virus type only) type: string
  memory_virus_raw
  • memory_virus_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_voip_raw
  • memory_voip_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_waf_raw
  • memory_waf_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
  memory_webfilter_raw
  • memory_webfilter_raw - Log data for the given log type in raw format.
    • vdom - The name of the virtual domain type: str
    • start - Row number for the first row to return. type: int
    • rows - Number of rows to return. type: int
    • session_id - Provide a session_id to continue getting data for that request. type: int
    • serial_no - Retrieve log from the specified device. type: string
    • is_ha_member - Is the specified device an HA member. type: boolean
    • filter - Filter expression(s). type: string
• params - the parameter for each selector, see definition in above list.type: dict

Notes

Note

• Different selector may have different parameters, users are expected to look up them for a specific selector.

• For some selectors, the objects are global, no params are allowed to appear.

• Not all parameters are required for a slector.

• This module is exclusivly for FortiOS monitor API.

• The result of API request is stored in results.

• There are three filtering parameters: filters, sorters and formatters, please see filtering spec for more information.

Examples

- hosts: fortigates
  connection: httpapi
  collections:
  - fortinet.fortios
  vars:
   vdom: "root"
   ansible_httpapi_use_ssl: true
   ansible_httpapi_validate_certs: false
   ansible_httpapi_port: 443
  tasks:
  - name: Get system event log with logid==0100032038
    fortios_log_fact:
      filters:
        - logid==0100032038
      selector: "disk_event_system"
      params:
        rows: 100

  - name: Get a description of the quarantined virus file
    fortios_log_fact:
      selector: "forticloud_virus_archive"

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

• build - Build number of the fortigate image returned: always type: str sample: 1547
• rows - Number of rows to return returned: always type: int sample: 400
• serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
• session_id - Session id for the request returned: always type: int sample: 7
• start - Row number for the first row to return returned: always type: int sample: 0
• status - Indication of the operation's result returned: always type: str sample: success
• subcategory - Type of log that can be retrieved returned: always type: str sample: system
• total_lines - Total lines returned from the result returned: always type: int sample: 510
• vdom - Virtual domain used returned: always type: str sample: root
• version - Version of the FortiGate returned: always type: str sample: v5.6.3

Status

• This module is not guaranteed to have a backwards compatible interface.

Authors

• Link Zheng (@chillancezen)

• Jie Xue (@JieX19)

• Hongbin Lu (@fgtdev-hblu)

• Frank Shen (@fshen01)

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.