1#!/usr/local/bin/python3.8 2from __future__ import (absolute_import, division, print_function) 3# Copyright 2019-2020 Fortinet, Inc. 4# 5# This program is free software: you can redistribute it and/or modify 6# it under the terms of the GNU General Public License as published by 7# the Free Software Foundation, either version 3 of the License, or 8# (at your option) any later version. 9# 10# This program is distributed in the hope that it will be useful, 11# but WITHOUT ANY WARRANTY; without even the implied warranty of 12# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13# GNU General Public License for more details. 14# 15# You should have received a copy of the GNU General Public License 16# along with this program. If not, see <https://www.gnu.org/licenses/>. 17 18__metaclass__ = type 19 20ANSIBLE_METADATA = {'status': ['preview'], 21 'supported_by': 'community', 22 'metadata_version': '1.1'} 23 24DOCUMENTATION = ''' 25--- 26module: fortios_log_fortianalyzer_cloud_filter 27short_description: Filters for FortiAnalyzer Cloud in Fortinet's FortiOS and FortiGate. 28description: 29 - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the 30 user to set and modify log_fortianalyzer_cloud feature and filter category. 31 Examples include all parameters and values need to be adjusted to datasources before usage. 32 Tested with FOS v6.0.0 33version_added: "2.10" 34author: 35 - Link Zheng (@chillancezen) 36 - Jie Xue (@JieX19) 37 - Hongbin Lu (@fgtdev-hblu) 38 - Frank Shen (@frankshen01) 39 - Miguel Angel Munoz (@mamunozgonzalez) 40 - Nicolas Thomas (@thomnico) 41notes: 42 - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks 43 44requirements: 45 - ansible>=2.9.0 46options: 47 access_token: 48 description: 49 - Token-based authentication. 50 Generated from GUI of Fortigate. 51 type: str 52 required: false 53 enable_log: 54 description: 55 - Enable/Disable logging for task. 56 type: bool 57 required: false 58 default: false 59 vdom: 60 description: 61 - Virtual domain, among those defined previously. A vdom is a 62 virtual instance of the FortiGate that can be configured and 63 used as a different unit. 64 type: str 65 default: root 66 67 log_fortianalyzer_cloud_filter: 68 description: 69 - Filters for FortiAnalyzer Cloud. 70 default: null 71 type: dict 72 suboptions: 73 anomaly: 74 description: 75 - Enable/disable anomaly logging. 76 type: str 77 choices: 78 - enable 79 - disable 80 dlp_archive: 81 description: 82 - Enable/disable DLP archive logging. 83 type: str 84 choices: 85 - enable 86 - disable 87 dns: 88 description: 89 - Enable/disable detailed DNS event logging. 90 type: str 91 choices: 92 - enable 93 - disable 94 filter: 95 description: 96 - FortiAnalyzer Cloud log filter. 97 type: str 98 filter_type: 99 description: 100 - Include/exclude logs that match the filter. 101 type: str 102 choices: 103 - include 104 - exclude 105 forward_traffic: 106 description: 107 - Enable/disable forward traffic logging. 108 type: str 109 choices: 110 - enable 111 - disable 112 free_style: 113 description: 114 - Free Style Filters 115 type: list 116 suboptions: 117 category: 118 description: 119 - Log category. 120 type: str 121 choices: 122 - traffic 123 - event 124 - virus 125 - webfilter 126 - attack 127 - spam 128 - anomaly 129 - voip 130 - dlp 131 - app-ctrl 132 - waf 133 - gtp 134 - dns 135 - ssh 136 - ssl 137 - file-filter 138 - icap 139 filter: 140 description: 141 - Free style filter string. 142 type: str 143 filter_type: 144 description: 145 - Include/exclude logs that match the filter. 146 type: str 147 choices: 148 - include 149 - exclude 150 id: 151 description: 152 - Entry ID. 153 required: true 154 type: int 155 gtp: 156 description: 157 - Enable/disable GTP messages logging. 158 type: str 159 choices: 160 - enable 161 - disable 162 local_traffic: 163 description: 164 - Enable/disable local in or out traffic logging. 165 type: str 166 choices: 167 - enable 168 - disable 169 multicast_traffic: 170 description: 171 - Enable/disable multicast traffic logging. 172 type: str 173 choices: 174 - enable 175 - disable 176 netscan_discovery: 177 description: 178 - Enable/disable netscan discovery event logging. 179 type: str 180 netscan_vulnerability: 181 description: 182 - Enable/disable netscan vulnerability event logging. 183 type: str 184 severity: 185 description: 186 - Lowest severity level to log. 187 type: str 188 choices: 189 - emergency 190 - alert 191 - critical 192 - error 193 - warning 194 - notification 195 - information 196 - debug 197 sniffer_traffic: 198 description: 199 - Enable/disable sniffer traffic logging. 200 type: str 201 choices: 202 - enable 203 - disable 204 ssh: 205 description: 206 - Enable/disable SSH logging. 207 type: str 208 choices: 209 - enable 210 - disable 211 voip: 212 description: 213 - Enable/disable VoIP logging. 214 type: str 215 choices: 216 - enable 217 - disable 218''' 219 220EXAMPLES = ''' 221- hosts: fortigates 222 collections: 223 - fortinet.fortios 224 connection: httpapi 225 vars: 226 vdom: "root" 227 ansible_httpapi_use_ssl: yes 228 ansible_httpapi_validate_certs: no 229 ansible_httpapi_port: 443 230 tasks: 231 - name: Filters for FortiAnalyzer Cloud. 232 fortios_log_fortianalyzer_cloud_filter: 233 vdom: "{{ vdom }}" 234 log_fortianalyzer_cloud_filter: 235 anomaly: "enable" 236 dlp_archive: "enable" 237 dns: "enable" 238 filter: "<your_own_value>" 239 filter_type: "include" 240 forward_traffic: "enable" 241 free_style: 242 - 243 category: "traffic" 244 filter: "<your_own_value>" 245 filter_type: "include" 246 id: "13" 247 gtp: "enable" 248 local_traffic: "enable" 249 multicast_traffic: "enable" 250 netscan_discovery: "<your_own_value>" 251 netscan_vulnerability: "<your_own_value>" 252 severity: "emergency" 253 sniffer_traffic: "enable" 254 ssh: "enable" 255 voip: "enable" 256 257''' 258 259RETURN = ''' 260build: 261 description: Build number of the fortigate image 262 returned: always 263 type: str 264 sample: '1547' 265http_method: 266 description: Last method used to provision the content into FortiGate 267 returned: always 268 type: str 269 sample: 'PUT' 270http_status: 271 description: Last result given by FortiGate on last operation applied 272 returned: always 273 type: str 274 sample: "200" 275mkey: 276 description: Master key (id) used in the last call to FortiGate 277 returned: success 278 type: str 279 sample: "id" 280name: 281 description: Name of the table used to fulfill the request 282 returned: always 283 type: str 284 sample: "urlfilter" 285path: 286 description: Path of the table used to fulfill the request 287 returned: always 288 type: str 289 sample: "webfilter" 290revision: 291 description: Internal revision number 292 returned: always 293 type: str 294 sample: "17.0.2.10658" 295serial: 296 description: Serial number of the unit 297 returned: always 298 type: str 299 sample: "FGVMEVYYQT3AB5352" 300status: 301 description: Indication of the operation's result 302 returned: always 303 type: str 304 sample: "success" 305vdom: 306 description: Virtual domain used 307 returned: always 308 type: str 309 sample: "root" 310version: 311 description: Version of the FortiGate 312 returned: always 313 type: str 314 sample: "v5.6.3" 315 316''' 317from ansible.module_utils.basic import AnsibleModule 318from ansible.module_utils.connection import Connection 319from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import FortiOSHandler 320from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import check_legacy_fortiosapi 321from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import schema_to_module_spec 322from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import check_schema_versioning 323from ansible_collections.fortinet.fortios.plugins.module_utils.fortimanager.common import FAIL_SOCKET_MSG 324from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.comparison import is_same_comparison 325from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.comparison import serialize 326 327 328def filter_log_fortianalyzer_cloud_filter_data(json): 329 option_list = ['anomaly', 'dlp_archive', 'dns', 330 'filter', 'filter_type', 'forward_traffic', 331 'free_style', 'gtp', 'local_traffic', 332 'multicast_traffic', 'netscan_discovery', 'netscan_vulnerability', 333 'severity', 'sniffer_traffic', 'ssh', 334 'voip'] 335 dictionary = {} 336 337 for attribute in option_list: 338 if attribute in json and json[attribute] is not None: 339 dictionary[attribute] = json[attribute] 340 341 return dictionary 342 343 344def underscore_to_hyphen(data): 345 if isinstance(data, list): 346 for i, elem in enumerate(data): 347 data[i] = underscore_to_hyphen(elem) 348 elif isinstance(data, dict): 349 new_data = {} 350 for k, v in data.items(): 351 new_data[k.replace('_', '-')] = underscore_to_hyphen(v) 352 data = new_data 353 354 return data 355 356 357def log_fortianalyzer_cloud_filter(data, fos): 358 vdom = data['vdom'] 359 log_fortianalyzer_cloud_filter_data = data['log_fortianalyzer_cloud_filter'] 360 filtered_data = underscore_to_hyphen(filter_log_fortianalyzer_cloud_filter_data(log_fortianalyzer_cloud_filter_data)) 361 362 return fos.set('log.fortianalyzer-cloud', 363 'filter', 364 data=filtered_data, 365 vdom=vdom) 366 367 368def is_successful_status(status): 369 return status['status'] == "success" or \ 370 status['http_method'] == "DELETE" and status['http_status'] == 404 371 372 373def fortios_log_fortianalyzer_cloud(data, fos): 374 375 if data['log_fortianalyzer_cloud_filter']: 376 resp = log_fortianalyzer_cloud_filter(data, fos) 377 else: 378 fos._module.fail_json(msg='missing task body: %s' % ('log_fortianalyzer_cloud_filter')) 379 380 return not is_successful_status(resp), \ 381 resp['status'] == "success" and \ 382 (resp['revision_changed'] if 'revision_changed' in resp else True), \ 383 resp 384 385 386versioned_schema = { 387 "type": "dict", 388 "children": { 389 "filter": { 390 "type": "string", 391 "revisions": { 392 "v6.0.0": True, 393 "v7.0.0": False, 394 "v6.4.4": True, 395 "v6.4.0": True, 396 "v6.4.1": True, 397 "v6.2.0": True, 398 "v6.2.3": True, 399 "v6.2.5": True, 400 "v6.2.7": True, 401 "v6.0.11": True 402 } 403 }, 404 "dns": { 405 "type": "string", 406 "options": [ 407 { 408 "value": "enable", 409 "revisions": { 410 "v6.0.11": True, 411 "v6.0.0": True 412 } 413 }, 414 { 415 "value": "disable", 416 "revisions": { 417 "v6.0.11": True, 418 "v6.0.0": True 419 } 420 } 421 ], 422 "revisions": { 423 "v6.0.0": True, 424 "v7.0.0": False, 425 "v6.4.4": False, 426 "v6.4.0": False, 427 "v6.4.1": False, 428 "v6.2.0": False, 429 "v6.2.3": False, 430 "v6.2.5": False, 431 "v6.2.7": False, 432 "v6.0.11": True 433 } 434 }, 435 "netscan_discovery": { 436 "type": "string", 437 "revisions": { 438 "v6.0.0": True, 439 "v7.0.0": False, 440 "v6.4.4": False, 441 "v6.4.0": False, 442 "v6.4.1": False, 443 "v6.2.0": False, 444 "v6.2.3": False, 445 "v6.2.5": False, 446 "v6.2.7": False, 447 "v6.0.11": True 448 } 449 }, 450 "severity": { 451 "type": "string", 452 "options": [ 453 { 454 "value": "emergency", 455 "revisions": { 456 "v6.0.0": True, 457 "v7.0.0": True, 458 "v6.4.4": True, 459 "v6.4.0": True, 460 "v6.4.1": True, 461 "v6.2.0": True, 462 "v6.2.3": True, 463 "v6.2.5": True, 464 "v6.2.7": True, 465 "v6.0.11": True 466 } 467 }, 468 { 469 "value": "alert", 470 "revisions": { 471 "v6.0.0": True, 472 "v7.0.0": True, 473 "v6.4.4": True, 474 "v6.4.0": True, 475 "v6.4.1": True, 476 "v6.2.0": True, 477 "v6.2.3": True, 478 "v6.2.5": True, 479 "v6.2.7": True, 480 "v6.0.11": True 481 } 482 }, 483 { 484 "value": "critical", 485 "revisions": { 486 "v6.0.0": True, 487 "v7.0.0": True, 488 "v6.4.4": True, 489 "v6.4.0": True, 490 "v6.4.1": True, 491 "v6.2.0": True, 492 "v6.2.3": True, 493 "v6.2.5": True, 494 "v6.2.7": True, 495 "v6.0.11": True 496 } 497 }, 498 { 499 "value": "error", 500 "revisions": { 501 "v6.0.0": True, 502 "v7.0.0": True, 503 "v6.4.4": True, 504 "v6.4.0": True, 505 "v6.4.1": True, 506 "v6.2.0": True, 507 "v6.2.3": True, 508 "v6.2.5": True, 509 "v6.2.7": True, 510 "v6.0.11": True 511 } 512 }, 513 { 514 "value": "warning", 515 "revisions": { 516 "v6.0.0": True, 517 "v7.0.0": True, 518 "v6.4.4": True, 519 "v6.4.0": True, 520 "v6.4.1": True, 521 "v6.2.0": True, 522 "v6.2.3": True, 523 "v6.2.5": True, 524 "v6.2.7": True, 525 "v6.0.11": True 526 } 527 }, 528 { 529 "value": "notification", 530 "revisions": { 531 "v6.0.0": True, 532 "v7.0.0": True, 533 "v6.4.4": True, 534 "v6.4.0": True, 535 "v6.4.1": True, 536 "v6.2.0": True, 537 "v6.2.3": True, 538 "v6.2.5": True, 539 "v6.2.7": True, 540 "v6.0.11": True 541 } 542 }, 543 { 544 "value": "information", 545 "revisions": { 546 "v6.0.0": True, 547 "v7.0.0": True, 548 "v6.4.4": True, 549 "v6.4.0": True, 550 "v6.4.1": True, 551 "v6.2.0": True, 552 "v6.2.3": True, 553 "v6.2.5": True, 554 "v6.2.7": True, 555 "v6.0.11": True 556 } 557 }, 558 { 559 "value": "debug", 560 "revisions": { 561 "v6.0.0": True, 562 "v7.0.0": True, 563 "v6.4.4": True, 564 "v6.4.0": True, 565 "v6.4.1": True, 566 "v6.2.0": True, 567 "v6.2.3": True, 568 "v6.2.5": True, 569 "v6.2.7": True, 570 "v6.0.11": True 571 } 572 } 573 ], 574 "revisions": { 575 "v6.0.0": True, 576 "v7.0.0": True, 577 "v6.4.4": True, 578 "v6.4.0": True, 579 "v6.4.1": True, 580 "v6.2.0": True, 581 "v6.2.3": True, 582 "v6.2.5": True, 583 "v6.2.7": True, 584 "v6.0.11": True 585 } 586 }, 587 "multicast_traffic": { 588 "type": "string", 589 "options": [ 590 { 591 "value": "enable", 592 "revisions": { 593 "v6.0.0": True, 594 "v7.0.0": True, 595 "v6.4.4": True, 596 "v6.4.0": True, 597 "v6.4.1": True, 598 "v6.2.0": True, 599 "v6.2.3": True, 600 "v6.2.5": True, 601 "v6.2.7": True, 602 "v6.0.11": True 603 } 604 }, 605 { 606 "value": "disable", 607 "revisions": { 608 "v6.0.0": True, 609 "v7.0.0": True, 610 "v6.4.4": True, 611 "v6.4.0": True, 612 "v6.4.1": True, 613 "v6.2.0": True, 614 "v6.2.3": True, 615 "v6.2.5": True, 616 "v6.2.7": True, 617 "v6.0.11": True 618 } 619 } 620 ], 621 "revisions": { 622 "v6.0.0": True, 623 "v7.0.0": True, 624 "v6.4.4": True, 625 "v6.4.0": True, 626 "v6.4.1": True, 627 "v6.2.0": True, 628 "v6.2.3": True, 629 "v6.2.5": True, 630 "v6.2.7": True, 631 "v6.0.11": True 632 } 633 }, 634 "local_traffic": { 635 "type": "string", 636 "options": [ 637 { 638 "value": "enable", 639 "revisions": { 640 "v6.0.0": True, 641 "v7.0.0": True, 642 "v6.4.4": True, 643 "v6.4.0": True, 644 "v6.4.1": True, 645 "v6.2.0": True, 646 "v6.2.3": True, 647 "v6.2.5": True, 648 "v6.2.7": True, 649 "v6.0.11": True 650 } 651 }, 652 { 653 "value": "disable", 654 "revisions": { 655 "v6.0.0": True, 656 "v7.0.0": True, 657 "v6.4.4": True, 658 "v6.4.0": True, 659 "v6.4.1": True, 660 "v6.2.0": True, 661 "v6.2.3": True, 662 "v6.2.5": True, 663 "v6.2.7": True, 664 "v6.0.11": True 665 } 666 } 667 ], 668 "revisions": { 669 "v6.0.0": True, 670 "v7.0.0": True, 671 "v6.4.4": True, 672 "v6.4.0": True, 673 "v6.4.1": True, 674 "v6.2.0": True, 675 "v6.2.3": True, 676 "v6.2.5": True, 677 "v6.2.7": True, 678 "v6.0.11": True 679 } 680 }, 681 "voip": { 682 "type": "string", 683 "options": [ 684 { 685 "value": "enable", 686 "revisions": { 687 "v6.0.0": True, 688 "v7.0.0": True, 689 "v6.4.4": True, 690 "v6.4.0": True, 691 "v6.4.1": True, 692 "v6.2.0": True, 693 "v6.2.3": True, 694 "v6.2.5": True, 695 "v6.2.7": True, 696 "v6.0.11": True 697 } 698 }, 699 { 700 "value": "disable", 701 "revisions": { 702 "v6.0.0": True, 703 "v7.0.0": True, 704 "v6.4.4": True, 705 "v6.4.0": True, 706 "v6.4.1": True, 707 "v6.2.0": True, 708 "v6.2.3": True, 709 "v6.2.5": True, 710 "v6.2.7": True, 711 "v6.0.11": True 712 } 713 } 714 ], 715 "revisions": { 716 "v6.0.0": True, 717 "v7.0.0": True, 718 "v6.4.4": True, 719 "v6.4.0": True, 720 "v6.4.1": True, 721 "v6.2.0": True, 722 "v6.2.3": True, 723 "v6.2.5": True, 724 "v6.2.7": True, 725 "v6.0.11": True 726 } 727 }, 728 "filter_type": { 729 "type": "string", 730 "options": [ 731 { 732 "value": "include", 733 "revisions": { 734 "v6.0.0": True, 735 "v6.4.4": True, 736 "v6.4.0": True, 737 "v6.4.1": True, 738 "v6.2.0": True, 739 "v6.2.3": True, 740 "v6.2.5": True, 741 "v6.2.7": True, 742 "v6.0.11": True 743 } 744 }, 745 { 746 "value": "exclude", 747 "revisions": { 748 "v6.0.0": True, 749 "v6.4.4": True, 750 "v6.4.0": True, 751 "v6.4.1": True, 752 "v6.2.0": True, 753 "v6.2.3": True, 754 "v6.2.5": True, 755 "v6.2.7": True, 756 "v6.0.11": True 757 } 758 } 759 ], 760 "revisions": { 761 "v6.0.0": True, 762 "v7.0.0": False, 763 "v6.4.4": True, 764 "v6.4.0": True, 765 "v6.4.1": True, 766 "v6.2.0": True, 767 "v6.2.3": True, 768 "v6.2.5": True, 769 "v6.2.7": True, 770 "v6.0.11": True 771 } 772 }, 773 "gtp": { 774 "type": "string", 775 "options": [ 776 { 777 "value": "enable", 778 "revisions": { 779 "v6.0.0": True, 780 "v7.0.0": True, 781 "v6.4.4": True, 782 "v6.4.0": True, 783 "v6.4.1": True, 784 "v6.2.0": True, 785 "v6.2.3": True, 786 "v6.2.5": True, 787 "v6.2.7": True, 788 "v6.0.11": True 789 } 790 }, 791 { 792 "value": "disable", 793 "revisions": { 794 "v6.0.0": True, 795 "v7.0.0": True, 796 "v6.4.4": True, 797 "v6.4.0": True, 798 "v6.4.1": True, 799 "v6.2.0": True, 800 "v6.2.3": True, 801 "v6.2.5": True, 802 "v6.2.7": True, 803 "v6.0.11": True 804 } 805 } 806 ], 807 "revisions": { 808 "v6.0.0": True, 809 "v7.0.0": True, 810 "v6.4.4": True, 811 "v6.4.0": True, 812 "v6.4.1": True, 813 "v6.2.0": True, 814 "v6.2.3": True, 815 "v6.2.5": True, 816 "v6.2.7": True, 817 "v6.0.11": True 818 } 819 }, 820 "sniffer_traffic": { 821 "type": "string", 822 "options": [ 823 { 824 "value": "enable", 825 "revisions": { 826 "v6.0.0": True, 827 "v7.0.0": True, 828 "v6.4.4": True, 829 "v6.4.0": True, 830 "v6.4.1": True, 831 "v6.2.0": True, 832 "v6.2.3": True, 833 "v6.2.5": True, 834 "v6.2.7": True, 835 "v6.0.11": True 836 } 837 }, 838 { 839 "value": "disable", 840 "revisions": { 841 "v6.0.0": True, 842 "v7.0.0": True, 843 "v6.4.4": True, 844 "v6.4.0": True, 845 "v6.4.1": True, 846 "v6.2.0": True, 847 "v6.2.3": True, 848 "v6.2.5": True, 849 "v6.2.7": True, 850 "v6.0.11": True 851 } 852 } 853 ], 854 "revisions": { 855 "v6.0.0": True, 856 "v7.0.0": True, 857 "v6.4.4": True, 858 "v6.4.0": True, 859 "v6.4.1": True, 860 "v6.2.0": True, 861 "v6.2.3": True, 862 "v6.2.5": True, 863 "v6.2.7": True, 864 "v6.0.11": True 865 } 866 }, 867 "ssh": { 868 "type": "string", 869 "options": [ 870 { 871 "value": "enable", 872 "revisions": { 873 "v6.0.11": True, 874 "v6.0.0": True 875 } 876 }, 877 { 878 "value": "disable", 879 "revisions": { 880 "v6.0.11": True, 881 "v6.0.0": True 882 } 883 } 884 ], 885 "revisions": { 886 "v6.0.0": True, 887 "v7.0.0": False, 888 "v6.4.4": False, 889 "v6.4.0": False, 890 "v6.4.1": False, 891 "v6.2.0": False, 892 "v6.2.3": False, 893 "v6.2.5": False, 894 "v6.2.7": False, 895 "v6.0.11": True 896 } 897 }, 898 "free_style": { 899 "type": "list", 900 "children": { 901 "category": { 902 "type": "string", 903 "options": [ 904 { 905 "value": "traffic", 906 "revisions": { 907 "v7.0.0": True 908 } 909 }, 910 { 911 "value": "event", 912 "revisions": { 913 "v7.0.0": True 914 } 915 }, 916 { 917 "value": "virus", 918 "revisions": { 919 "v7.0.0": True 920 } 921 }, 922 { 923 "value": "webfilter", 924 "revisions": { 925 "v7.0.0": True 926 } 927 }, 928 { 929 "value": "attack", 930 "revisions": { 931 "v7.0.0": True 932 } 933 }, 934 { 935 "value": "spam", 936 "revisions": { 937 "v7.0.0": True 938 } 939 }, 940 { 941 "value": "anomaly", 942 "revisions": { 943 "v7.0.0": True 944 } 945 }, 946 { 947 "value": "voip", 948 "revisions": { 949 "v7.0.0": True 950 } 951 }, 952 { 953 "value": "dlp", 954 "revisions": { 955 "v7.0.0": True 956 } 957 }, 958 { 959 "value": "app-ctrl", 960 "revisions": { 961 "v7.0.0": True 962 } 963 }, 964 { 965 "value": "waf", 966 "revisions": { 967 "v7.0.0": True 968 } 969 }, 970 { 971 "value": "gtp", 972 "revisions": { 973 "v7.0.0": True 974 } 975 }, 976 { 977 "value": "dns", 978 "revisions": { 979 "v7.0.0": True 980 } 981 }, 982 { 983 "value": "ssh", 984 "revisions": { 985 "v7.0.0": True 986 } 987 }, 988 { 989 "value": "ssl", 990 "revisions": { 991 "v7.0.0": True 992 } 993 }, 994 { 995 "value": "file-filter", 996 "revisions": { 997 "v7.0.0": True 998 } 999 }, 1000 { 1001 "value": "icap", 1002 "revisions": { 1003 "v7.0.0": True 1004 } 1005 } 1006 ], 1007 "revisions": { 1008 "v7.0.0": True 1009 } 1010 }, 1011 "filter": { 1012 "type": "string", 1013 "revisions": { 1014 "v7.0.0": True 1015 } 1016 }, 1017 "id": { 1018 "type": "integer", 1019 "revisions": { 1020 "v7.0.0": True 1021 } 1022 }, 1023 "filter_type": { 1024 "type": "string", 1025 "options": [ 1026 { 1027 "value": "include", 1028 "revisions": { 1029 "v7.0.0": True 1030 } 1031 }, 1032 { 1033 "value": "exclude", 1034 "revisions": { 1035 "v7.0.0": True 1036 } 1037 } 1038 ], 1039 "revisions": { 1040 "v7.0.0": True 1041 } 1042 } 1043 }, 1044 "revisions": { 1045 "v7.0.0": True 1046 } 1047 }, 1048 "dlp_archive": { 1049 "type": "string", 1050 "options": [ 1051 { 1052 "value": "enable", 1053 "revisions": { 1054 "v6.0.0": True, 1055 "v7.0.0": True, 1056 "v6.4.4": True, 1057 "v6.4.0": True, 1058 "v6.4.1": True, 1059 "v6.2.0": True, 1060 "v6.2.3": True, 1061 "v6.2.5": True, 1062 "v6.2.7": True, 1063 "v6.0.11": True 1064 } 1065 }, 1066 { 1067 "value": "disable", 1068 "revisions": { 1069 "v6.0.0": True, 1070 "v7.0.0": True, 1071 "v6.4.4": True, 1072 "v6.4.0": True, 1073 "v6.4.1": True, 1074 "v6.2.0": True, 1075 "v6.2.3": True, 1076 "v6.2.5": True, 1077 "v6.2.7": True, 1078 "v6.0.11": True 1079 } 1080 } 1081 ], 1082 "revisions": { 1083 "v6.0.0": True, 1084 "v7.0.0": True, 1085 "v6.4.4": True, 1086 "v6.4.0": True, 1087 "v6.4.1": True, 1088 "v6.2.0": True, 1089 "v6.2.3": True, 1090 "v6.2.5": True, 1091 "v6.2.7": True, 1092 "v6.0.11": True 1093 } 1094 }, 1095 "netscan_vulnerability": { 1096 "type": "string", 1097 "revisions": { 1098 "v6.0.0": True, 1099 "v7.0.0": False, 1100 "v6.4.4": False, 1101 "v6.4.0": False, 1102 "v6.4.1": False, 1103 "v6.2.0": False, 1104 "v6.2.3": False, 1105 "v6.2.5": False, 1106 "v6.2.7": False, 1107 "v6.0.11": True 1108 } 1109 }, 1110 "anomaly": { 1111 "type": "string", 1112 "options": [ 1113 { 1114 "value": "enable", 1115 "revisions": { 1116 "v6.0.0": True, 1117 "v7.0.0": True, 1118 "v6.4.4": True, 1119 "v6.4.0": True, 1120 "v6.4.1": True, 1121 "v6.2.0": True, 1122 "v6.2.3": True, 1123 "v6.2.5": True, 1124 "v6.2.7": True, 1125 "v6.0.11": True 1126 } 1127 }, 1128 { 1129 "value": "disable", 1130 "revisions": { 1131 "v6.0.0": True, 1132 "v7.0.0": True, 1133 "v6.4.4": True, 1134 "v6.4.0": True, 1135 "v6.4.1": True, 1136 "v6.2.0": True, 1137 "v6.2.3": True, 1138 "v6.2.5": True, 1139 "v6.2.7": True, 1140 "v6.0.11": True 1141 } 1142 } 1143 ], 1144 "revisions": { 1145 "v6.0.0": True, 1146 "v7.0.0": True, 1147 "v6.4.4": True, 1148 "v6.4.0": True, 1149 "v6.4.1": True, 1150 "v6.2.0": True, 1151 "v6.2.3": True, 1152 "v6.2.5": True, 1153 "v6.2.7": True, 1154 "v6.0.11": True 1155 } 1156 }, 1157 "forward_traffic": { 1158 "type": "string", 1159 "options": [ 1160 { 1161 "value": "enable", 1162 "revisions": { 1163 "v6.0.0": True, 1164 "v7.0.0": True, 1165 "v6.4.4": True, 1166 "v6.4.0": True, 1167 "v6.4.1": True, 1168 "v6.2.0": True, 1169 "v6.2.3": True, 1170 "v6.2.5": True, 1171 "v6.2.7": True, 1172 "v6.0.11": True 1173 } 1174 }, 1175 { 1176 "value": "disable", 1177 "revisions": { 1178 "v6.0.0": True, 1179 "v7.0.0": True, 1180 "v6.4.4": True, 1181 "v6.4.0": True, 1182 "v6.4.1": True, 1183 "v6.2.0": True, 1184 "v6.2.3": True, 1185 "v6.2.5": True, 1186 "v6.2.7": True, 1187 "v6.0.11": True 1188 } 1189 } 1190 ], 1191 "revisions": { 1192 "v6.0.0": True, 1193 "v7.0.0": True, 1194 "v6.4.4": True, 1195 "v6.4.0": True, 1196 "v6.4.1": True, 1197 "v6.2.0": True, 1198 "v6.2.3": True, 1199 "v6.2.5": True, 1200 "v6.2.7": True, 1201 "v6.0.11": True 1202 } 1203 } 1204 }, 1205 "revisions": { 1206 "v6.0.0": True, 1207 "v7.0.0": True, 1208 "v6.4.4": True, 1209 "v6.4.0": True, 1210 "v6.4.1": True, 1211 "v6.2.0": True, 1212 "v6.2.3": True, 1213 "v6.2.5": True, 1214 "v6.2.7": True, 1215 "v6.0.11": True 1216 } 1217} 1218 1219 1220def main(): 1221 module_spec = schema_to_module_spec(versioned_schema) 1222 mkeyname = None 1223 fields = { 1224 "access_token": {"required": False, "type": "str", "no_log": True}, 1225 "enable_log": {"required": False, "type": bool}, 1226 "vdom": {"required": False, "type": "str", "default": "root"}, 1227 "log_fortianalyzer_cloud_filter": { 1228 "required": False, "type": "dict", "default": None, 1229 "options": { 1230 } 1231 } 1232 } 1233 for attribute_name in module_spec['options']: 1234 fields["log_fortianalyzer_cloud_filter"]['options'][attribute_name] = module_spec['options'][attribute_name] 1235 if mkeyname and mkeyname == attribute_name: 1236 fields["log_fortianalyzer_cloud_filter"]['options'][attribute_name]['required'] = True 1237 1238 check_legacy_fortiosapi() 1239 module = AnsibleModule(argument_spec=fields, 1240 supports_check_mode=False) 1241 1242 versions_check_result = None 1243 if module._socket_path: 1244 connection = Connection(module._socket_path) 1245 if 'access_token' in module.params: 1246 connection.set_option('access_token', module.params['access_token']) 1247 1248 if 'enable_log' in module.params: 1249 connection.set_option('enable_log', module.params['enable_log']) 1250 else: 1251 connection.set_option('enable_log', False) 1252 fos = FortiOSHandler(connection, module, mkeyname) 1253 versions_check_result = check_schema_versioning(fos, versioned_schema, "log_fortianalyzer_cloud_filter") 1254 1255 is_error, has_changed, result = fortios_log_fortianalyzer_cloud(module.params, fos) 1256 1257 else: 1258 module.fail_json(**FAIL_SOCKET_MSG) 1259 1260 if versions_check_result and versions_check_result['matched'] is False: 1261 module.warn("Ansible has detected version mismatch between FortOS system and your playbook, see more details by specifying option -vvv") 1262 1263 if not is_error: 1264 if versions_check_result and versions_check_result['matched'] is False: 1265 module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result) 1266 else: 1267 module.exit_json(changed=has_changed, meta=result) 1268 else: 1269 if versions_check_result and versions_check_result['matched'] is False: 1270 module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result) 1271 else: 1272 module.fail_json(msg="Error in repo", meta=result) 1273 1274 1275if __name__ == '__main__': 1276 main() 1277