1#!/usr/local/bin/python3.8 2from __future__ import (absolute_import, division, print_function) 3# Copyright 2019-2020 Fortinet, Inc. 4# 5# This program is free software: you can redistribute it and/or modify 6# it under the terms of the GNU General Public License as published by 7# the Free Software Foundation, either version 3 of the License, or 8# (at your option) any later version. 9# 10# This program is distributed in the hope that it will be useful, 11# but WITHOUT ANY WARRANTY; without even the implied warranty of 12# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13# GNU General Public License for more details. 14# 15# You should have received a copy of the GNU General Public License 16# along with this program. If not, see <https://www.gnu.org/licenses/>. 17 18__metaclass__ = type 19 20ANSIBLE_METADATA = {'status': ['preview'], 21 'supported_by': 'community', 22 'metadata_version': '1.1'} 23 24DOCUMENTATION = ''' 25--- 26module: fortios_log_fortianalyzer_cloud_setting 27short_description: Global FortiAnalyzer Cloud settings in Fortinet's FortiOS and FortiGate. 28description: 29 - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the 30 user to set and modify log_fortianalyzer_cloud feature and setting category. 31 Examples include all parameters and values need to be adjusted to datasources before usage. 32 Tested with FOS v6.0.0 33version_added: "2.10" 34author: 35 - Link Zheng (@chillancezen) 36 - Jie Xue (@JieX19) 37 - Hongbin Lu (@fgtdev-hblu) 38 - Frank Shen (@frankshen01) 39 - Miguel Angel Munoz (@mamunozgonzalez) 40 - Nicolas Thomas (@thomnico) 41notes: 42 - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks 43 44requirements: 45 - ansible>=2.9.0 46options: 47 access_token: 48 description: 49 - Token-based authentication. 50 Generated from GUI of Fortigate. 51 type: str 52 required: false 53 enable_log: 54 description: 55 - Enable/Disable logging for task. 56 type: bool 57 required: false 58 default: false 59 vdom: 60 description: 61 - Virtual domain, among those defined previously. A vdom is a 62 virtual instance of the FortiGate that can be configured and 63 used as a different unit. 64 type: str 65 default: root 66 67 log_fortianalyzer_cloud_setting: 68 description: 69 - Global FortiAnalyzer Cloud settings. 70 default: null 71 type: dict 72 suboptions: 73 __change_ip: 74 description: 75 - Hidden attribute. 76 type: int 77 access_config: 78 description: 79 - Enable/disable FortiAnalyzer access to configuration and data. 80 type: str 81 choices: 82 - enable 83 - disable 84 certificate: 85 description: 86 - Certificate used to communicate with FortiAnalyzer. Source certificate.local.name. 87 type: str 88 conn_timeout: 89 description: 90 - FortiAnalyzer connection time-out in seconds (for status and log buffer). 91 type: int 92 enc_algorithm: 93 description: 94 - Enable/disable sending FortiAnalyzer log data with SSL encryption. 95 type: str 96 choices: 97 - high-medium 98 - high 99 - low 100 faz_type: 101 description: 102 - Hidden setting index of FortiAnalyzer. 103 type: int 104 hmac_algorithm: 105 description: 106 - FortiAnalyzer IPsec tunnel HMAC algorithm. 107 type: str 108 choices: 109 - sha256 110 - sha1 111 interface: 112 description: 113 - Specify outgoing interface to reach server. Source system.interface.name. 114 type: str 115 interface_select_method: 116 description: 117 - Specify how to select outgoing interface to reach server. 118 type: str 119 choices: 120 - auto 121 - sdwan 122 - specify 123 ips_archive: 124 description: 125 - Enable/disable IPS packet archive logging. 126 type: str 127 choices: 128 - enable 129 - disable 130 max_log_rate: 131 description: 132 - FortiAnalyzer maximum log rate in MBps (0 = unlimited). 133 type: int 134 mgmt_name: 135 description: 136 - Hidden management name of FortiAnalyzer. 137 type: str 138 monitor_failure_retry_period: 139 description: 140 - Time between FortiAnalyzer connection retries in seconds (for status and log buffer). 141 type: int 142 monitor_keepalive_period: 143 description: 144 - Time between OFTP keepalives in seconds (for status and log buffer). 145 type: int 146 preshared_key: 147 description: 148 - Preshared-key used for auto-authorization on FortiAnalyzer. 149 type: str 150 priority: 151 description: 152 - Set log transmission priority. 153 type: str 154 choices: 155 - default 156 - low 157 source_ip: 158 description: 159 - Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. 160 type: str 161 ssl_min_proto_version: 162 description: 163 - Minimum supported protocol version for SSL/TLS connections . 164 type: str 165 choices: 166 - default 167 - SSLv3 168 - TLSv1 169 - TLSv1-1 170 - TLSv1-2 171 status: 172 description: 173 - Enable/disable logging to FortiAnalyzer. 174 type: str 175 choices: 176 - enable 177 - disable 178 upload_day: 179 description: 180 - Day of week (month) to upload logs. 181 type: str 182 upload_interval: 183 description: 184 - Frequency to upload log files to FortiAnalyzer. 185 type: str 186 choices: 187 - daily 188 - weekly 189 - monthly 190 upload_option: 191 description: 192 - Enable/disable logging to hard disk and then uploading to FortiAnalyzer. 193 type: str 194 choices: 195 - store-and-upload 196 - realtime 197 - 1-minute 198 - 5-minute 199 upload_time: 200 description: 201 - 'Time to upload logs (hh:mm).' 202 type: str 203''' 204 205EXAMPLES = ''' 206- hosts: fortigates 207 collections: 208 - fortinet.fortios 209 connection: httpapi 210 vars: 211 vdom: "root" 212 ansible_httpapi_use_ssl: yes 213 ansible_httpapi_validate_certs: no 214 ansible_httpapi_port: 443 215 tasks: 216 - name: Global FortiAnalyzer Cloud settings. 217 fortios_log_fortianalyzer_cloud_setting: 218 vdom: "{{ vdom }}" 219 log_fortianalyzer_cloud_setting: 220 __change_ip: "3" 221 access_config: "enable" 222 certificate: "<your_own_value> (source certificate.local.name)" 223 conn_timeout: "6" 224 enc_algorithm: "high-medium" 225 faz_type: "8" 226 hmac_algorithm: "sha256" 227 interface: "<your_own_value> (source system.interface.name)" 228 interface_select_method: "auto" 229 ips_archive: "enable" 230 max_log_rate: "13" 231 mgmt_name: "<your_own_value>" 232 monitor_failure_retry_period: "15" 233 monitor_keepalive_period: "16" 234 preshared_key: "<your_own_value>" 235 priority: "default" 236 source_ip: "84.230.14.43" 237 ssl_min_proto_version: "default" 238 status: "enable" 239 upload_day: "<your_own_value>" 240 upload_interval: "daily" 241 upload_option: "store-and-upload" 242 upload_time: "<your_own_value>" 243 244''' 245 246RETURN = ''' 247build: 248 description: Build number of the fortigate image 249 returned: always 250 type: str 251 sample: '1547' 252http_method: 253 description: Last method used to provision the content into FortiGate 254 returned: always 255 type: str 256 sample: 'PUT' 257http_status: 258 description: Last result given by FortiGate on last operation applied 259 returned: always 260 type: str 261 sample: "200" 262mkey: 263 description: Master key (id) used in the last call to FortiGate 264 returned: success 265 type: str 266 sample: "id" 267name: 268 description: Name of the table used to fulfill the request 269 returned: always 270 type: str 271 sample: "urlfilter" 272path: 273 description: Path of the table used to fulfill the request 274 returned: always 275 type: str 276 sample: "webfilter" 277revision: 278 description: Internal revision number 279 returned: always 280 type: str 281 sample: "17.0.2.10658" 282serial: 283 description: Serial number of the unit 284 returned: always 285 type: str 286 sample: "FGVMEVYYQT3AB5352" 287status: 288 description: Indication of the operation's result 289 returned: always 290 type: str 291 sample: "success" 292vdom: 293 description: Virtual domain used 294 returned: always 295 type: str 296 sample: "root" 297version: 298 description: Version of the FortiGate 299 returned: always 300 type: str 301 sample: "v5.6.3" 302 303''' 304from ansible.module_utils.basic import AnsibleModule 305from ansible.module_utils.connection import Connection 306from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import FortiOSHandler 307from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import check_legacy_fortiosapi 308from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import schema_to_module_spec 309from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import check_schema_versioning 310from ansible_collections.fortinet.fortios.plugins.module_utils.fortimanager.common import FAIL_SOCKET_MSG 311from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.comparison import is_same_comparison 312from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.comparison import serialize 313 314 315def filter_log_fortianalyzer_cloud_setting_data(json): 316 option_list = ['__change_ip', 'access_config', 'certificate', 317 'conn_timeout', 'enc_algorithm', 'faz_type', 318 'hmac_algorithm', 'interface', 'interface_select_method', 319 'ips_archive', 'max_log_rate', 'mgmt_name', 320 'monitor_failure_retry_period', 'monitor_keepalive_period', 'preshared_key', 321 'priority', 'source_ip', 'ssl_min_proto_version', 322 'status', 'upload_day', 'upload_interval', 323 'upload_option', 'upload_time'] 324 dictionary = {} 325 326 for attribute in option_list: 327 if attribute in json and json[attribute] is not None: 328 dictionary[attribute] = json[attribute] 329 330 return dictionary 331 332 333def underscore_to_hyphen(data): 334 if isinstance(data, list): 335 for i, elem in enumerate(data): 336 data[i] = underscore_to_hyphen(elem) 337 elif isinstance(data, dict): 338 new_data = {} 339 for k, v in data.items(): 340 new_data[k.replace('_', '-')] = underscore_to_hyphen(v) 341 data = new_data 342 343 return data 344 345 346def log_fortianalyzer_cloud_setting(data, fos): 347 vdom = data['vdom'] 348 log_fortianalyzer_cloud_setting_data = data['log_fortianalyzer_cloud_setting'] 349 filtered_data = underscore_to_hyphen(filter_log_fortianalyzer_cloud_setting_data(log_fortianalyzer_cloud_setting_data)) 350 351 return fos.set('log.fortianalyzer-cloud', 352 'setting', 353 data=filtered_data, 354 vdom=vdom) 355 356 357def is_successful_status(status): 358 return status['status'] == "success" or \ 359 status['http_method'] == "DELETE" and status['http_status'] == 404 360 361 362def fortios_log_fortianalyzer_cloud(data, fos): 363 364 if data['log_fortianalyzer_cloud_setting']: 365 resp = log_fortianalyzer_cloud_setting(data, fos) 366 else: 367 fos._module.fail_json(msg='missing task body: %s' % ('log_fortianalyzer_cloud_setting')) 368 369 return not is_successful_status(resp), \ 370 resp['status'] == "success" and \ 371 (resp['revision_changed'] if 'revision_changed' in resp else True), \ 372 resp 373 374 375versioned_schema = { 376 "type": "dict", 377 "children": { 378 "faz_type": { 379 "type": "integer", 380 "revisions": { 381 "v6.0.0": True, 382 "v7.0.0": False, 383 "v6.4.4": False, 384 "v6.4.0": False, 385 "v6.4.1": False, 386 "v6.2.0": False, 387 "v6.2.3": True, 388 "v6.2.5": False, 389 "v6.2.7": False, 390 "v6.0.11": True 391 } 392 }, 393 "upload_option": { 394 "type": "string", 395 "options": [ 396 { 397 "value": "store-and-upload", 398 "revisions": { 399 "v6.0.0": True, 400 "v7.0.0": True, 401 "v6.4.4": True, 402 "v6.4.0": True, 403 "v6.4.1": True, 404 "v6.2.0": True, 405 "v6.2.3": True, 406 "v6.2.5": True, 407 "v6.2.7": True, 408 "v6.0.11": True 409 } 410 }, 411 { 412 "value": "realtime", 413 "revisions": { 414 "v6.0.0": True, 415 "v7.0.0": True, 416 "v6.4.4": True, 417 "v6.4.0": True, 418 "v6.4.1": True, 419 "v6.2.0": True, 420 "v6.2.3": True, 421 "v6.2.5": True, 422 "v6.2.7": True, 423 "v6.0.11": True 424 } 425 }, 426 { 427 "value": "1-minute", 428 "revisions": { 429 "v6.0.0": True, 430 "v7.0.0": True, 431 "v6.4.4": True, 432 "v6.4.0": True, 433 "v6.4.1": True, 434 "v6.2.0": True, 435 "v6.2.3": True, 436 "v6.2.5": True, 437 "v6.2.7": True, 438 "v6.0.11": True 439 } 440 }, 441 { 442 "value": "5-minute", 443 "revisions": { 444 "v6.0.0": True, 445 "v7.0.0": True, 446 "v6.4.4": True, 447 "v6.4.0": True, 448 "v6.4.1": True, 449 "v6.2.0": True, 450 "v6.2.3": True, 451 "v6.2.5": True, 452 "v6.2.7": True, 453 "v6.0.11": True 454 } 455 } 456 ], 457 "revisions": { 458 "v6.0.0": True, 459 "v7.0.0": True, 460 "v6.4.4": True, 461 "v6.4.0": True, 462 "v6.4.1": True, 463 "v6.2.0": True, 464 "v6.2.3": True, 465 "v6.2.5": True, 466 "v6.2.7": True, 467 "v6.0.11": True 468 } 469 }, 470 "upload_interval": { 471 "type": "string", 472 "options": [ 473 { 474 "value": "daily", 475 "revisions": { 476 "v6.0.0": True, 477 "v7.0.0": True, 478 "v6.4.4": True, 479 "v6.4.0": True, 480 "v6.4.1": True, 481 "v6.2.0": True, 482 "v6.2.3": True, 483 "v6.2.5": True, 484 "v6.2.7": True, 485 "v6.0.11": True 486 } 487 }, 488 { 489 "value": "weekly", 490 "revisions": { 491 "v6.0.0": True, 492 "v7.0.0": True, 493 "v6.4.4": True, 494 "v6.4.0": True, 495 "v6.4.1": True, 496 "v6.2.0": True, 497 "v6.2.3": True, 498 "v6.2.5": True, 499 "v6.2.7": True, 500 "v6.0.11": True 501 } 502 }, 503 { 504 "value": "monthly", 505 "revisions": { 506 "v6.0.0": True, 507 "v7.0.0": True, 508 "v6.4.4": True, 509 "v6.4.0": True, 510 "v6.4.1": True, 511 "v6.2.0": True, 512 "v6.2.3": True, 513 "v6.2.5": True, 514 "v6.2.7": True, 515 "v6.0.11": True 516 } 517 } 518 ], 519 "revisions": { 520 "v6.0.0": True, 521 "v7.0.0": True, 522 "v6.4.4": True, 523 "v6.4.0": True, 524 "v6.4.1": True, 525 "v6.2.0": True, 526 "v6.2.3": True, 527 "v6.2.5": True, 528 "v6.2.7": True, 529 "v6.0.11": True 530 } 531 }, 532 "enc_algorithm": { 533 "type": "string", 534 "options": [ 535 { 536 "value": "high-medium", 537 "revisions": { 538 "v6.0.0": True, 539 "v7.0.0": True, 540 "v6.4.4": True, 541 "v6.4.0": True, 542 "v6.4.1": True, 543 "v6.2.0": True, 544 "v6.2.3": True, 545 "v6.2.5": True, 546 "v6.2.7": True, 547 "v6.0.11": True 548 } 549 }, 550 { 551 "value": "high", 552 "revisions": { 553 "v6.0.0": True, 554 "v7.0.0": True, 555 "v6.4.4": True, 556 "v6.4.0": True, 557 "v6.4.1": True, 558 "v6.2.0": True, 559 "v6.2.3": True, 560 "v6.2.5": True, 561 "v6.2.7": True, 562 "v6.0.11": True 563 } 564 }, 565 { 566 "value": "low", 567 "revisions": { 568 "v6.0.0": True, 569 "v7.0.0": True, 570 "v6.4.4": True, 571 "v6.4.0": True, 572 "v6.4.1": True, 573 "v6.2.0": True, 574 "v6.2.3": True, 575 "v6.2.5": True, 576 "v6.2.7": True, 577 "v6.0.11": True 578 } 579 } 580 ], 581 "revisions": { 582 "v6.0.0": True, 583 "v7.0.0": True, 584 "v6.4.4": True, 585 "v6.4.0": True, 586 "v6.4.1": True, 587 "v6.2.0": True, 588 "v6.2.3": True, 589 "v6.2.5": True, 590 "v6.2.7": True, 591 "v6.0.11": True 592 } 593 }, 594 "ips_archive": { 595 "type": "string", 596 "options": [ 597 { 598 "value": "enable", 599 "revisions": { 600 "v6.0.0": True, 601 "v7.0.0": True, 602 "v6.4.4": True, 603 "v6.4.0": True, 604 "v6.4.1": True, 605 "v6.2.0": True, 606 "v6.2.3": True, 607 "v6.2.5": True, 608 "v6.2.7": True, 609 "v6.0.11": True 610 } 611 }, 612 { 613 "value": "disable", 614 "revisions": { 615 "v6.0.0": True, 616 "v7.0.0": True, 617 "v6.4.4": True, 618 "v6.4.0": True, 619 "v6.4.1": True, 620 "v6.2.0": True, 621 "v6.2.3": True, 622 "v6.2.5": True, 623 "v6.2.7": True, 624 "v6.0.11": True 625 } 626 } 627 ], 628 "revisions": { 629 "v6.0.0": True, 630 "v7.0.0": True, 631 "v6.4.4": True, 632 "v6.4.0": True, 633 "v6.4.1": True, 634 "v6.2.0": True, 635 "v6.2.3": True, 636 "v6.2.5": True, 637 "v6.2.7": True, 638 "v6.0.11": True 639 } 640 }, 641 "upload_time": { 642 "type": "string", 643 "revisions": { 644 "v6.0.0": True, 645 "v7.0.0": True, 646 "v6.4.4": True, 647 "v6.4.0": True, 648 "v6.4.1": True, 649 "v6.2.0": True, 650 "v6.2.3": True, 651 "v6.2.5": True, 652 "v6.2.7": True, 653 "v6.0.11": True 654 } 655 }, 656 "certificate": { 657 "type": "string", 658 "revisions": { 659 "v6.0.0": True, 660 "v7.0.0": True, 661 "v6.4.4": True, 662 "v6.4.0": True, 663 "v6.4.1": True, 664 "v6.2.0": True, 665 "v6.2.3": True, 666 "v6.2.5": True, 667 "v6.2.7": True, 668 "v6.0.11": True 669 } 670 }, 671 "priority": { 672 "type": "string", 673 "options": [ 674 { 675 "value": "default", 676 "revisions": { 677 "v7.0.0": True, 678 "v6.4.4": True, 679 "v6.4.0": True, 680 "v6.4.1": True, 681 "v6.2.0": True, 682 "v6.2.3": True, 683 "v6.2.5": True, 684 "v6.2.7": True 685 } 686 }, 687 { 688 "value": "low", 689 "revisions": { 690 "v7.0.0": True, 691 "v6.4.4": True, 692 "v6.4.0": True, 693 "v6.4.1": True, 694 "v6.2.0": True, 695 "v6.2.3": True, 696 "v6.2.5": True, 697 "v6.2.7": True 698 } 699 } 700 ], 701 "revisions": { 702 "v7.0.0": True, 703 "v6.4.4": True, 704 "v6.4.0": True, 705 "v6.4.1": True, 706 "v6.2.0": True, 707 "v6.2.3": True, 708 "v6.2.5": True, 709 "v6.2.7": True 710 } 711 }, 712 "conn_timeout": { 713 "type": "integer", 714 "revisions": { 715 "v6.0.0": True, 716 "v7.0.0": True, 717 "v6.4.4": True, 718 "v6.4.0": True, 719 "v6.4.1": True, 720 "v6.2.0": True, 721 "v6.2.3": True, 722 "v6.2.5": True, 723 "v6.2.7": True, 724 "v6.0.11": True 725 } 726 }, 727 "mgmt_name": { 728 "type": "string", 729 "revisions": { 730 "v6.0.0": True, 731 "v7.0.0": False, 732 "v6.4.4": False, 733 "v6.4.0": False, 734 "v6.4.1": False, 735 "v6.2.0": False, 736 "v6.2.3": True, 737 "v6.2.5": False, 738 "v6.2.7": False, 739 "v6.0.11": True 740 } 741 }, 742 "hmac_algorithm": { 743 "type": "string", 744 "options": [ 745 { 746 "value": "sha256", 747 "revisions": { 748 "v6.0.0": True, 749 "v7.0.0": True, 750 "v6.4.4": True, 751 "v6.4.0": True, 752 "v6.4.1": True, 753 "v6.2.0": True, 754 "v6.2.3": True, 755 "v6.2.5": True, 756 "v6.2.7": True, 757 "v6.0.11": True 758 } 759 }, 760 { 761 "value": "sha1", 762 "revisions": { 763 "v6.0.0": True, 764 "v7.0.0": True, 765 "v6.4.4": True, 766 "v6.4.0": True, 767 "v6.4.1": True, 768 "v6.2.0": True, 769 "v6.2.3": True, 770 "v6.2.5": True, 771 "v6.2.7": True, 772 "v6.0.11": True 773 } 774 } 775 ], 776 "revisions": { 777 "v6.0.0": True, 778 "v7.0.0": True, 779 "v6.4.4": True, 780 "v6.4.0": True, 781 "v6.4.1": True, 782 "v6.2.0": True, 783 "v6.2.3": True, 784 "v6.2.5": True, 785 "v6.2.7": True, 786 "v6.0.11": True 787 } 788 }, 789 "status": { 790 "type": "string", 791 "options": [ 792 { 793 "value": "enable", 794 "revisions": { 795 "v6.0.0": True, 796 "v7.0.0": True, 797 "v6.4.4": True, 798 "v6.4.0": True, 799 "v6.4.1": True, 800 "v6.2.0": True, 801 "v6.2.3": True, 802 "v6.2.5": True, 803 "v6.2.7": True, 804 "v6.0.11": True 805 } 806 }, 807 { 808 "value": "disable", 809 "revisions": { 810 "v6.0.0": True, 811 "v7.0.0": True, 812 "v6.4.4": True, 813 "v6.4.0": True, 814 "v6.4.1": True, 815 "v6.2.0": True, 816 "v6.2.3": True, 817 "v6.2.5": True, 818 "v6.2.7": True, 819 "v6.0.11": True 820 } 821 } 822 ], 823 "revisions": { 824 "v6.0.0": True, 825 "v7.0.0": True, 826 "v6.4.4": True, 827 "v6.4.0": True, 828 "v6.4.1": True, 829 "v6.2.0": True, 830 "v6.2.3": True, 831 "v6.2.5": True, 832 "v6.2.7": True, 833 "v6.0.11": True 834 } 835 }, 836 "ssl_min_proto_version": { 837 "type": "string", 838 "options": [ 839 { 840 "value": "default", 841 "revisions": { 842 "v6.0.0": True, 843 "v7.0.0": True, 844 "v6.4.4": True, 845 "v6.4.0": True, 846 "v6.4.1": True, 847 "v6.2.0": True, 848 "v6.2.3": True, 849 "v6.2.5": True, 850 "v6.2.7": True, 851 "v6.0.11": True 852 } 853 }, 854 { 855 "value": "SSLv3", 856 "revisions": { 857 "v6.0.0": True, 858 "v7.0.0": True, 859 "v6.4.4": True, 860 "v6.4.0": True, 861 "v6.4.1": True, 862 "v6.2.0": True, 863 "v6.2.3": True, 864 "v6.2.5": True, 865 "v6.2.7": True, 866 "v6.0.11": True 867 } 868 }, 869 { 870 "value": "TLSv1", 871 "revisions": { 872 "v6.0.0": True, 873 "v7.0.0": True, 874 "v6.4.4": True, 875 "v6.4.0": True, 876 "v6.4.1": True, 877 "v6.2.0": True, 878 "v6.2.3": True, 879 "v6.2.5": True, 880 "v6.2.7": True, 881 "v6.0.11": True 882 } 883 }, 884 { 885 "value": "TLSv1-1", 886 "revisions": { 887 "v6.0.0": True, 888 "v7.0.0": True, 889 "v6.4.4": True, 890 "v6.4.0": True, 891 "v6.4.1": True, 892 "v6.2.0": True, 893 "v6.2.3": True, 894 "v6.2.5": True, 895 "v6.2.7": True, 896 "v6.0.11": True 897 } 898 }, 899 { 900 "value": "TLSv1-2", 901 "revisions": { 902 "v6.0.0": True, 903 "v7.0.0": True, 904 "v6.4.4": True, 905 "v6.4.0": True, 906 "v6.4.1": True, 907 "v6.2.0": True, 908 "v6.2.3": True, 909 "v6.2.5": True, 910 "v6.2.7": True, 911 "v6.0.11": True 912 } 913 } 914 ], 915 "revisions": { 916 "v6.0.0": True, 917 "v7.0.0": True, 918 "v6.4.4": True, 919 "v6.4.0": True, 920 "v6.4.1": True, 921 "v6.2.0": True, 922 "v6.2.3": True, 923 "v6.2.5": True, 924 "v6.2.7": True, 925 "v6.0.11": True 926 } 927 }, 928 "max_log_rate": { 929 "type": "integer", 930 "revisions": { 931 "v7.0.0": True, 932 "v6.4.4": True, 933 "v6.4.0": True, 934 "v6.4.1": True, 935 "v6.2.0": True, 936 "v6.2.3": True, 937 "v6.2.5": True, 938 "v6.2.7": True 939 } 940 }, 941 "interface": { 942 "type": "string", 943 "revisions": { 944 "v7.0.0": True, 945 "v6.4.4": True, 946 "v6.4.1": False, 947 "v6.4.0": True, 948 "v6.2.7": True 949 } 950 }, 951 "__change_ip": { 952 "type": "integer", 953 "revisions": { 954 "v6.0.0": True, 955 "v7.0.0": False, 956 "v6.4.4": False, 957 "v6.4.0": False, 958 "v6.4.1": False, 959 "v6.2.0": False, 960 "v6.2.3": True, 961 "v6.2.5": False, 962 "v6.2.7": False, 963 "v6.0.11": True 964 } 965 }, 966 "upload_day": { 967 "type": "string", 968 "revisions": { 969 "v6.0.0": True, 970 "v7.0.0": True, 971 "v6.4.4": True, 972 "v6.4.0": True, 973 "v6.4.1": True, 974 "v6.2.0": True, 975 "v6.2.3": True, 976 "v6.2.5": True, 977 "v6.2.7": True, 978 "v6.0.11": True 979 } 980 }, 981 "monitor_keepalive_period": { 982 "type": "integer", 983 "revisions": { 984 "v6.0.0": True, 985 "v7.0.0": True, 986 "v6.4.4": True, 987 "v6.4.0": True, 988 "v6.4.1": True, 989 "v6.2.0": True, 990 "v6.2.3": True, 991 "v6.2.5": True, 992 "v6.2.7": True, 993 "v6.0.11": True 994 } 995 }, 996 "preshared_key": { 997 "type": "string", 998 "revisions": { 999 "v7.0.0": True 1000 } 1001 }, 1002 "access_config": { 1003 "type": "string", 1004 "options": [ 1005 { 1006 "value": "enable", 1007 "revisions": { 1008 "v7.0.0": True, 1009 "v6.4.4": True, 1010 "v6.4.0": True, 1011 "v6.4.1": True, 1012 "v6.2.0": True, 1013 "v6.2.3": True, 1014 "v6.2.5": True, 1015 "v6.2.7": True 1016 } 1017 }, 1018 { 1019 "value": "disable", 1020 "revisions": { 1021 "v7.0.0": True, 1022 "v6.4.4": True, 1023 "v6.4.0": True, 1024 "v6.4.1": True, 1025 "v6.2.0": True, 1026 "v6.2.3": True, 1027 "v6.2.5": True, 1028 "v6.2.7": True 1029 } 1030 } 1031 ], 1032 "revisions": { 1033 "v7.0.0": True, 1034 "v6.4.4": True, 1035 "v6.4.0": True, 1036 "v6.4.1": True, 1037 "v6.2.0": True, 1038 "v6.2.3": True, 1039 "v6.2.5": True, 1040 "v6.2.7": True 1041 } 1042 }, 1043 "source_ip": { 1044 "type": "string", 1045 "revisions": { 1046 "v6.0.0": True, 1047 "v7.0.0": True, 1048 "v6.4.4": True, 1049 "v6.4.0": True, 1050 "v6.4.1": True, 1051 "v6.2.0": True, 1052 "v6.2.3": True, 1053 "v6.2.5": True, 1054 "v6.2.7": True, 1055 "v6.0.11": True 1056 } 1057 }, 1058 "interface_select_method": { 1059 "type": "string", 1060 "options": [ 1061 { 1062 "value": "auto", 1063 "revisions": { 1064 "v6.4.4": True, 1065 "v7.0.0": True, 1066 "v6.4.0": True, 1067 "v6.2.7": True 1068 } 1069 }, 1070 { 1071 "value": "sdwan", 1072 "revisions": { 1073 "v6.4.4": True, 1074 "v7.0.0": True, 1075 "v6.4.0": True, 1076 "v6.2.7": True 1077 } 1078 }, 1079 { 1080 "value": "specify", 1081 "revisions": { 1082 "v6.4.4": True, 1083 "v7.0.0": True, 1084 "v6.4.0": True, 1085 "v6.2.7": True 1086 } 1087 } 1088 ], 1089 "revisions": { 1090 "v7.0.0": True, 1091 "v6.4.4": True, 1092 "v6.4.1": False, 1093 "v6.4.0": True, 1094 "v6.2.7": True 1095 } 1096 }, 1097 "monitor_failure_retry_period": { 1098 "type": "integer", 1099 "revisions": { 1100 "v6.0.0": True, 1101 "v7.0.0": True, 1102 "v6.4.4": True, 1103 "v6.4.0": True, 1104 "v6.4.1": True, 1105 "v6.2.0": True, 1106 "v6.2.3": True, 1107 "v6.2.5": True, 1108 "v6.2.7": True, 1109 "v6.0.11": True 1110 } 1111 } 1112 }, 1113 "revisions": { 1114 "v6.0.0": True, 1115 "v7.0.0": True, 1116 "v6.4.4": True, 1117 "v6.4.0": True, 1118 "v6.4.1": True, 1119 "v6.2.0": True, 1120 "v6.2.3": True, 1121 "v6.2.5": True, 1122 "v6.2.7": True, 1123 "v6.0.11": True 1124 } 1125} 1126 1127 1128def main(): 1129 module_spec = schema_to_module_spec(versioned_schema) 1130 mkeyname = None 1131 fields = { 1132 "access_token": {"required": False, "type": "str", "no_log": True}, 1133 "enable_log": {"required": False, "type": bool}, 1134 "vdom": {"required": False, "type": "str", "default": "root"}, 1135 "log_fortianalyzer_cloud_setting": { 1136 "required": False, "type": "dict", "default": None, 1137 "options": { 1138 } 1139 } 1140 } 1141 for attribute_name in module_spec['options']: 1142 fields["log_fortianalyzer_cloud_setting"]['options'][attribute_name] = module_spec['options'][attribute_name] 1143 if mkeyname and mkeyname == attribute_name: 1144 fields["log_fortianalyzer_cloud_setting"]['options'][attribute_name]['required'] = True 1145 1146 check_legacy_fortiosapi() 1147 module = AnsibleModule(argument_spec=fields, 1148 supports_check_mode=False) 1149 1150 versions_check_result = None 1151 if module._socket_path: 1152 connection = Connection(module._socket_path) 1153 if 'access_token' in module.params: 1154 connection.set_option('access_token', module.params['access_token']) 1155 1156 if 'enable_log' in module.params: 1157 connection.set_option('enable_log', module.params['enable_log']) 1158 else: 1159 connection.set_option('enable_log', False) 1160 fos = FortiOSHandler(connection, module, mkeyname) 1161 versions_check_result = check_schema_versioning(fos, versioned_schema, "log_fortianalyzer_cloud_setting") 1162 1163 is_error, has_changed, result = fortios_log_fortianalyzer_cloud(module.params, fos) 1164 1165 else: 1166 module.fail_json(**FAIL_SOCKET_MSG) 1167 1168 if versions_check_result and versions_check_result['matched'] is False: 1169 module.warn("Ansible has detected version mismatch between FortOS system and your playbook, see more details by specifying option -vvv") 1170 1171 if not is_error: 1172 if versions_check_result and versions_check_result['matched'] is False: 1173 module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result) 1174 else: 1175 module.exit_json(changed=has_changed, meta=result) 1176 else: 1177 if versions_check_result and versions_check_result['matched'] is False: 1178 module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result) 1179 else: 1180 module.fail_json(msg="Error in repo", meta=result) 1181 1182 1183if __name__ == '__main__': 1184 main() 1185