fmgd_alertemail_setting – Configure alert email settings.

Added in version 1.0.0.

Synopsis

  • This module is able to configure a FortiManager device.

  • Examples include all parameters and values need to be adjusted to data sources before usage.

  • Tested with FortiManager v7.x.

Requirements

The below requirements are needed on the host that executes this module.

  • ansible-core>=2.16.0

FortiManager Version Compatibility

Supported Version Ranges: v7.2.6 -> v7.2.12, v7.4.3 -> latest

Parameters

  • access_token -The token to access FortiManager without using username and password. type: str required: false
  • bypass_validation - Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool required: false default: False
  • enable_log - Enable/Disable logging for task. type: bool required: false default: False
  • forticloud_access_token - Access token of forticloud managed API users, this option is available with FortiManager later than 6.4.0. type: str required: false
  • proposed_method - The overridden method for the underlying Json RPC request. type: str required: false choices: set, update, add
  • rc_succeeded - The rc codes list with which the conditions to succeed will be overriden. type: list required: false
  • rc_failed - The rc codes list with which the conditions to fail will be overriden. type: list required: false
  • workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode. type: str required: false choices: global, custom adom including root
  • workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock. type: integer required: false default: 300
  • device - The parameter in requested url type: str required: true
  • vdom - The parameter in requested url type: str required: true
  • alertemail_setting - Configure alert email settings. type: dict
    • FDS_license_expiring_warning (Alias name: FDS-license-expiring-warning) Enable/disable fortiguard license expiration warnings in alert email. type: str choices: [disable, enable] more...
    • FDS_update_logs (Alias name: FDS-update-logs) Enable/disable fortiguard update logs in alert email. type: str choices: [disable, enable] more...
    • FIPS_CC_errors (Alias name: FIPS-CC-errors) Enable/disable fips and common criteria error logs in alert email. type: str choices: [disable, enable] more...
    • FSSO_disconnect_logs (Alias name: FSSO-disconnect-logs) Enable/disable logging of fsso collector agent disconnect. type: str choices: [disable, enable] more...
    • HA_logs (Alias name: HA-logs) Enable/disable ha logs in alert email. type: str choices: [disable, enable] more...
    • IPS_logs (Alias name: IPS-logs) Enable/disable ips logs in alert email. type: str choices: [disable, enable] more...
    • IPsec_errors_logs (Alias name: IPsec-errors-logs) Enable/disable ipsec error logs in alert email. type: str choices: [disable, enable] more...
    • PPP_errors_logs (Alias name: PPP-errors-logs) Enable/disable ppp error logs in alert email. type: str choices: [disable, enable] more...
    • admin_login_logs (Alias name: admin-login-logs) Enable/disable administrator login/logout logs in alert email. type: str choices: [disable, enable] more...
    • alert_interval (Alias name: alert-interval) Alert alert interval in minutes. type: int more...
    • amc_interface_bypass_mode (Alias name: amc-interface-bypass-mode) Enable/disable fortinet advanced mezzanine card (amc) interface bypass mode logs in alert email. type: str choices: [disable, enable] more...
    • antivirus_logs (Alias name: antivirus-logs) Enable/disable antivirus logs in alert email. type: str choices: [disable, enable] more...
    • configuration_changes_logs (Alias name: configuration-changes-logs) Enable/disable configuration change logs in alert email. type: str choices: [disable, enable] more...
    • critical_interval (Alias name: critical-interval) Critical alert interval in minutes. type: int more...
    • debug_interval (Alias name: debug-interval) Debug alert interval in minutes. type: int more...
    • email_interval (Alias name: email-interval) Interval between sending alert emails (1 - 99999 min, default = 5). type: int more...
    • emergency_interval (Alias name: emergency-interval) Emergency alert interval in minutes. type: int more...
    • error_interval (Alias name: error-interval) Error alert interval in minutes. type: int more...
    • filter_mode (Alias name: filter-mode) How to filter log messages that are sent to alert emails. type: str choices: [category, threshold] more...
    • firewall_authentication_failure_logs (Alias name: firewall-authentication-failure-logs) Enable/disable firewall authentication failure logs in alert email. type: str choices: [disable, enable] more...
    • fortiguard_log_quota_warning (Alias name: fortiguard-log-quota-warning) Enable/disable forticloud log quota warnings in alert email. type: str choices: [disable, enable] more...
    • information_interval (Alias name: information-interval) Information alert interval in minutes. type: int more...
    • local_disk_usage (Alias name: local-disk-usage) Disk usage percentage at which to send alert email (1 - 99 percent, default = 75). type: int more...
    • log_disk_usage_warning (Alias name: log-disk-usage-warning) Enable/disable disk usage warnings in alert email. type: str choices: [disable, enable] more...
    • mailto1 Email address to send alert email to (usually a system administrator) (max. type: str more...
    • mailto2 Optional second email address to send alert email to (max. type: str more...
    • mailto3 Optional third email address to send alert email to (max. type: str more...
    • notification_interval (Alias name: notification-interval) Notification alert interval in minutes. type: int more...
    • severity Lowest severity level to log. type: str choices: [emergency, alert, critical, error, warning, notification, information, debug] more...
    • ssh_logs (Alias name: ssh-logs) Enable/disable ssh logs in alert email. type: str choices: [disable, enable] more...
    • sslvpn_authentication_errors_logs (Alias name: sslvpn-authentication-errors-logs) Enable/disable ssl-vpn authentication error logs in alert email. type: str choices: [disable, enable] more...
    • username Name that appears in the from: field of alert emails (max. type: str more...
    • violation_traffic_logs (Alias name: violation-traffic-logs) Enable/disable violation traffic logs in alert email. type: str choices: [disable, enable] more...
    • warning_interval (Alias name: warning-interval) Warning alert interval in minutes. type: int more...
    • webfilter_logs (Alias name: webfilter-logs) Enable/disable web filter logs in alert email. type: str choices: [disable, enable] more...
    • FDS_license_expiring_days (Alias name: FDS-license-expiring-days) Number of days to send alert email prior to fortiguard license expiration (1 - 100 days, default = 15). type: int more...
    • fpx_license_logs (Alias name: fpx-license-logs) Enable/disable fortiproxy license related logs in alert email. type: str choices: [disable, enable] more...

Notes

Note

  • Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.

  • To create or update an object, use state: present directive.

  • To delete an object, use state: absent directive

  • Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded

Examples

- name: Example playbook (generated based on argument schema)
  hosts: fortimanagers
  connection: httpapi
  gather_facts: false
  vars:
    ansible_httpapi_use_ssl: true
    ansible_httpapi_validate_certs: false
    ansible_httpapi_port: 443
  tasks:
    - name: Configure alert email settings.
      fortinet.fmgdevice.fmgd_alertemail_setting:
        # bypass_validation: false
        # workspace_locking_adom: <global or your adom name>
        # workspace_locking_timeout: 300
        # rc_succeeded: [0, -2, -3, ...]
        # rc_failed: [-2, -3, ...]
        device: <your own value>
        vdom: <your own value>
        alertemail_setting:
          # FDS_license_expiring_warning: <value in [disable, enable]>
          # FDS_update_logs: <value in [disable, enable]>
          # FIPS_CC_errors: <value in [disable, enable]>
          # FSSO_disconnect_logs: <value in [disable, enable]>
          # HA_logs: <value in [disable, enable]>
          # IPS_logs: <value in [disable, enable]>
          # IPsec_errors_logs: <value in [disable, enable]>
          # PPP_errors_logs: <value in [disable, enable]>
          # admin_login_logs: <value in [disable, enable]>
          # alert_interval: <integer>
          # amc_interface_bypass_mode: <value in [disable, enable]>
          # antivirus_logs: <value in [disable, enable]>
          # configuration_changes_logs: <value in [disable, enable]>
          # critical_interval: <integer>
          # debug_interval: <integer>
          # email_interval: <integer>
          # emergency_interval: <integer>
          # error_interval: <integer>
          # filter_mode: <value in [category, threshold]>
          # firewall_authentication_failure_logs: <value in [disable, enable]>
          # fortiguard_log_quota_warning: <value in [disable, enable]>
          # information_interval: <integer>
          # local_disk_usage: <integer>
          # log_disk_usage_warning: <value in [disable, enable]>
          # mailto1: <string>
          # mailto2: <string>
          # mailto3: <string>
          # notification_interval: <integer>
          # severity: <value in [emergency, alert, critical, ...]>
          # ssh_logs: <value in [disable, enable]>
          # sslvpn_authentication_errors_logs: <value in [disable, enable]>
          # username: <string>
          # violation_traffic_logs: <value in [disable, enable]>
          # warning_interval: <integer>
          # webfilter_logs: <value in [disable, enable]>
          # FDS_license_expiring_days: <integer>
          # fpx_license_logs: <value in [disable, enable]>

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

  • meta - The result of the request.returned: always type: dict
    • request_url - The full url requested. returned: always type: str sample: /sys/login/user
    • response_code - The status of api request. returned: always type: int sample: 0
    • response_data - The data body of the api response. returned: optional type: list or dict
    • response_message - The descriptive message of the api response. returned: always type: str sample: OK
    • system_information - The information of the target system. returned: always type: dict
  • rc - The status the request. returned: always type: int sample: 0
  • version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list

Status

  • This module is not guaranteed to have a backwards compatible interface.

Authors

  • Xinwei Du (@dux-fortinet)

  • Xing Li (@lix-fortinet)

  • Jie Xue (@JieX19)

  • Link Zheng (@chillancezen)

  • Frank Shen (@fshen01)

  • Hongbin Lu (@fgtdev-hblu)