Note
This plugin is part of the fortinet.fortios collection (version 2.1.2).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install fortinet.fortios
.
To use it in a playbook, specify: fortinet.fortios.fortios_antivirus_profile
.
New in version 2.10: of fortinet.fortios
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments | ||
---|---|---|---|---|
access_token string | Token-based authentication. Generated from GUI of Fortigate. | |||
antivirus_profile dictionary | Configure AntiVirus profiles. | |||
analytics_accept_filetype integer | Only submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id. | |||
analytics_bl_filetype integer | Only submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id. | |||
analytics_db string |
| Enable/disable using the FortiSandbox signature database to supplement the AV signature databases. | ||
analytics_ignore_filetype integer | Do not submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id. | |||
analytics_max_upload integer | Maximum size of files that can be uploaded to FortiSandbox (1 - 395 MBytes). | |||
analytics_wl_filetype integer | Do not submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id. | |||
av_block_log string |
| Enable/disable logging for AntiVirus file blocking. | ||
av_virus_log string |
| Enable/disable AntiVirus logging. | ||
cifs dictionary | Configure CIFS AntiVirus options. | |||
archive_block list / elements=string |
| Select the archive types to block. | ||
archive_log list / elements=string |
| Select the archive types to log. | ||
av_scan string |
| Enable AntiVirus scan service. | ||
emulator string |
| Enable/disable the virus emulator. | ||
external_blocklist string |
| Enable external-blocklist. | ||
options list / elements=string |
| Enable/disable CIFS AntiVirus scanning, monitoring, and quarantine. | ||
outbreak_prevention string |
| Enable Virus Outbreak Prevention service. | ||
quarantine string |
| Enable/disable quarantine for infected files. | ||
comment string | Comment. | |||
content_disarm dictionary | AV Content Disarm and Reconstruction settings. | |||
cover_page string |
| Enable/disable inserting a cover page into the disarmed document. | ||
detect_only string |
| Enable/disable only detect disarmable files, do not alter content. | ||
error_action string |
| Action to be taken if CDR engine encounters an unrecoverable error. | ||
office_action string |
| Enable/disable stripping of PowerPoint action events in Microsoft Office documents. | ||
office_dde string |
| Enable/disable stripping of Dynamic Data Exchange events in Microsoft Office documents. | ||
office_embed string |
| Enable/disable stripping of embedded objects in Microsoft Office documents. | ||
office_hylink string |
| Enable/disable stripping of hyperlinks in Microsoft Office documents. | ||
office_linked string |
| Enable/disable stripping of linked objects in Microsoft Office documents. | ||
office_macro string |
| Enable/disable stripping of macros in Microsoft Office documents. | ||
original_file_destination string |
| Destination to send original file if active content is removed. | ||
pdf_act_form string |
| Enable/disable stripping of actions that submit data to other targets in PDF documents. | ||
pdf_act_gotor string |
| Enable/disable stripping of links to other PDFs in PDF documents. | ||
pdf_act_java string |
| Enable/disable stripping of actions that execute JavaScript code in PDF documents. | ||
pdf_act_launch string |
| Enable/disable stripping of links to external applications in PDF documents. | ||
pdf_act_movie string |
| Enable/disable stripping of embedded movies in PDF documents. | ||
pdf_act_sound string |
| Enable/disable stripping of embedded sound files in PDF documents. | ||
pdf_embedfile string |
| Enable/disable stripping of embedded files in PDF documents. | ||
pdf_hyperlink string |
| Enable/disable stripping of hyperlinks from PDF documents. | ||
pdf_javacode string |
| Enable/disable stripping of JavaScript code in PDF documents. | ||
ems_threat_feed string |
| Enable/disable use of EMS threat feed when performing AntiVirus scan. | ||
extended_log string |
| Enable/disable extended logging for antivirus. | ||
external_blocklist list / elements=string | One or more external malware block lists. | |||
name string / required | External blocklist. Source system.external-resource.name. | |||
external_blocklist_archive_scan string |
| Enable/disable external-blocklist archive scanning. | ||
external_blocklist_enable_all string |
| Enable/disable all external blocklists. | ||
feature_set string |
| Flow/proxy feature set. | ||
ftgd_analytics string |
| Settings to control which files are uploaded to FortiSandbox. | ||
ftp dictionary | Configure FTP AntiVirus options. | |||
archive_block list / elements=string |
| Select the archive types to block. | ||
archive_log list / elements=string |
| Select the archive types to log. | ||
av_scan string |
| Enable AntiVirus scan service. | ||
emulator string |
| Enable/disable the virus emulator. | ||
external_blocklist string |
| Enable external-blocklist. | ||
options list / elements=string |
| Enable/disable FTP AntiVirus scanning, monitoring, and quarantine. | ||
outbreak_prevention string |
| Enable FortiGuard Virus Outbreak Prevention service. | ||
quarantine string |
| Enable/disable quarantine for infected files. | ||
http dictionary | Configure HTTP AntiVirus options. | |||
archive_block list / elements=string |
| Select the archive types to block. | ||
archive_log list / elements=string |
| Select the archive types to log. | ||
av_scan string |
| Enable AntiVirus scan service. | ||
content_disarm string |
| Enable Content Disarm and Reconstruction for this protocol. | ||
emulator string |
| Enable/disable the virus emulator. | ||
external_blocklist string |
| Enable external-blocklist. | ||
options list / elements=string |
| Enable/disable HTTP AntiVirus scanning, monitoring, and quarantine. | ||
outbreak_prevention string |
| Enable FortiGuard Virus Outbreak Prevention service. | ||
quarantine string |
| Enable/disable quarantine for infected files. | ||
imap dictionary | Configure IMAP AntiVirus options. | |||
archive_block list / elements=string |
| Select the archive types to block. | ||
archive_log list / elements=string |
| Select the archive types to log. | ||
av_scan string |
| Enable AntiVirus scan service. | ||
content_disarm string |
| Enable Content Disarm and Reconstruction for this protocol. | ||
emulator string |
| Enable/disable the virus emulator. | ||
executables string |
| Treat Windows executable files as viruses for the purpose of blocking or monitoring. | ||
external_blocklist string |
| Enable external-blocklist. | ||
options list / elements=string |
| Enable/disable IMAP AntiVirus scanning, monitoring, and quarantine. | ||
outbreak_prevention string |
| Enable FortiGuard Virus Outbreak Prevention service. | ||
quarantine string |
| Enable/disable quarantine for infected files. | ||
inspection_mode string |
| Inspection mode. | ||
mapi dictionary | Configure MAPI AntiVirus options. | |||
archive_block list / elements=string |
| Select the archive types to block. | ||
archive_log list / elements=string |
| Select the archive types to log. | ||
av_scan string |
| Enable AntiVirus scan service. | ||
emulator string |
| Enable/disable the virus emulator. | ||
executables string |
| Treat Windows executable files as viruses for the purpose of blocking or monitoring. | ||
external_blocklist string |
| Enable external-blocklist. | ||
options list / elements=string |
| Enable/disable MAPI AntiVirus scanning, monitoring, and quarantine. | ||
outbreak_prevention string |
| Enable FortiGuard Virus Outbreak Prevention service. | ||
quarantine string |
| Enable/disable quarantine for infected files. | ||
mobile_malware_db string |
| Enable/disable using the mobile malware signature database. | ||
nac_quar dictionary | Configure AntiVirus quarantine settings. | |||
expiry string | Duration of quarantine. | |||
infected string |
| Enable/Disable quarantining infected hosts to the banned user list. | ||
log string |
| Enable/disable AntiVirus quarantine logging. | ||
name string / required | Profile name. | |||
nntp dictionary | Configure NNTP AntiVirus options. | |||
archive_block list / elements=string |
| Select the archive types to block. | ||
archive_log list / elements=string |
| Select the archive types to log. | ||
av_scan string |
| Enable AntiVirus scan service. | ||
emulator string |
| Enable/disable the virus emulator. | ||
external_blocklist string |
| Enable external-blocklist. | ||
options list / elements=string |
| Enable/disable NNTP AntiVirus scanning, monitoring, and quarantine. | ||
outbreak_prevention string |
| Enable FortiGuard Virus Outbreak Prevention service. | ||
quarantine string |
| Enable/disable quarantine for infected files. | ||
outbreak_prevention dictionary | Configure Virus Outbreak Prevention settings. | |||
external_blocklist string |
| Enable/disable external malware blocklist. | ||
ftgd_service string |
| Enable/disable FortiGuard Virus outbreak prevention service. | ||
outbreak_prevention_archive_scan string |
| Enable/disable outbreak-prevention archive scanning. | ||
pop3 dictionary | Configure POP3 AntiVirus options. | |||
archive_block list / elements=string |
| Select the archive types to block. | ||
archive_log list / elements=string |
| Select the archive types to log. | ||
av_scan string |
| Enable AntiVirus scan service. | ||
content_disarm string |
| Enable Content Disarm and Reconstruction for this protocol. | ||
emulator string |
| Enable/disable the virus emulator. | ||
executables string |
| Treat Windows executable files as viruses for the purpose of blocking or monitoring. | ||
external_blocklist string |
| Enable external-blocklist. | ||
options list / elements=string |
| Enable/disable POP3 AntiVirus scanning, monitoring, and quarantine. | ||
outbreak_prevention string |
| Enable FortiGuard Virus Outbreak Prevention service. | ||
quarantine string |
| Enable/disable quarantine for infected files. | ||
replacemsg_group string | Replacement message group customized for this profile. Source system.replacemsg-group.name. | |||
scan_mode string |
| Choose between full scan mode and quick scan mode. | ||
smb dictionary | Configure SMB AntiVirus options. | |||
archive_block string |
| Select the archive types to block. | ||
archive_log string |
| Select the archive types to log. | ||
emulator string |
| Enable/disable the virus emulator. | ||
options string |
| Enable/disable SMB AntiVirus scanning, monitoring, and quarantine. | ||
outbreak_prevention string |
| Enable FortiGuard Virus Outbreak Prevention service. | ||
smtp dictionary | Configure SMTP AntiVirus options. | |||
archive_block list / elements=string |
| Select the archive types to block. | ||
archive_log list / elements=string |
| Select the archive types to log. | ||
av_scan string |
| Enable AntiVirus scan service. | ||
content_disarm string |
| Enable Content Disarm and Reconstruction for this protocol. | ||
emulator string |
| Enable/disable the virus emulator. | ||
executables string |
| Treat Windows executable files as viruses for the purpose of blocking or monitoring. | ||
external_blocklist string |
| Enable external-blocklist. | ||
options list / elements=string |
| Enable/disable SMTP AntiVirus scanning, monitoring, and quarantine. | ||
outbreak_prevention string |
| Enable FortiGuard Virus Outbreak Prevention service. | ||
quarantine string |
| Enable/disable quarantine for infected files. | ||
ssh dictionary | Configure SFTP and SCP AntiVirus options. | |||
archive_block list / elements=string |
| Select the archive types to block. | ||
archive_log list / elements=string |
| Select the archive types to log. | ||
av_scan string |
| Enable AntiVirus scan service. | ||
emulator string |
| Enable/disable the virus emulator. | ||
external_blocklist string |
| Enable external-blocklist. | ||
options list / elements=string |
| Enable/disable SFTP and SCP AntiVirus scanning, monitoring, and quarantine. | ||
outbreak_prevention string |
| Enable Virus Outbreak Prevention service. | ||
quarantine string |
| Enable/disable quarantine for infected files. | ||
enable_log boolean |
| Enable/Disable logging for task. | ||
state string / required |
| Indicates whether to create or remove the object. | ||
vdom string | Default: "root" | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. |
Note
- hosts: fortigates collections: - fortinet.fortios connection: httpapi vars: vdom: "root" ansible_httpapi_use_ssl: yes ansible_httpapi_validate_certs: no ansible_httpapi_port: 443 tasks: - name: Configure AntiVirus profiles. fortios_antivirus_profile: vdom: "{{ vdom }}" state: "present" access_token: "<your_own_value>" antivirus_profile: analytics_accept_filetype: "3 (source dlp.filepattern.id)" analytics_bl_filetype: "4 (source dlp.filepattern.id)" analytics_db: "disable" analytics_ignore_filetype: "6 (source dlp.filepattern.id)" analytics_max_upload: "7" analytics_wl_filetype: "8 (source dlp.filepattern.id)" av_block_log: "enable" av_virus_log: "enable" cifs: archive_block: "encrypted" archive_log: "encrypted" av_scan: "disable" emulator: "enable" external_blocklist: "disable" options: "scan" outbreak_prevention: "disabled" quarantine: "disable" comment: "Comment." content_disarm: cover_page: "disable" detect_only: "disable" error_action: "block" office_action: "disable" office_dde: "disable" office_embed: "disable" office_hylink: "disable" office_linked: "disable" office_macro: "disable" original_file_destination: "fortisandbox" pdf_act_form: "disable" pdf_act_gotor: "disable" pdf_act_java: "disable" pdf_act_launch: "disable" pdf_act_movie: "disable" pdf_act_sound: "disable" pdf_embedfile: "disable" pdf_hyperlink: "disable" pdf_javacode: "disable" ems_threat_feed: "disable" extended_log: "enable" external_blocklist: - name: "default_name_44 (source system.external-resource.name)" external_blocklist_archive_scan: "disable" external_blocklist_enable_all: "disable" feature_set: "flow" ftgd_analytics: "disable" ftp: archive_block: "encrypted" archive_log: "encrypted" av_scan: "disable" emulator: "enable" external_blocklist: "disable" options: "scan" outbreak_prevention: "disabled" quarantine: "disable" http: archive_block: "encrypted" archive_log: "encrypted" av_scan: "disable" content_disarm: "disable" emulator: "enable" external_blocklist: "disable" options: "scan" outbreak_prevention: "disabled" quarantine: "disable" imap: archive_block: "encrypted" archive_log: "encrypted" av_scan: "disable" content_disarm: "disable" emulator: "enable" executables: "default" external_blocklist: "disable" options: "scan" outbreak_prevention: "disabled" quarantine: "disable" inspection_mode: "proxy" mapi: archive_block: "encrypted" archive_log: "encrypted" av_scan: "disable" emulator: "enable" executables: "default" external_blocklist: "disable" options: "scan" outbreak_prevention: "disabled" quarantine: "disable" mobile_malware_db: "disable" nac_quar: expiry: "<your_own_value>" infected: "none" log: "enable" name: "default_name_95" nntp: archive_block: "encrypted" archive_log: "encrypted" av_scan: "disable" emulator: "enable" external_blocklist: "disable" options: "scan" outbreak_prevention: "disabled" quarantine: "disable" outbreak_prevention: external_blocklist: "disable" ftgd_service: "disable" outbreak_prevention_archive_scan: "disable" pop3: archive_block: "encrypted" archive_log: "encrypted" av_scan: "disable" content_disarm: "disable" emulator: "enable" executables: "default" external_blocklist: "disable" options: "scan" outbreak_prevention: "disabled" quarantine: "disable" replacemsg_group: "<your_own_value> (source system.replacemsg-group.name)" scan_mode: "quick" smb: archive_block: "encrypted" archive_log: "encrypted" emulator: "enable" options: "scan" outbreak_prevention: "disabled" smtp: archive_block: "encrypted" archive_log: "encrypted" av_scan: "disable" content_disarm: "disable" emulator: "enable" executables: "default" external_blocklist: "disable" options: "scan" outbreak_prevention: "disabled" quarantine: "disable" ssh: archive_block: "encrypted" archive_log: "encrypted" av_scan: "disable" emulator: "enable" external_blocklist: "disable" options: "scan" outbreak_prevention: "disabled" quarantine: "disable"
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
build string | always | Build number of the fortigate image Sample: 1547 |
http_method string | always | Last method used to provision the content into FortiGate Sample: PUT |
http_status string | always | Last result given by FortiGate on last operation applied Sample: 200 |
mkey string | success | Master key (id) used in the last call to FortiGate Sample: id |
name string | always | Name of the table used to fulfill the request Sample: urlfilter |
path string | always | Path of the table used to fulfill the request Sample: webfilter |
revision string | always | Internal revision number Sample: 17.0.2.10658 |
serial string | always | Serial number of the unit Sample: FGVMEVYYQT3AB5352 |
status string | always | Indication of the operation's result Sample: success |
vdom string | always | Virtual domain used Sample: root |
version string | always | Version of the FortiGate Sample: v5.6.3 |
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/fortinet/fortios/fortios_antivirus_profile_module.html