fortios.firewall.Sniffer
Explore with Pulumi AI
Configure sniffer.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";
const trname = new fortios.firewall.Sniffer("trname", {
applicationListStatus: "disable",
avProfileStatus: "disable",
dlpSensorStatus: "disable",
dsri: "disable",
fosid: 1,
"interface": "port4",
ipsDosStatus: "disable",
ipsSensorStatus: "disable",
ipv6: "disable",
logtraffic: "utm",
maxPacketCount: 4000,
nonIp: "enable",
scanBotnetConnections: "disable",
spamfilterProfileStatus: "disable",
status: "enable",
webfilterProfileStatus: "disable",
});
import pulumi
import pulumiverse_fortios as fortios
trname = fortios.firewall.Sniffer("trname",
application_list_status="disable",
av_profile_status="disable",
dlp_sensor_status="disable",
dsri="disable",
fosid=1,
interface="port4",
ips_dos_status="disable",
ips_sensor_status="disable",
ipv6="disable",
logtraffic="utm",
max_packet_count=4000,
non_ip="enable",
scan_botnet_connections="disable",
spamfilter_profile_status="disable",
status="enable",
webfilter_profile_status="disable")
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/firewall"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := firewall.NewSniffer(ctx, "trname", &firewall.SnifferArgs{
ApplicationListStatus: pulumi.String("disable"),
AvProfileStatus: pulumi.String("disable"),
DlpSensorStatus: pulumi.String("disable"),
Dsri: pulumi.String("disable"),
Fosid: pulumi.Int(1),
Interface: pulumi.String("port4"),
IpsDosStatus: pulumi.String("disable"),
IpsSensorStatus: pulumi.String("disable"),
Ipv6: pulumi.String("disable"),
Logtraffic: pulumi.String("utm"),
MaxPacketCount: pulumi.Int(4000),
NonIp: pulumi.String("enable"),
ScanBotnetConnections: pulumi.String("disable"),
SpamfilterProfileStatus: pulumi.String("disable"),
Status: pulumi.String("enable"),
WebfilterProfileStatus: pulumi.String("disable"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;
return await Deployment.RunAsync(() =>
{
var trname = new Fortios.Firewall.Sniffer("trname", new()
{
ApplicationListStatus = "disable",
AvProfileStatus = "disable",
DlpSensorStatus = "disable",
Dsri = "disable",
Fosid = 1,
Interface = "port4",
IpsDosStatus = "disable",
IpsSensorStatus = "disable",
Ipv6 = "disable",
Logtraffic = "utm",
MaxPacketCount = 4000,
NonIp = "enable",
ScanBotnetConnections = "disable",
SpamfilterProfileStatus = "disable",
Status = "enable",
WebfilterProfileStatus = "disable",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.firewall.Sniffer;
import com.pulumi.fortios.firewall.SnifferArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var trname = new Sniffer("trname", SnifferArgs.builder()
.applicationListStatus("disable")
.avProfileStatus("disable")
.dlpSensorStatus("disable")
.dsri("disable")
.fosid(1)
.interface_("port4")
.ipsDosStatus("disable")
.ipsSensorStatus("disable")
.ipv6("disable")
.logtraffic("utm")
.maxPacketCount(4000)
.nonIp("enable")
.scanBotnetConnections("disable")
.spamfilterProfileStatus("disable")
.status("enable")
.webfilterProfileStatus("disable")
.build());
}
}
resources:
trname:
type: fortios:firewall:Sniffer
properties:
applicationListStatus: disable
avProfileStatus: disable
dlpSensorStatus: disable
dsri: disable
fosid: 1
interface: port4
ipsDosStatus: disable
ipsSensorStatus: disable
ipv6: disable
logtraffic: utm
maxPacketCount: 4000
nonIp: enable
scanBotnetConnections: disable
spamfilterProfileStatus: disable
status: enable
webfilterProfileStatus: disable
Create Sniffer Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Sniffer(name: string, args: SnifferArgs, opts?: CustomResourceOptions);
@overload
def Sniffer(resource_name: str,
args: SnifferArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Sniffer(resource_name: str,
opts: Optional[ResourceOptions] = None,
interface: Optional[str] = None,
dlp_sensor_status: Optional[str] = None,
status: Optional[str] = None,
av_profile: Optional[str] = None,
av_profile_status: Optional[str] = None,
casb_profile: Optional[str] = None,
casb_profile_status: Optional[str] = None,
host: Optional[str] = None,
dlp_profile_status: Optional[str] = None,
dlp_sensor: Optional[str] = None,
anomalies: Optional[Sequence[SnifferAnomalyArgs]] = None,
dsri: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
emailfilter_profile: Optional[str] = None,
emailfilter_profile_status: Optional[str] = None,
file_filter_profile: Optional[str] = None,
file_filter_profile_status: Optional[str] = None,
fosid: Optional[int] = None,
ip_threatfeed_status: Optional[str] = None,
dlp_profile: Optional[str] = None,
application_list_status: Optional[str] = None,
get_all_tables: Optional[str] = None,
ip_threatfeeds: Optional[Sequence[SnifferIpThreatfeedArgs]] = None,
ips_dos_status: Optional[str] = None,
ips_sensor: Optional[str] = None,
ips_sensor_status: Optional[str] = None,
ipv6: Optional[str] = None,
logtraffic: Optional[str] = None,
max_packet_count: Optional[int] = None,
non_ip: Optional[str] = None,
port: Optional[str] = None,
protocol: Optional[str] = None,
scan_botnet_connections: Optional[str] = None,
spamfilter_profile: Optional[str] = None,
spamfilter_profile_status: Optional[str] = None,
application_list: Optional[str] = None,
uuid: Optional[str] = None,
vdomparam: Optional[str] = None,
vlan: Optional[str] = None,
webfilter_profile: Optional[str] = None,
webfilter_profile_status: Optional[str] = None)
func NewSniffer(ctx *Context, name string, args SnifferArgs, opts ...ResourceOption) (*Sniffer, error)
public Sniffer(string name, SnifferArgs args, CustomResourceOptions? opts = null)
public Sniffer(String name, SnifferArgs args)
public Sniffer(String name, SnifferArgs args, CustomResourceOptions options)
type: fortios:firewall:Sniffer
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SnifferArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SnifferArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SnifferArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SnifferArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SnifferArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var snifferResource = new Fortios.Firewall.Sniffer("snifferResource", new()
{
Interface = "string",
DlpSensorStatus = "string",
Status = "string",
AvProfile = "string",
AvProfileStatus = "string",
CasbProfile = "string",
CasbProfileStatus = "string",
Host = "string",
DlpProfileStatus = "string",
DlpSensor = "string",
Anomalies = new[]
{
new Fortios.Firewall.Inputs.SnifferAnomalyArgs
{
Action = "string",
Log = "string",
Name = "string",
Quarantine = "string",
QuarantineExpiry = "string",
QuarantineLog = "string",
Status = "string",
Threshold = 0,
Thresholddefault = 0,
},
},
Dsri = "string",
DynamicSortSubtable = "string",
EmailfilterProfile = "string",
EmailfilterProfileStatus = "string",
FileFilterProfile = "string",
FileFilterProfileStatus = "string",
Fosid = 0,
IpThreatfeedStatus = "string",
DlpProfile = "string",
ApplicationListStatus = "string",
GetAllTables = "string",
IpThreatfeeds = new[]
{
new Fortios.Firewall.Inputs.SnifferIpThreatfeedArgs
{
Name = "string",
},
},
IpsDosStatus = "string",
IpsSensor = "string",
IpsSensorStatus = "string",
Ipv6 = "string",
Logtraffic = "string",
MaxPacketCount = 0,
NonIp = "string",
Port = "string",
Protocol = "string",
ScanBotnetConnections = "string",
SpamfilterProfile = "string",
SpamfilterProfileStatus = "string",
ApplicationList = "string",
Uuid = "string",
Vdomparam = "string",
Vlan = "string",
WebfilterProfile = "string",
WebfilterProfileStatus = "string",
});
example, err := firewall.NewSniffer(ctx, "snifferResource", &firewall.SnifferArgs{
Interface: pulumi.String("string"),
DlpSensorStatus: pulumi.String("string"),
Status: pulumi.String("string"),
AvProfile: pulumi.String("string"),
AvProfileStatus: pulumi.String("string"),
CasbProfile: pulumi.String("string"),
CasbProfileStatus: pulumi.String("string"),
Host: pulumi.String("string"),
DlpProfileStatus: pulumi.String("string"),
DlpSensor: pulumi.String("string"),
Anomalies: firewall.SnifferAnomalyArray{
&firewall.SnifferAnomalyArgs{
Action: pulumi.String("string"),
Log: pulumi.String("string"),
Name: pulumi.String("string"),
Quarantine: pulumi.String("string"),
QuarantineExpiry: pulumi.String("string"),
QuarantineLog: pulumi.String("string"),
Status: pulumi.String("string"),
Threshold: pulumi.Int(0),
Thresholddefault: pulumi.Int(0),
},
},
Dsri: pulumi.String("string"),
DynamicSortSubtable: pulumi.String("string"),
EmailfilterProfile: pulumi.String("string"),
EmailfilterProfileStatus: pulumi.String("string"),
FileFilterProfile: pulumi.String("string"),
FileFilterProfileStatus: pulumi.String("string"),
Fosid: pulumi.Int(0),
IpThreatfeedStatus: pulumi.String("string"),
DlpProfile: pulumi.String("string"),
ApplicationListStatus: pulumi.String("string"),
GetAllTables: pulumi.String("string"),
IpThreatfeeds: firewall.SnifferIpThreatfeedArray{
&firewall.SnifferIpThreatfeedArgs{
Name: pulumi.String("string"),
},
},
IpsDosStatus: pulumi.String("string"),
IpsSensor: pulumi.String("string"),
IpsSensorStatus: pulumi.String("string"),
Ipv6: pulumi.String("string"),
Logtraffic: pulumi.String("string"),
MaxPacketCount: pulumi.Int(0),
NonIp: pulumi.String("string"),
Port: pulumi.String("string"),
Protocol: pulumi.String("string"),
ScanBotnetConnections: pulumi.String("string"),
SpamfilterProfile: pulumi.String("string"),
SpamfilterProfileStatus: pulumi.String("string"),
ApplicationList: pulumi.String("string"),
Uuid: pulumi.String("string"),
Vdomparam: pulumi.String("string"),
Vlan: pulumi.String("string"),
WebfilterProfile: pulumi.String("string"),
WebfilterProfileStatus: pulumi.String("string"),
})
var snifferResource = new Sniffer("snifferResource", SnifferArgs.builder()
.interface_("string")
.dlpSensorStatus("string")
.status("string")
.avProfile("string")
.avProfileStatus("string")
.casbProfile("string")
.casbProfileStatus("string")
.host("string")
.dlpProfileStatus("string")
.dlpSensor("string")
.anomalies(SnifferAnomalyArgs.builder()
.action("string")
.log("string")
.name("string")
.quarantine("string")
.quarantineExpiry("string")
.quarantineLog("string")
.status("string")
.threshold(0)
.thresholddefault(0)
.build())
.dsri("string")
.dynamicSortSubtable("string")
.emailfilterProfile("string")
.emailfilterProfileStatus("string")
.fileFilterProfile("string")
.fileFilterProfileStatus("string")
.fosid(0)
.ipThreatfeedStatus("string")
.dlpProfile("string")
.applicationListStatus("string")
.getAllTables("string")
.ipThreatfeeds(SnifferIpThreatfeedArgs.builder()
.name("string")
.build())
.ipsDosStatus("string")
.ipsSensor("string")
.ipsSensorStatus("string")
.ipv6("string")
.logtraffic("string")
.maxPacketCount(0)
.nonIp("string")
.port("string")
.protocol("string")
.scanBotnetConnections("string")
.spamfilterProfile("string")
.spamfilterProfileStatus("string")
.applicationList("string")
.uuid("string")
.vdomparam("string")
.vlan("string")
.webfilterProfile("string")
.webfilterProfileStatus("string")
.build());
sniffer_resource = fortios.firewall.Sniffer("snifferResource",
interface="string",
dlp_sensor_status="string",
status="string",
av_profile="string",
av_profile_status="string",
casb_profile="string",
casb_profile_status="string",
host="string",
dlp_profile_status="string",
dlp_sensor="string",
anomalies=[fortios.firewall.SnifferAnomalyArgs(
action="string",
log="string",
name="string",
quarantine="string",
quarantine_expiry="string",
quarantine_log="string",
status="string",
threshold=0,
thresholddefault=0,
)],
dsri="string",
dynamic_sort_subtable="string",
emailfilter_profile="string",
emailfilter_profile_status="string",
file_filter_profile="string",
file_filter_profile_status="string",
fosid=0,
ip_threatfeed_status="string",
dlp_profile="string",
application_list_status="string",
get_all_tables="string",
ip_threatfeeds=[fortios.firewall.SnifferIpThreatfeedArgs(
name="string",
)],
ips_dos_status="string",
ips_sensor="string",
ips_sensor_status="string",
ipv6="string",
logtraffic="string",
max_packet_count=0,
non_ip="string",
port="string",
protocol="string",
scan_botnet_connections="string",
spamfilter_profile="string",
spamfilter_profile_status="string",
application_list="string",
uuid="string",
vdomparam="string",
vlan="string",
webfilter_profile="string",
webfilter_profile_status="string")
const snifferResource = new fortios.firewall.Sniffer("snifferResource", {
"interface": "string",
dlpSensorStatus: "string",
status: "string",
avProfile: "string",
avProfileStatus: "string",
casbProfile: "string",
casbProfileStatus: "string",
host: "string",
dlpProfileStatus: "string",
dlpSensor: "string",
anomalies: [{
action: "string",
log: "string",
name: "string",
quarantine: "string",
quarantineExpiry: "string",
quarantineLog: "string",
status: "string",
threshold: 0,
thresholddefault: 0,
}],
dsri: "string",
dynamicSortSubtable: "string",
emailfilterProfile: "string",
emailfilterProfileStatus: "string",
fileFilterProfile: "string",
fileFilterProfileStatus: "string",
fosid: 0,
ipThreatfeedStatus: "string",
dlpProfile: "string",
applicationListStatus: "string",
getAllTables: "string",
ipThreatfeeds: [{
name: "string",
}],
ipsDosStatus: "string",
ipsSensor: "string",
ipsSensorStatus: "string",
ipv6: "string",
logtraffic: "string",
maxPacketCount: 0,
nonIp: "string",
port: "string",
protocol: "string",
scanBotnetConnections: "string",
spamfilterProfile: "string",
spamfilterProfileStatus: "string",
applicationList: "string",
uuid: "string",
vdomparam: "string",
vlan: "string",
webfilterProfile: "string",
webfilterProfileStatus: "string",
});
type: fortios:firewall:Sniffer
properties:
anomalies:
- action: string
log: string
name: string
quarantine: string
quarantineExpiry: string
quarantineLog: string
status: string
threshold: 0
thresholddefault: 0
applicationList: string
applicationListStatus: string
avProfile: string
avProfileStatus: string
casbProfile: string
casbProfileStatus: string
dlpProfile: string
dlpProfileStatus: string
dlpSensor: string
dlpSensorStatus: string
dsri: string
dynamicSortSubtable: string
emailfilterProfile: string
emailfilterProfileStatus: string
fileFilterProfile: string
fileFilterProfileStatus: string
fosid: 0
getAllTables: string
host: string
interface: string
ipThreatfeedStatus: string
ipThreatfeeds:
- name: string
ipsDosStatus: string
ipsSensor: string
ipsSensorStatus: string
ipv6: string
logtraffic: string
maxPacketCount: 0
nonIp: string
port: string
protocol: string
scanBotnetConnections: string
spamfilterProfile: string
spamfilterProfileStatus: string
status: string
uuid: string
vdomparam: string
vlan: string
webfilterProfile: string
webfilterProfileStatus: string
Sniffer Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Sniffer resource accepts the following input properties:
- Interface string
- Interface name that traffic sniffing will take place on.
- Anomalies
List<Pulumiverse.
Fortios. Firewall. Inputs. Sniffer Anomaly> - Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of
anomaly
block is documented below. - Application
List string - Name of an existing application list.
- Application
List stringStatus - Enable/disable application control profile. Valid values:
enable
,disable
. - Av
Profile string - Name of an existing antivirus profile.
- Av
Profile stringStatus - Enable/disable antivirus profile. Valid values:
enable
,disable
. - Casb
Profile string - Name of an existing CASB profile.
- Casb
Profile stringStatus - Enable/disable CASB profile. Valid values:
enable
,disable
. - Dlp
Profile string - Name of an existing DLP profile.
- Dlp
Profile stringStatus - Enable/disable DLP profile. Valid values:
enable
,disable
. - Dlp
Sensor string - Name of an existing DLP sensor.
- Dlp
Sensor stringStatus - Enable/disable DLP sensor. Valid values:
enable
,disable
. - Dsri string
- Enable/disable DSRI. Valid values:
enable
,disable
. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Emailfilter
Profile string - Name of an existing email filter profile.
- Emailfilter
Profile stringStatus - Enable/disable emailfilter. Valid values:
enable
,disable
. - File
Filter stringProfile - Name of an existing file-filter profile.
- File
Filter stringProfile Status - Enable/disable file filter. Valid values:
enable
,disable
. - Fosid int
- Sniffer ID.
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Host string
- Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
- Ip
Threatfeed stringStatus - Enable/disable IP threat feed. Valid values:
enable
,disable
. - Ip
Threatfeeds List<Pulumiverse.Fortios. Firewall. Inputs. Sniffer Ip Threatfeed> - Name of an existing IP threat feed. The structure of
ip_threatfeed
block is documented below. - Ips
Dos stringStatus - Enable/disable IPS DoS anomaly detection. Valid values:
enable
,disable
. - Ips
Sensor string - Name of an existing IPS sensor.
- Ips
Sensor stringStatus - Enable/disable IPS sensor. Valid values:
enable
,disable
. - Ipv6 string
- Enable/disable sniffing IPv6 packets. Valid values:
enable
,disable
. - Logtraffic string
- Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values:
all
,utm
,disable
. - Max
Packet intCount - Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.15, 7.0.1-7.0.15: 1 - 1000000, default = 4000.
- Non
Ip string - Enable/disable sniffing non-IP packets. Valid values:
enable
,disable
. - Port string
- Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
- Protocol string
- Integer value for the protocol type as defined by IANA (0 - 255).
- Scan
Botnet stringConnections - Enable/disable scanning of connections to Botnet servers. Valid values:
disable
,block
,monitor
. - Spamfilter
Profile string - Name of an existing spam filter profile.
- Spamfilter
Profile stringStatus - Enable/disable spam filter. Valid values:
enable
,disable
. - Status string
- Enable/disable the active status of the sniffer. Valid values:
enable
,disable
. - Uuid string
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Vlan string
- List of VLANs to sniff.
- Webfilter
Profile string - Name of an existing web filter profile.
- Webfilter
Profile stringStatus - Enable/disable web filter profile. Valid values:
enable
,disable
.
- Interface string
- Interface name that traffic sniffing will take place on.
- Anomalies
[]Sniffer
Anomaly Args - Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of
anomaly
block is documented below. - Application
List string - Name of an existing application list.
- Application
List stringStatus - Enable/disable application control profile. Valid values:
enable
,disable
. - Av
Profile string - Name of an existing antivirus profile.
- Av
Profile stringStatus - Enable/disable antivirus profile. Valid values:
enable
,disable
. - Casb
Profile string - Name of an existing CASB profile.
- Casb
Profile stringStatus - Enable/disable CASB profile. Valid values:
enable
,disable
. - Dlp
Profile string - Name of an existing DLP profile.
- Dlp
Profile stringStatus - Enable/disable DLP profile. Valid values:
enable
,disable
. - Dlp
Sensor string - Name of an existing DLP sensor.
- Dlp
Sensor stringStatus - Enable/disable DLP sensor. Valid values:
enable
,disable
. - Dsri string
- Enable/disable DSRI. Valid values:
enable
,disable
. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Emailfilter
Profile string - Name of an existing email filter profile.
- Emailfilter
Profile stringStatus - Enable/disable emailfilter. Valid values:
enable
,disable
. - File
Filter stringProfile - Name of an existing file-filter profile.
- File
Filter stringProfile Status - Enable/disable file filter. Valid values:
enable
,disable
. - Fosid int
- Sniffer ID.
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Host string
- Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
- Ip
Threatfeed stringStatus - Enable/disable IP threat feed. Valid values:
enable
,disable
. - Ip
Threatfeeds []SnifferIp Threatfeed Args - Name of an existing IP threat feed. The structure of
ip_threatfeed
block is documented below. - Ips
Dos stringStatus - Enable/disable IPS DoS anomaly detection. Valid values:
enable
,disable
. - Ips
Sensor string - Name of an existing IPS sensor.
- Ips
Sensor stringStatus - Enable/disable IPS sensor. Valid values:
enable
,disable
. - Ipv6 string
- Enable/disable sniffing IPv6 packets. Valid values:
enable
,disable
. - Logtraffic string
- Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values:
all
,utm
,disable
. - Max
Packet intCount - Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.15, 7.0.1-7.0.15: 1 - 1000000, default = 4000.
- Non
Ip string - Enable/disable sniffing non-IP packets. Valid values:
enable
,disable
. - Port string
- Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
- Protocol string
- Integer value for the protocol type as defined by IANA (0 - 255).
- Scan
Botnet stringConnections - Enable/disable scanning of connections to Botnet servers. Valid values:
disable
,block
,monitor
. - Spamfilter
Profile string - Name of an existing spam filter profile.
- Spamfilter
Profile stringStatus - Enable/disable spam filter. Valid values:
enable
,disable
. - Status string
- Enable/disable the active status of the sniffer. Valid values:
enable
,disable
. - Uuid string
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Vlan string
- List of VLANs to sniff.
- Webfilter
Profile string - Name of an existing web filter profile.
- Webfilter
Profile stringStatus - Enable/disable web filter profile. Valid values:
enable
,disable
.
- interface_ String
- Interface name that traffic sniffing will take place on.
- anomalies
List<Sniffer
Anomaly> - Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of
anomaly
block is documented below. - application
List String - Name of an existing application list.
- application
List StringStatus - Enable/disable application control profile. Valid values:
enable
,disable
. - av
Profile String - Name of an existing antivirus profile.
- av
Profile StringStatus - Enable/disable antivirus profile. Valid values:
enable
,disable
. - casb
Profile String - Name of an existing CASB profile.
- casb
Profile StringStatus - Enable/disable CASB profile. Valid values:
enable
,disable
. - dlp
Profile String - Name of an existing DLP profile.
- dlp
Profile StringStatus - Enable/disable DLP profile. Valid values:
enable
,disable
. - dlp
Sensor String - Name of an existing DLP sensor.
- dlp
Sensor StringStatus - Enable/disable DLP sensor. Valid values:
enable
,disable
. - dsri String
- Enable/disable DSRI. Valid values:
enable
,disable
. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- emailfilter
Profile String - Name of an existing email filter profile.
- emailfilter
Profile StringStatus - Enable/disable emailfilter. Valid values:
enable
,disable
. - file
Filter StringProfile - Name of an existing file-filter profile.
- file
Filter StringProfile Status - Enable/disable file filter. Valid values:
enable
,disable
. - fosid Integer
- Sniffer ID.
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- host String
- Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
- ip
Threatfeed StringStatus - Enable/disable IP threat feed. Valid values:
enable
,disable
. - ip
Threatfeeds List<SnifferIp Threatfeed> - Name of an existing IP threat feed. The structure of
ip_threatfeed
block is documented below. - ips
Dos StringStatus - Enable/disable IPS DoS anomaly detection. Valid values:
enable
,disable
. - ips
Sensor String - Name of an existing IPS sensor.
- ips
Sensor StringStatus - Enable/disable IPS sensor. Valid values:
enable
,disable
. - ipv6 String
- Enable/disable sniffing IPv6 packets. Valid values:
enable
,disable
. - logtraffic String
- Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values:
all
,utm
,disable
. - max
Packet IntegerCount - Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.15, 7.0.1-7.0.15: 1 - 1000000, default = 4000.
- non
Ip String - Enable/disable sniffing non-IP packets. Valid values:
enable
,disable
. - port String
- Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
- protocol String
- Integer value for the protocol type as defined by IANA (0 - 255).
- scan
Botnet StringConnections - Enable/disable scanning of connections to Botnet servers. Valid values:
disable
,block
,monitor
. - spamfilter
Profile String - Name of an existing spam filter profile.
- spamfilter
Profile StringStatus - Enable/disable spam filter. Valid values:
enable
,disable
. - status String
- Enable/disable the active status of the sniffer. Valid values:
enable
,disable
. - uuid String
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vlan String
- List of VLANs to sniff.
- webfilter
Profile String - Name of an existing web filter profile.
- webfilter
Profile StringStatus - Enable/disable web filter profile. Valid values:
enable
,disable
.
- interface string
- Interface name that traffic sniffing will take place on.
- anomalies
Sniffer
Anomaly[] - Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of
anomaly
block is documented below. - application
List string - Name of an existing application list.
- application
List stringStatus - Enable/disable application control profile. Valid values:
enable
,disable
. - av
Profile string - Name of an existing antivirus profile.
- av
Profile stringStatus - Enable/disable antivirus profile. Valid values:
enable
,disable
. - casb
Profile string - Name of an existing CASB profile.
- casb
Profile stringStatus - Enable/disable CASB profile. Valid values:
enable
,disable
. - dlp
Profile string - Name of an existing DLP profile.
- dlp
Profile stringStatus - Enable/disable DLP profile. Valid values:
enable
,disable
. - dlp
Sensor string - Name of an existing DLP sensor.
- dlp
Sensor stringStatus - Enable/disable DLP sensor. Valid values:
enable
,disable
. - dsri string
- Enable/disable DSRI. Valid values:
enable
,disable
. - dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- emailfilter
Profile string - Name of an existing email filter profile.
- emailfilter
Profile stringStatus - Enable/disable emailfilter. Valid values:
enable
,disable
. - file
Filter stringProfile - Name of an existing file-filter profile.
- file
Filter stringProfile Status - Enable/disable file filter. Valid values:
enable
,disable
. - fosid number
- Sniffer ID.
- get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- host string
- Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
- ip
Threatfeed stringStatus - Enable/disable IP threat feed. Valid values:
enable
,disable
. - ip
Threatfeeds SnifferIp Threatfeed[] - Name of an existing IP threat feed. The structure of
ip_threatfeed
block is documented below. - ips
Dos stringStatus - Enable/disable IPS DoS anomaly detection. Valid values:
enable
,disable
. - ips
Sensor string - Name of an existing IPS sensor.
- ips
Sensor stringStatus - Enable/disable IPS sensor. Valid values:
enable
,disable
. - ipv6 string
- Enable/disable sniffing IPv6 packets. Valid values:
enable
,disable
. - logtraffic string
- Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values:
all
,utm
,disable
. - max
Packet numberCount - Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.15, 7.0.1-7.0.15: 1 - 1000000, default = 4000.
- non
Ip string - Enable/disable sniffing non-IP packets. Valid values:
enable
,disable
. - port string
- Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
- protocol string
- Integer value for the protocol type as defined by IANA (0 - 255).
- scan
Botnet stringConnections - Enable/disable scanning of connections to Botnet servers. Valid values:
disable
,block
,monitor
. - spamfilter
Profile string - Name of an existing spam filter profile.
- spamfilter
Profile stringStatus - Enable/disable spam filter. Valid values:
enable
,disable
. - status string
- Enable/disable the active status of the sniffer. Valid values:
enable
,disable
. - uuid string
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vlan string
- List of VLANs to sniff.
- webfilter
Profile string - Name of an existing web filter profile.
- webfilter
Profile stringStatus - Enable/disable web filter profile. Valid values:
enable
,disable
.
- interface str
- Interface name that traffic sniffing will take place on.
- anomalies
Sequence[Sniffer
Anomaly Args] - Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of
anomaly
block is documented below. - application_
list str - Name of an existing application list.
- application_
list_ strstatus - Enable/disable application control profile. Valid values:
enable
,disable
. - av_
profile str - Name of an existing antivirus profile.
- av_
profile_ strstatus - Enable/disable antivirus profile. Valid values:
enable
,disable
. - casb_
profile str - Name of an existing CASB profile.
- casb_
profile_ strstatus - Enable/disable CASB profile. Valid values:
enable
,disable
. - dlp_
profile str - Name of an existing DLP profile.
- dlp_
profile_ strstatus - Enable/disable DLP profile. Valid values:
enable
,disable
. - dlp_
sensor str - Name of an existing DLP sensor.
- dlp_
sensor_ strstatus - Enable/disable DLP sensor. Valid values:
enable
,disable
. - dsri str
- Enable/disable DSRI. Valid values:
enable
,disable
. - dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- emailfilter_
profile str - Name of an existing email filter profile.
- emailfilter_
profile_ strstatus - Enable/disable emailfilter. Valid values:
enable
,disable
. - file_
filter_ strprofile - Name of an existing file-filter profile.
- file_
filter_ strprofile_ status - Enable/disable file filter. Valid values:
enable
,disable
. - fosid int
- Sniffer ID.
- get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- host str
- Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
- ip_
threatfeed_ strstatus - Enable/disable IP threat feed. Valid values:
enable
,disable
. - ip_
threatfeeds Sequence[SnifferIp Threatfeed Args] - Name of an existing IP threat feed. The structure of
ip_threatfeed
block is documented below. - ips_
dos_ strstatus - Enable/disable IPS DoS anomaly detection. Valid values:
enable
,disable
. - ips_
sensor str - Name of an existing IPS sensor.
- ips_
sensor_ strstatus - Enable/disable IPS sensor. Valid values:
enable
,disable
. - ipv6 str
- Enable/disable sniffing IPv6 packets. Valid values:
enable
,disable
. - logtraffic str
- Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values:
all
,utm
,disable
. - max_
packet_ intcount - Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.15, 7.0.1-7.0.15: 1 - 1000000, default = 4000.
- non_
ip str - Enable/disable sniffing non-IP packets. Valid values:
enable
,disable
. - port str
- Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
- protocol str
- Integer value for the protocol type as defined by IANA (0 - 255).
- scan_
botnet_ strconnections - Enable/disable scanning of connections to Botnet servers. Valid values:
disable
,block
,monitor
. - spamfilter_
profile str - Name of an existing spam filter profile.
- spamfilter_
profile_ strstatus - Enable/disable spam filter. Valid values:
enable
,disable
. - status str
- Enable/disable the active status of the sniffer. Valid values:
enable
,disable
. - uuid str
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vlan str
- List of VLANs to sniff.
- webfilter_
profile str - Name of an existing web filter profile.
- webfilter_
profile_ strstatus - Enable/disable web filter profile. Valid values:
enable
,disable
.
- interface String
- Interface name that traffic sniffing will take place on.
- anomalies List<Property Map>
- Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of
anomaly
block is documented below. - application
List String - Name of an existing application list.
- application
List StringStatus - Enable/disable application control profile. Valid values:
enable
,disable
. - av
Profile String - Name of an existing antivirus profile.
- av
Profile StringStatus - Enable/disable antivirus profile. Valid values:
enable
,disable
. - casb
Profile String - Name of an existing CASB profile.
- casb
Profile StringStatus - Enable/disable CASB profile. Valid values:
enable
,disable
. - dlp
Profile String - Name of an existing DLP profile.
- dlp
Profile StringStatus - Enable/disable DLP profile. Valid values:
enable
,disable
. - dlp
Sensor String - Name of an existing DLP sensor.
- dlp
Sensor StringStatus - Enable/disable DLP sensor. Valid values:
enable
,disable
. - dsri String
- Enable/disable DSRI. Valid values:
enable
,disable
. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- emailfilter
Profile String - Name of an existing email filter profile.
- emailfilter
Profile StringStatus - Enable/disable emailfilter. Valid values:
enable
,disable
. - file
Filter StringProfile - Name of an existing file-filter profile.
- file
Filter StringProfile Status - Enable/disable file filter. Valid values:
enable
,disable
. - fosid Number
- Sniffer ID.
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- host String
- Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
- ip
Threatfeed StringStatus - Enable/disable IP threat feed. Valid values:
enable
,disable
. - ip
Threatfeeds List<Property Map> - Name of an existing IP threat feed. The structure of
ip_threatfeed
block is documented below. - ips
Dos StringStatus - Enable/disable IPS DoS anomaly detection. Valid values:
enable
,disable
. - ips
Sensor String - Name of an existing IPS sensor.
- ips
Sensor StringStatus - Enable/disable IPS sensor. Valid values:
enable
,disable
. - ipv6 String
- Enable/disable sniffing IPv6 packets. Valid values:
enable
,disable
. - logtraffic String
- Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values:
all
,utm
,disable
. - max
Packet NumberCount - Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.15, 7.0.1-7.0.15: 1 - 1000000, default = 4000.
- non
Ip String - Enable/disable sniffing non-IP packets. Valid values:
enable
,disable
. - port String
- Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
- protocol String
- Integer value for the protocol type as defined by IANA (0 - 255).
- scan
Botnet StringConnections - Enable/disable scanning of connections to Botnet servers. Valid values:
disable
,block
,monitor
. - spamfilter
Profile String - Name of an existing spam filter profile.
- spamfilter
Profile StringStatus - Enable/disable spam filter. Valid values:
enable
,disable
. - status String
- Enable/disable the active status of the sniffer. Valid values:
enable
,disable
. - uuid String
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vlan String
- List of VLANs to sniff.
- webfilter
Profile String - Name of an existing web filter profile.
- webfilter
Profile StringStatus - Enable/disable web filter profile. Valid values:
enable
,disable
.
Outputs
All input properties are implicitly available as output properties. Additionally, the Sniffer resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Sniffer Resource
Get an existing Sniffer resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SnifferState, opts?: CustomResourceOptions): Sniffer
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
anomalies: Optional[Sequence[SnifferAnomalyArgs]] = None,
application_list: Optional[str] = None,
application_list_status: Optional[str] = None,
av_profile: Optional[str] = None,
av_profile_status: Optional[str] = None,
casb_profile: Optional[str] = None,
casb_profile_status: Optional[str] = None,
dlp_profile: Optional[str] = None,
dlp_profile_status: Optional[str] = None,
dlp_sensor: Optional[str] = None,
dlp_sensor_status: Optional[str] = None,
dsri: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
emailfilter_profile: Optional[str] = None,
emailfilter_profile_status: Optional[str] = None,
file_filter_profile: Optional[str] = None,
file_filter_profile_status: Optional[str] = None,
fosid: Optional[int] = None,
get_all_tables: Optional[str] = None,
host: Optional[str] = None,
interface: Optional[str] = None,
ip_threatfeed_status: Optional[str] = None,
ip_threatfeeds: Optional[Sequence[SnifferIpThreatfeedArgs]] = None,
ips_dos_status: Optional[str] = None,
ips_sensor: Optional[str] = None,
ips_sensor_status: Optional[str] = None,
ipv6: Optional[str] = None,
logtraffic: Optional[str] = None,
max_packet_count: Optional[int] = None,
non_ip: Optional[str] = None,
port: Optional[str] = None,
protocol: Optional[str] = None,
scan_botnet_connections: Optional[str] = None,
spamfilter_profile: Optional[str] = None,
spamfilter_profile_status: Optional[str] = None,
status: Optional[str] = None,
uuid: Optional[str] = None,
vdomparam: Optional[str] = None,
vlan: Optional[str] = None,
webfilter_profile: Optional[str] = None,
webfilter_profile_status: Optional[str] = None) -> Sniffer
func GetSniffer(ctx *Context, name string, id IDInput, state *SnifferState, opts ...ResourceOption) (*Sniffer, error)
public static Sniffer Get(string name, Input<string> id, SnifferState? state, CustomResourceOptions? opts = null)
public static Sniffer get(String name, Output<String> id, SnifferState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Anomalies
List<Pulumiverse.
Fortios. Firewall. Inputs. Sniffer Anomaly> - Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of
anomaly
block is documented below. - Application
List string - Name of an existing application list.
- Application
List stringStatus - Enable/disable application control profile. Valid values:
enable
,disable
. - Av
Profile string - Name of an existing antivirus profile.
- Av
Profile stringStatus - Enable/disable antivirus profile. Valid values:
enable
,disable
. - Casb
Profile string - Name of an existing CASB profile.
- Casb
Profile stringStatus - Enable/disable CASB profile. Valid values:
enable
,disable
. - Dlp
Profile string - Name of an existing DLP profile.
- Dlp
Profile stringStatus - Enable/disable DLP profile. Valid values:
enable
,disable
. - Dlp
Sensor string - Name of an existing DLP sensor.
- Dlp
Sensor stringStatus - Enable/disable DLP sensor. Valid values:
enable
,disable
. - Dsri string
- Enable/disable DSRI. Valid values:
enable
,disable
. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Emailfilter
Profile string - Name of an existing email filter profile.
- Emailfilter
Profile stringStatus - Enable/disable emailfilter. Valid values:
enable
,disable
. - File
Filter stringProfile - Name of an existing file-filter profile.
- File
Filter stringProfile Status - Enable/disable file filter. Valid values:
enable
,disable
. - Fosid int
- Sniffer ID.
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Host string
- Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
- Interface string
- Interface name that traffic sniffing will take place on.
- Ip
Threatfeed stringStatus - Enable/disable IP threat feed. Valid values:
enable
,disable
. - Ip
Threatfeeds List<Pulumiverse.Fortios. Firewall. Inputs. Sniffer Ip Threatfeed> - Name of an existing IP threat feed. The structure of
ip_threatfeed
block is documented below. - Ips
Dos stringStatus - Enable/disable IPS DoS anomaly detection. Valid values:
enable
,disable
. - Ips
Sensor string - Name of an existing IPS sensor.
- Ips
Sensor stringStatus - Enable/disable IPS sensor. Valid values:
enable
,disable
. - Ipv6 string
- Enable/disable sniffing IPv6 packets. Valid values:
enable
,disable
. - Logtraffic string
- Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values:
all
,utm
,disable
. - Max
Packet intCount - Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.15, 7.0.1-7.0.15: 1 - 1000000, default = 4000.
- Non
Ip string - Enable/disable sniffing non-IP packets. Valid values:
enable
,disable
. - Port string
- Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
- Protocol string
- Integer value for the protocol type as defined by IANA (0 - 255).
- Scan
Botnet stringConnections - Enable/disable scanning of connections to Botnet servers. Valid values:
disable
,block
,monitor
. - Spamfilter
Profile string - Name of an existing spam filter profile.
- Spamfilter
Profile stringStatus - Enable/disable spam filter. Valid values:
enable
,disable
. - Status string
- Enable/disable the active status of the sniffer. Valid values:
enable
,disable
. - Uuid string
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Vlan string
- List of VLANs to sniff.
- Webfilter
Profile string - Name of an existing web filter profile.
- Webfilter
Profile stringStatus - Enable/disable web filter profile. Valid values:
enable
,disable
.
- Anomalies
[]Sniffer
Anomaly Args - Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of
anomaly
block is documented below. - Application
List string - Name of an existing application list.
- Application
List stringStatus - Enable/disable application control profile. Valid values:
enable
,disable
. - Av
Profile string - Name of an existing antivirus profile.
- Av
Profile stringStatus - Enable/disable antivirus profile. Valid values:
enable
,disable
. - Casb
Profile string - Name of an existing CASB profile.
- Casb
Profile stringStatus - Enable/disable CASB profile. Valid values:
enable
,disable
. - Dlp
Profile string - Name of an existing DLP profile.
- Dlp
Profile stringStatus - Enable/disable DLP profile. Valid values:
enable
,disable
. - Dlp
Sensor string - Name of an existing DLP sensor.
- Dlp
Sensor stringStatus - Enable/disable DLP sensor. Valid values:
enable
,disable
. - Dsri string
- Enable/disable DSRI. Valid values:
enable
,disable
. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Emailfilter
Profile string - Name of an existing email filter profile.
- Emailfilter
Profile stringStatus - Enable/disable emailfilter. Valid values:
enable
,disable
. - File
Filter stringProfile - Name of an existing file-filter profile.
- File
Filter stringProfile Status - Enable/disable file filter. Valid values:
enable
,disable
. - Fosid int
- Sniffer ID.
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Host string
- Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
- Interface string
- Interface name that traffic sniffing will take place on.
- Ip
Threatfeed stringStatus - Enable/disable IP threat feed. Valid values:
enable
,disable
. - Ip
Threatfeeds []SnifferIp Threatfeed Args - Name of an existing IP threat feed. The structure of
ip_threatfeed
block is documented below. - Ips
Dos stringStatus - Enable/disable IPS DoS anomaly detection. Valid values:
enable
,disable
. - Ips
Sensor string - Name of an existing IPS sensor.
- Ips
Sensor stringStatus - Enable/disable IPS sensor. Valid values:
enable
,disable
. - Ipv6 string
- Enable/disable sniffing IPv6 packets. Valid values:
enable
,disable
. - Logtraffic string
- Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values:
all
,utm
,disable
. - Max
Packet intCount - Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.15, 7.0.1-7.0.15: 1 - 1000000, default = 4000.
- Non
Ip string - Enable/disable sniffing non-IP packets. Valid values:
enable
,disable
. - Port string
- Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
- Protocol string
- Integer value for the protocol type as defined by IANA (0 - 255).
- Scan
Botnet stringConnections - Enable/disable scanning of connections to Botnet servers. Valid values:
disable
,block
,monitor
. - Spamfilter
Profile string - Name of an existing spam filter profile.
- Spamfilter
Profile stringStatus - Enable/disable spam filter. Valid values:
enable
,disable
. - Status string
- Enable/disable the active status of the sniffer. Valid values:
enable
,disable
. - Uuid string
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Vlan string
- List of VLANs to sniff.
- Webfilter
Profile string - Name of an existing web filter profile.
- Webfilter
Profile stringStatus - Enable/disable web filter profile. Valid values:
enable
,disable
.
- anomalies
List<Sniffer
Anomaly> - Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of
anomaly
block is documented below. - application
List String - Name of an existing application list.
- application
List StringStatus - Enable/disable application control profile. Valid values:
enable
,disable
. - av
Profile String - Name of an existing antivirus profile.
- av
Profile StringStatus - Enable/disable antivirus profile. Valid values:
enable
,disable
. - casb
Profile String - Name of an existing CASB profile.
- casb
Profile StringStatus - Enable/disable CASB profile. Valid values:
enable
,disable
. - dlp
Profile String - Name of an existing DLP profile.
- dlp
Profile StringStatus - Enable/disable DLP profile. Valid values:
enable
,disable
. - dlp
Sensor String - Name of an existing DLP sensor.
- dlp
Sensor StringStatus - Enable/disable DLP sensor. Valid values:
enable
,disable
. - dsri String
- Enable/disable DSRI. Valid values:
enable
,disable
. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- emailfilter
Profile String - Name of an existing email filter profile.
- emailfilter
Profile StringStatus - Enable/disable emailfilter. Valid values:
enable
,disable
. - file
Filter StringProfile - Name of an existing file-filter profile.
- file
Filter StringProfile Status - Enable/disable file filter. Valid values:
enable
,disable
. - fosid Integer
- Sniffer ID.
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- host String
- Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
- interface_ String
- Interface name that traffic sniffing will take place on.
- ip
Threatfeed StringStatus - Enable/disable IP threat feed. Valid values:
enable
,disable
. - ip
Threatfeeds List<SnifferIp Threatfeed> - Name of an existing IP threat feed. The structure of
ip_threatfeed
block is documented below. - ips
Dos StringStatus - Enable/disable IPS DoS anomaly detection. Valid values:
enable
,disable
. - ips
Sensor String - Name of an existing IPS sensor.
- ips
Sensor StringStatus - Enable/disable IPS sensor. Valid values:
enable
,disable
. - ipv6 String
- Enable/disable sniffing IPv6 packets. Valid values:
enable
,disable
. - logtraffic String
- Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values:
all
,utm
,disable
. - max
Packet IntegerCount - Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.15, 7.0.1-7.0.15: 1 - 1000000, default = 4000.
- non
Ip String - Enable/disable sniffing non-IP packets. Valid values:
enable
,disable
. - port String
- Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
- protocol String
- Integer value for the protocol type as defined by IANA (0 - 255).
- scan
Botnet StringConnections - Enable/disable scanning of connections to Botnet servers. Valid values:
disable
,block
,monitor
. - spamfilter
Profile String - Name of an existing spam filter profile.
- spamfilter
Profile StringStatus - Enable/disable spam filter. Valid values:
enable
,disable
. - status String
- Enable/disable the active status of the sniffer. Valid values:
enable
,disable
. - uuid String
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vlan String
- List of VLANs to sniff.
- webfilter
Profile String - Name of an existing web filter profile.
- webfilter
Profile StringStatus - Enable/disable web filter profile. Valid values:
enable
,disable
.
- anomalies
Sniffer
Anomaly[] - Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of
anomaly
block is documented below. - application
List string - Name of an existing application list.
- application
List stringStatus - Enable/disable application control profile. Valid values:
enable
,disable
. - av
Profile string - Name of an existing antivirus profile.
- av
Profile stringStatus - Enable/disable antivirus profile. Valid values:
enable
,disable
. - casb
Profile string - Name of an existing CASB profile.
- casb
Profile stringStatus - Enable/disable CASB profile. Valid values:
enable
,disable
. - dlp
Profile string - Name of an existing DLP profile.
- dlp
Profile stringStatus - Enable/disable DLP profile. Valid values:
enable
,disable
. - dlp
Sensor string - Name of an existing DLP sensor.
- dlp
Sensor stringStatus - Enable/disable DLP sensor. Valid values:
enable
,disable
. - dsri string
- Enable/disable DSRI. Valid values:
enable
,disable
. - dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- emailfilter
Profile string - Name of an existing email filter profile.
- emailfilter
Profile stringStatus - Enable/disable emailfilter. Valid values:
enable
,disable
. - file
Filter stringProfile - Name of an existing file-filter profile.
- file
Filter stringProfile Status - Enable/disable file filter. Valid values:
enable
,disable
. - fosid number
- Sniffer ID.
- get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- host string
- Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
- interface string
- Interface name that traffic sniffing will take place on.
- ip
Threatfeed stringStatus - Enable/disable IP threat feed. Valid values:
enable
,disable
. - ip
Threatfeeds SnifferIp Threatfeed[] - Name of an existing IP threat feed. The structure of
ip_threatfeed
block is documented below. - ips
Dos stringStatus - Enable/disable IPS DoS anomaly detection. Valid values:
enable
,disable
. - ips
Sensor string - Name of an existing IPS sensor.
- ips
Sensor stringStatus - Enable/disable IPS sensor. Valid values:
enable
,disable
. - ipv6 string
- Enable/disable sniffing IPv6 packets. Valid values:
enable
,disable
. - logtraffic string
- Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values:
all
,utm
,disable
. - max
Packet numberCount - Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.15, 7.0.1-7.0.15: 1 - 1000000, default = 4000.
- non
Ip string - Enable/disable sniffing non-IP packets. Valid values:
enable
,disable
. - port string
- Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
- protocol string
- Integer value for the protocol type as defined by IANA (0 - 255).
- scan
Botnet stringConnections - Enable/disable scanning of connections to Botnet servers. Valid values:
disable
,block
,monitor
. - spamfilter
Profile string - Name of an existing spam filter profile.
- spamfilter
Profile stringStatus - Enable/disable spam filter. Valid values:
enable
,disable
. - status string
- Enable/disable the active status of the sniffer. Valid values:
enable
,disable
. - uuid string
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vlan string
- List of VLANs to sniff.
- webfilter
Profile string - Name of an existing web filter profile.
- webfilter
Profile stringStatus - Enable/disable web filter profile. Valid values:
enable
,disable
.
- anomalies
Sequence[Sniffer
Anomaly Args] - Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of
anomaly
block is documented below. - application_
list str - Name of an existing application list.
- application_
list_ strstatus - Enable/disable application control profile. Valid values:
enable
,disable
. - av_
profile str - Name of an existing antivirus profile.
- av_
profile_ strstatus - Enable/disable antivirus profile. Valid values:
enable
,disable
. - casb_
profile str - Name of an existing CASB profile.
- casb_
profile_ strstatus - Enable/disable CASB profile. Valid values:
enable
,disable
. - dlp_
profile str - Name of an existing DLP profile.
- dlp_
profile_ strstatus - Enable/disable DLP profile. Valid values:
enable
,disable
. - dlp_
sensor str - Name of an existing DLP sensor.
- dlp_
sensor_ strstatus - Enable/disable DLP sensor. Valid values:
enable
,disable
. - dsri str
- Enable/disable DSRI. Valid values:
enable
,disable
. - dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- emailfilter_
profile str - Name of an existing email filter profile.
- emailfilter_
profile_ strstatus - Enable/disable emailfilter. Valid values:
enable
,disable
. - file_
filter_ strprofile - Name of an existing file-filter profile.
- file_
filter_ strprofile_ status - Enable/disable file filter. Valid values:
enable
,disable
. - fosid int
- Sniffer ID.
- get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- host str
- Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
- interface str
- Interface name that traffic sniffing will take place on.
- ip_
threatfeed_ strstatus - Enable/disable IP threat feed. Valid values:
enable
,disable
. - ip_
threatfeeds Sequence[SnifferIp Threatfeed Args] - Name of an existing IP threat feed. The structure of
ip_threatfeed
block is documented below. - ips_
dos_ strstatus - Enable/disable IPS DoS anomaly detection. Valid values:
enable
,disable
. - ips_
sensor str - Name of an existing IPS sensor.
- ips_
sensor_ strstatus - Enable/disable IPS sensor. Valid values:
enable
,disable
. - ipv6 str
- Enable/disable sniffing IPv6 packets. Valid values:
enable
,disable
. - logtraffic str
- Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values:
all
,utm
,disable
. - max_
packet_ intcount - Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.15, 7.0.1-7.0.15: 1 - 1000000, default = 4000.
- non_
ip str - Enable/disable sniffing non-IP packets. Valid values:
enable
,disable
. - port str
- Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
- protocol str
- Integer value for the protocol type as defined by IANA (0 - 255).
- scan_
botnet_ strconnections - Enable/disable scanning of connections to Botnet servers. Valid values:
disable
,block
,monitor
. - spamfilter_
profile str - Name of an existing spam filter profile.
- spamfilter_
profile_ strstatus - Enable/disable spam filter. Valid values:
enable
,disable
. - status str
- Enable/disable the active status of the sniffer. Valid values:
enable
,disable
. - uuid str
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vlan str
- List of VLANs to sniff.
- webfilter_
profile str - Name of an existing web filter profile.
- webfilter_
profile_ strstatus - Enable/disable web filter profile. Valid values:
enable
,disable
.
- anomalies List<Property Map>
- Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of
anomaly
block is documented below. - application
List String - Name of an existing application list.
- application
List StringStatus - Enable/disable application control profile. Valid values:
enable
,disable
. - av
Profile String - Name of an existing antivirus profile.
- av
Profile StringStatus - Enable/disable antivirus profile. Valid values:
enable
,disable
. - casb
Profile String - Name of an existing CASB profile.
- casb
Profile StringStatus - Enable/disable CASB profile. Valid values:
enable
,disable
. - dlp
Profile String - Name of an existing DLP profile.
- dlp
Profile StringStatus - Enable/disable DLP profile. Valid values:
enable
,disable
. - dlp
Sensor String - Name of an existing DLP sensor.
- dlp
Sensor StringStatus - Enable/disable DLP sensor. Valid values:
enable
,disable
. - dsri String
- Enable/disable DSRI. Valid values:
enable
,disable
. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- emailfilter
Profile String - Name of an existing email filter profile.
- emailfilter
Profile StringStatus - Enable/disable emailfilter. Valid values:
enable
,disable
. - file
Filter StringProfile - Name of an existing file-filter profile.
- file
Filter StringProfile Status - Enable/disable file filter. Valid values:
enable
,disable
. - fosid Number
- Sniffer ID.
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- host String
- Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
- interface String
- Interface name that traffic sniffing will take place on.
- ip
Threatfeed StringStatus - Enable/disable IP threat feed. Valid values:
enable
,disable
. - ip
Threatfeeds List<Property Map> - Name of an existing IP threat feed. The structure of
ip_threatfeed
block is documented below. - ips
Dos StringStatus - Enable/disable IPS DoS anomaly detection. Valid values:
enable
,disable
. - ips
Sensor String - Name of an existing IPS sensor.
- ips
Sensor StringStatus - Enable/disable IPS sensor. Valid values:
enable
,disable
. - ipv6 String
- Enable/disable sniffing IPv6 packets. Valid values:
enable
,disable
. - logtraffic String
- Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values:
all
,utm
,disable
. - max
Packet NumberCount - Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.15, 7.0.1-7.0.15: 1 - 1000000, default = 4000.
- non
Ip String - Enable/disable sniffing non-IP packets. Valid values:
enable
,disable
. - port String
- Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
- protocol String
- Integer value for the protocol type as defined by IANA (0 - 255).
- scan
Botnet StringConnections - Enable/disable scanning of connections to Botnet servers. Valid values:
disable
,block
,monitor
. - spamfilter
Profile String - Name of an existing spam filter profile.
- spamfilter
Profile StringStatus - Enable/disable spam filter. Valid values:
enable
,disable
. - status String
- Enable/disable the active status of the sniffer. Valid values:
enable
,disable
. - uuid String
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vlan String
- List of VLANs to sniff.
- webfilter
Profile String - Name of an existing web filter profile.
- webfilter
Profile StringStatus - Enable/disable web filter profile. Valid values:
enable
,disable
.
Supporting Types
SnifferAnomaly, SnifferAnomalyArgs
- Action string
- Action taken when the threshold is reached.
- Log string
- Enable/disable anomaly logging. Valid values:
enable
,disable
. - Name string
- Anomaly name.
- Quarantine string
- Quarantine method. Valid values:
none
,attacker
. - Quarantine
Expiry string - Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- Quarantine
Log string - Enable/disable quarantine logging. Valid values:
disable
,enable
. - Status string
- Enable/disable this anomaly. Valid values:
disable
,enable
. - Threshold int
- Anomaly threshold. Number of detected instances that triggers the anomaly action. On FortiOS versions 6.2.0-6.4.2, 7.0.0-7.0.5, 7.2.0: packets per minute. On FortiOS versions 6.4.10-6.4.15, 7.0.6-7.0.15, >= 7.2.1: packets per second or concurrent session number.
- Thresholddefault int
- Number of detected instances (packets per second or concurrent session number) which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.
- Action string
- Action taken when the threshold is reached.
- Log string
- Enable/disable anomaly logging. Valid values:
enable
,disable
. - Name string
- Anomaly name.
- Quarantine string
- Quarantine method. Valid values:
none
,attacker
. - Quarantine
Expiry string - Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- Quarantine
Log string - Enable/disable quarantine logging. Valid values:
disable
,enable
. - Status string
- Enable/disable this anomaly. Valid values:
disable
,enable
. - Threshold int
- Anomaly threshold. Number of detected instances that triggers the anomaly action. On FortiOS versions 6.2.0-6.4.2, 7.0.0-7.0.5, 7.2.0: packets per minute. On FortiOS versions 6.4.10-6.4.15, 7.0.6-7.0.15, >= 7.2.1: packets per second or concurrent session number.
- Thresholddefault int
- Number of detected instances (packets per second or concurrent session number) which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.
- action String
- Action taken when the threshold is reached.
- log String
- Enable/disable anomaly logging. Valid values:
enable
,disable
. - name String
- Anomaly name.
- quarantine String
- Quarantine method. Valid values:
none
,attacker
. - quarantine
Expiry String - Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- quarantine
Log String - Enable/disable quarantine logging. Valid values:
disable
,enable
. - status String
- Enable/disable this anomaly. Valid values:
disable
,enable
. - threshold Integer
- Anomaly threshold. Number of detected instances that triggers the anomaly action. On FortiOS versions 6.2.0-6.4.2, 7.0.0-7.0.5, 7.2.0: packets per minute. On FortiOS versions 6.4.10-6.4.15, 7.0.6-7.0.15, >= 7.2.1: packets per second or concurrent session number.
- thresholddefault Integer
- Number of detected instances (packets per second or concurrent session number) which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.
- action string
- Action taken when the threshold is reached.
- log string
- Enable/disable anomaly logging. Valid values:
enable
,disable
. - name string
- Anomaly name.
- quarantine string
- Quarantine method. Valid values:
none
,attacker
. - quarantine
Expiry string - Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- quarantine
Log string - Enable/disable quarantine logging. Valid values:
disable
,enable
. - status string
- Enable/disable this anomaly. Valid values:
disable
,enable
. - threshold number
- Anomaly threshold. Number of detected instances that triggers the anomaly action. On FortiOS versions 6.2.0-6.4.2, 7.0.0-7.0.5, 7.2.0: packets per minute. On FortiOS versions 6.4.10-6.4.15, 7.0.6-7.0.15, >= 7.2.1: packets per second or concurrent session number.
- thresholddefault number
- Number of detected instances (packets per second or concurrent session number) which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.
- action str
- Action taken when the threshold is reached.
- log str
- Enable/disable anomaly logging. Valid values:
enable
,disable
. - name str
- Anomaly name.
- quarantine str
- Quarantine method. Valid values:
none
,attacker
. - quarantine_
expiry str - Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- quarantine_
log str - Enable/disable quarantine logging. Valid values:
disable
,enable
. - status str
- Enable/disable this anomaly. Valid values:
disable
,enable
. - threshold int
- Anomaly threshold. Number of detected instances that triggers the anomaly action. On FortiOS versions 6.2.0-6.4.2, 7.0.0-7.0.5, 7.2.0: packets per minute. On FortiOS versions 6.4.10-6.4.15, 7.0.6-7.0.15, >= 7.2.1: packets per second or concurrent session number.
- thresholddefault int
- Number of detected instances (packets per second or concurrent session number) which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.
- action String
- Action taken when the threshold is reached.
- log String
- Enable/disable anomaly logging. Valid values:
enable
,disable
. - name String
- Anomaly name.
- quarantine String
- Quarantine method. Valid values:
none
,attacker
. - quarantine
Expiry String - Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- quarantine
Log String - Enable/disable quarantine logging. Valid values:
disable
,enable
. - status String
- Enable/disable this anomaly. Valid values:
disable
,enable
. - threshold Number
- Anomaly threshold. Number of detected instances that triggers the anomaly action. On FortiOS versions 6.2.0-6.4.2, 7.0.0-7.0.5, 7.2.0: packets per minute. On FortiOS versions 6.4.10-6.4.15, 7.0.6-7.0.15, >= 7.2.1: packets per second or concurrent session number.
- thresholddefault Number
- Number of detected instances (packets per second or concurrent session number) which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.
SnifferIpThreatfeed, SnifferIpThreatfeedArgs
- Name string
- Threat feed name.
- Name string
- Threat feed name.
- name String
- Threat feed name.
- name string
- Threat feed name.
- name str
- Threat feed name.
- name String
- Threat feed name.
Import
Firewall Sniffer can be imported using any of these accepted formats:
$ pulumi import fortios:firewall/sniffer:Sniffer labelname {{fosid}}
If you do not want to import arguments of block:
$ export “FORTIOS_IMPORT_TABLE”=“false”
$ pulumi import fortios:firewall/sniffer:Sniffer labelname {{fosid}}
$ unset “FORTIOS_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortios pulumiverse/pulumi-fortios
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fortios
Terraform Provider.