Fortios v0.0.5, Apr 9 24

Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

fortios.firewall.Sniffer

Explore with Pulumi AI

Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";

const trname = new fortios.firewall.Sniffer("trname", {
    applicationListStatus: "disable",
    avProfileStatus: "disable",
    dlpSensorStatus: "disable",
    dsri: "disable",
    fosid: 1,
    "interface": "port4",
    ipsDosStatus: "disable",
    ipsSensorStatus: "disable",
    ipv6: "disable",
    logtraffic: "utm",
    maxPacketCount: 4000,
    nonIp: "enable",
    scanBotnetConnections: "disable",
    spamfilterProfileStatus: "disable",
    status: "enable",
    webfilterProfileStatus: "disable",
});

import pulumi
import pulumiverse_fortios as fortios

trname = fortios.firewall.Sniffer("trname",
    application_list_status="disable",
    av_profile_status="disable",
    dlp_sensor_status="disable",
    dsri="disable",
    fosid=1,
    interface="port4",
    ips_dos_status="disable",
    ips_sensor_status="disable",
    ipv6="disable",
    logtraffic="utm",
    max_packet_count=4000,
    non_ip="enable",
    scan_botnet_connections="disable",
    spamfilter_profile_status="disable",
    status="enable",
    webfilter_profile_status="disable")

package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/firewall"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := firewall.NewSniffer(ctx, "trname", &firewall.SnifferArgs{
			ApplicationListStatus:   pulumi.String("disable"),
			AvProfileStatus:         pulumi.String("disable"),
			DlpSensorStatus:         pulumi.String("disable"),
			Dsri:                    pulumi.String("disable"),
			Fosid:                   pulumi.Int(1),
			Interface:               pulumi.String("port4"),
			IpsDosStatus:            pulumi.String("disable"),
			IpsSensorStatus:         pulumi.String("disable"),
			Ipv6:                    pulumi.String("disable"),
			Logtraffic:              pulumi.String("utm"),
			MaxPacketCount:          pulumi.Int(4000),
			NonIp:                   pulumi.String("enable"),
			ScanBotnetConnections:   pulumi.String("disable"),
			SpamfilterProfileStatus: pulumi.String("disable"),
			Status:                  pulumi.String("enable"),
			WebfilterProfileStatus:  pulumi.String("disable"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;

return await Deployment.RunAsync(() => 
{
    var trname = new Fortios.Firewall.Sniffer("trname", new()
    {
        ApplicationListStatus = "disable",
        AvProfileStatus = "disable",
        DlpSensorStatus = "disable",
        Dsri = "disable",
        Fosid = 1,
        Interface = "port4",
        IpsDosStatus = "disable",
        IpsSensorStatus = "disable",
        Ipv6 = "disable",
        Logtraffic = "utm",
        MaxPacketCount = 4000,
        NonIp = "enable",
        ScanBotnetConnections = "disable",
        SpamfilterProfileStatus = "disable",
        Status = "enable",
        WebfilterProfileStatus = "disable",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.firewall.Sniffer;
import com.pulumi.fortios.firewall.SnifferArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var trname = new Sniffer("trname", SnifferArgs.builder()        
            .applicationListStatus("disable")
            .avProfileStatus("disable")
            .dlpSensorStatus("disable")
            .dsri("disable")
            .fosid(1)
            .interface_("port4")
            .ipsDosStatus("disable")
            .ipsSensorStatus("disable")
            .ipv6("disable")
            .logtraffic("utm")
            .maxPacketCount(4000)
            .nonIp("enable")
            .scanBotnetConnections("disable")
            .spamfilterProfileStatus("disable")
            .status("enable")
            .webfilterProfileStatus("disable")
            .build());

    }
}

resources:
  trname:
    type: fortios:firewall:Sniffer
    properties:
      applicationListStatus: disable
      avProfileStatus: disable
      dlpSensorStatus: disable
      dsri: disable
      fosid: 1
      interface: port4
      ipsDosStatus: disable
      ipsSensorStatus: disable
      ipv6: disable
      logtraffic: utm
      maxPacketCount: 4000
      nonIp: enable
      scanBotnetConnections: disable
      spamfilterProfileStatus: disable
      status: enable
      webfilterProfileStatus: disable

Create Sniffer Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Sniffer(name: string, args: SnifferArgs, opts?: CustomResourceOptions);

@overload
def Sniffer(resource_name: str,
            args: SnifferArgs,
            opts: Optional[ResourceOptions] = None)

@overload
def Sniffer(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            interface: Optional[str] = None,
            dlp_sensor_status: Optional[str] = None,
            status: Optional[str] = None,
            av_profile: Optional[str] = None,
            av_profile_status: Optional[str] = None,
            casb_profile: Optional[str] = None,
            casb_profile_status: Optional[str] = None,
            host: Optional[str] = None,
            dlp_profile_status: Optional[str] = None,
            dlp_sensor: Optional[str] = None,
            anomalies: Optional[Sequence[SnifferAnomalyArgs]] = None,
            dsri: Optional[str] = None,
            dynamic_sort_subtable: Optional[str] = None,
            emailfilter_profile: Optional[str] = None,
            emailfilter_profile_status: Optional[str] = None,
            file_filter_profile: Optional[str] = None,
            file_filter_profile_status: Optional[str] = None,
            fosid: Optional[int] = None,
            ip_threatfeed_status: Optional[str] = None,
            dlp_profile: Optional[str] = None,
            application_list_status: Optional[str] = None,
            get_all_tables: Optional[str] = None,
            ip_threatfeeds: Optional[Sequence[SnifferIpThreatfeedArgs]] = None,
            ips_dos_status: Optional[str] = None,
            ips_sensor: Optional[str] = None,
            ips_sensor_status: Optional[str] = None,
            ipv6: Optional[str] = None,
            logtraffic: Optional[str] = None,
            max_packet_count: Optional[int] = None,
            non_ip: Optional[str] = None,
            port: Optional[str] = None,
            protocol: Optional[str] = None,
            scan_botnet_connections: Optional[str] = None,
            spamfilter_profile: Optional[str] = None,
            spamfilter_profile_status: Optional[str] = None,
            application_list: Optional[str] = None,
            uuid: Optional[str] = None,
            vdomparam: Optional[str] = None,
            vlan: Optional[str] = None,
            webfilter_profile: Optional[str] = None,
            webfilter_profile_status: Optional[str] = None)

func NewSniffer(ctx *Context, name string, args SnifferArgs, opts ...ResourceOption) (*Sniffer, error)

public Sniffer(string name, SnifferArgs args, CustomResourceOptions? opts = null)

public Sniffer(String name, SnifferArgs args)
public Sniffer(String name, SnifferArgs args, CustomResourceOptions options)

type: fortios:firewall:Sniffer
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SnifferArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SnifferArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SnifferArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SnifferArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SnifferArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var snifferResource = new Fortios.Firewall.Sniffer("snifferResource", new()
{
    Interface = "string",
    DlpSensorStatus = "string",
    Status = "string",
    AvProfile = "string",
    AvProfileStatus = "string",
    CasbProfile = "string",
    CasbProfileStatus = "string",
    Host = "string",
    DlpProfileStatus = "string",
    DlpSensor = "string",
    Anomalies = new[]
    {
        new Fortios.Firewall.Inputs.SnifferAnomalyArgs
        {
            Action = "string",
            Log = "string",
            Name = "string",
            Quarantine = "string",
            QuarantineExpiry = "string",
            QuarantineLog = "string",
            Status = "string",
            Threshold = 0,
            Thresholddefault = 0,
        },
    },
    Dsri = "string",
    DynamicSortSubtable = "string",
    EmailfilterProfile = "string",
    EmailfilterProfileStatus = "string",
    FileFilterProfile = "string",
    FileFilterProfileStatus = "string",
    Fosid = 0,
    IpThreatfeedStatus = "string",
    DlpProfile = "string",
    ApplicationListStatus = "string",
    GetAllTables = "string",
    IpThreatfeeds = new[]
    {
        new Fortios.Firewall.Inputs.SnifferIpThreatfeedArgs
        {
            Name = "string",
        },
    },
    IpsDosStatus = "string",
    IpsSensor = "string",
    IpsSensorStatus = "string",
    Ipv6 = "string",
    Logtraffic = "string",
    MaxPacketCount = 0,
    NonIp = "string",
    Port = "string",
    Protocol = "string",
    ScanBotnetConnections = "string",
    SpamfilterProfile = "string",
    SpamfilterProfileStatus = "string",
    ApplicationList = "string",
    Uuid = "string",
    Vdomparam = "string",
    Vlan = "string",
    WebfilterProfile = "string",
    WebfilterProfileStatus = "string",
});

example, err := firewall.NewSniffer(ctx, "snifferResource", &firewall.SnifferArgs{
	Interface:         pulumi.String("string"),
	DlpSensorStatus:   pulumi.String("string"),
	Status:            pulumi.String("string"),
	AvProfile:         pulumi.String("string"),
	AvProfileStatus:   pulumi.String("string"),
	CasbProfile:       pulumi.String("string"),
	CasbProfileStatus: pulumi.String("string"),
	Host:              pulumi.String("string"),
	DlpProfileStatus:  pulumi.String("string"),
	DlpSensor:         pulumi.String("string"),
	Anomalies: firewall.SnifferAnomalyArray{
		&firewall.SnifferAnomalyArgs{
			Action:           pulumi.String("string"),
			Log:              pulumi.String("string"),
			Name:             pulumi.String("string"),
			Quarantine:       pulumi.String("string"),
			QuarantineExpiry: pulumi.String("string"),
			QuarantineLog:    pulumi.String("string"),
			Status:           pulumi.String("string"),
			Threshold:        pulumi.Int(0),
			Thresholddefault: pulumi.Int(0),
		},
	},
	Dsri:                     pulumi.String("string"),
	DynamicSortSubtable:      pulumi.String("string"),
	EmailfilterProfile:       pulumi.String("string"),
	EmailfilterProfileStatus: pulumi.String("string"),
	FileFilterProfile:        pulumi.String("string"),
	FileFilterProfileStatus:  pulumi.String("string"),
	Fosid:                    pulumi.Int(0),
	IpThreatfeedStatus:       pulumi.String("string"),
	DlpProfile:               pulumi.String("string"),
	ApplicationListStatus:    pulumi.String("string"),
	GetAllTables:             pulumi.String("string"),
	IpThreatfeeds: firewall.SnifferIpThreatfeedArray{
		&firewall.SnifferIpThreatfeedArgs{
			Name: pulumi.String("string"),
		},
	},
	IpsDosStatus:            pulumi.String("string"),
	IpsSensor:               pulumi.String("string"),
	IpsSensorStatus:         pulumi.String("string"),
	Ipv6:                    pulumi.String("string"),
	Logtraffic:              pulumi.String("string"),
	MaxPacketCount:          pulumi.Int(0),
	NonIp:                   pulumi.String("string"),
	Port:                    pulumi.String("string"),
	Protocol:                pulumi.String("string"),
	ScanBotnetConnections:   pulumi.String("string"),
	SpamfilterProfile:       pulumi.String("string"),
	SpamfilterProfileStatus: pulumi.String("string"),
	ApplicationList:         pulumi.String("string"),
	Uuid:                    pulumi.String("string"),
	Vdomparam:               pulumi.String("string"),
	Vlan:                    pulumi.String("string"),
	WebfilterProfile:        pulumi.String("string"),
	WebfilterProfileStatus:  pulumi.String("string"),
})

var snifferResource = new Sniffer("snifferResource", SnifferArgs.builder()
    .interface_("string")
    .dlpSensorStatus("string")
    .status("string")
    .avProfile("string")
    .avProfileStatus("string")
    .casbProfile("string")
    .casbProfileStatus("string")
    .host("string")
    .dlpProfileStatus("string")
    .dlpSensor("string")
    .anomalies(SnifferAnomalyArgs.builder()
        .action("string")
        .log("string")
        .name("string")
        .quarantine("string")
        .quarantineExpiry("string")
        .quarantineLog("string")
        .status("string")
        .threshold(0)
        .thresholddefault(0)
        .build())
    .dsri("string")
    .dynamicSortSubtable("string")
    .emailfilterProfile("string")
    .emailfilterProfileStatus("string")
    .fileFilterProfile("string")
    .fileFilterProfileStatus("string")
    .fosid(0)
    .ipThreatfeedStatus("string")
    .dlpProfile("string")
    .applicationListStatus("string")
    .getAllTables("string")
    .ipThreatfeeds(SnifferIpThreatfeedArgs.builder()
        .name("string")
        .build())
    .ipsDosStatus("string")
    .ipsSensor("string")
    .ipsSensorStatus("string")
    .ipv6("string")
    .logtraffic("string")
    .maxPacketCount(0)
    .nonIp("string")
    .port("string")
    .protocol("string")
    .scanBotnetConnections("string")
    .spamfilterProfile("string")
    .spamfilterProfileStatus("string")
    .applicationList("string")
    .uuid("string")
    .vdomparam("string")
    .vlan("string")
    .webfilterProfile("string")
    .webfilterProfileStatus("string")
    .build());

sniffer_resource = fortios.firewall.Sniffer("snifferResource",
    interface="string",
    dlp_sensor_status="string",
    status="string",
    av_profile="string",
    av_profile_status="string",
    casb_profile="string",
    casb_profile_status="string",
    host="string",
    dlp_profile_status="string",
    dlp_sensor="string",
    anomalies=[fortios.firewall.SnifferAnomalyArgs(
        action="string",
        log="string",
        name="string",
        quarantine="string",
        quarantine_expiry="string",
        quarantine_log="string",
        status="string",
        threshold=0,
        thresholddefault=0,
    )],
    dsri="string",
    dynamic_sort_subtable="string",
    emailfilter_profile="string",
    emailfilter_profile_status="string",
    file_filter_profile="string",
    file_filter_profile_status="string",
    fosid=0,
    ip_threatfeed_status="string",
    dlp_profile="string",
    application_list_status="string",
    get_all_tables="string",
    ip_threatfeeds=[fortios.firewall.SnifferIpThreatfeedArgs(
        name="string",
    )],
    ips_dos_status="string",
    ips_sensor="string",
    ips_sensor_status="string",
    ipv6="string",
    logtraffic="string",
    max_packet_count=0,
    non_ip="string",
    port="string",
    protocol="string",
    scan_botnet_connections="string",
    spamfilter_profile="string",
    spamfilter_profile_status="string",
    application_list="string",
    uuid="string",
    vdomparam="string",
    vlan="string",
    webfilter_profile="string",
    webfilter_profile_status="string")

const snifferResource = new fortios.firewall.Sniffer("snifferResource", {
    "interface": "string",
    dlpSensorStatus: "string",
    status: "string",
    avProfile: "string",
    avProfileStatus: "string",
    casbProfile: "string",
    casbProfileStatus: "string",
    host: "string",
    dlpProfileStatus: "string",
    dlpSensor: "string",
    anomalies: [{
        action: "string",
        log: "string",
        name: "string",
        quarantine: "string",
        quarantineExpiry: "string",
        quarantineLog: "string",
        status: "string",
        threshold: 0,
        thresholddefault: 0,
    }],
    dsri: "string",
    dynamicSortSubtable: "string",
    emailfilterProfile: "string",
    emailfilterProfileStatus: "string",
    fileFilterProfile: "string",
    fileFilterProfileStatus: "string",
    fosid: 0,
    ipThreatfeedStatus: "string",
    dlpProfile: "string",
    applicationListStatus: "string",
    getAllTables: "string",
    ipThreatfeeds: [{
        name: "string",
    }],
    ipsDosStatus: "string",
    ipsSensor: "string",
    ipsSensorStatus: "string",
    ipv6: "string",
    logtraffic: "string",
    maxPacketCount: 0,
    nonIp: "string",
    port: "string",
    protocol: "string",
    scanBotnetConnections: "string",
    spamfilterProfile: "string",
    spamfilterProfileStatus: "string",
    applicationList: "string",
    uuid: "string",
    vdomparam: "string",
    vlan: "string",
    webfilterProfile: "string",
    webfilterProfileStatus: "string",
});

type: fortios:firewall:Sniffer
properties:
    anomalies:
        - action: string
          log: string
          name: string
          quarantine: string
          quarantineExpiry: string
          quarantineLog: string
          status: string
          threshold: 0
          thresholddefault: 0
    applicationList: string
    applicationListStatus: string
    avProfile: string
    avProfileStatus: string
    casbProfile: string
    casbProfileStatus: string
    dlpProfile: string
    dlpProfileStatus: string
    dlpSensor: string
    dlpSensorStatus: string
    dsri: string
    dynamicSortSubtable: string
    emailfilterProfile: string
    emailfilterProfileStatus: string
    fileFilterProfile: string
    fileFilterProfileStatus: string
    fosid: 0
    getAllTables: string
    host: string
    interface: string
    ipThreatfeedStatus: string
    ipThreatfeeds:
        - name: string
    ipsDosStatus: string
    ipsSensor: string
    ipsSensorStatus: string
    ipv6: string
    logtraffic: string
    maxPacketCount: 0
    nonIp: string
    port: string
    protocol: string
    scanBotnetConnections: string
    spamfilterProfile: string
    spamfilterProfileStatus: string
    status: string
    uuid: string
    vdomparam: string
    vlan: string
    webfilterProfile: string
    webfilterProfileStatus: string

Sniffer Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Sniffer resource accepts the following input properties:

Interface string: Interface name that traffic sniffing will take place on.
Anomalies List<Pulumiverse.Fortios.Firewall.Inputs.SnifferAnomaly>: Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of anomaly block is documented below.
ApplicationList string: Name of an existing application list.
ApplicationListStatus string: Enable/disable application control profile. Valid values: enable, disable.
AvProfile string: Name of an existing antivirus profile.
AvProfileStatus string: Enable/disable antivirus profile. Valid values: enable, disable.
CasbProfile string: Name of an existing CASB profile.
CasbProfileStatus string: Enable/disable CASB profile. Valid values: enable, disable.
DlpProfile string: Name of an existing DLP profile.
DlpProfileStatus string: Enable/disable DLP profile. Valid values: enable, disable.
DlpSensor string: Name of an existing DLP sensor.
DlpSensorStatus string: Enable/disable DLP sensor. Valid values: enable, disable.
Dsri string: Enable/disable DSRI. Valid values: enable, disable.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EmailfilterProfile string: Name of an existing email filter profile.
EmailfilterProfileStatus string: Enable/disable emailfilter. Valid values: enable, disable.
FileFilterProfile string: Name of an existing file-filter profile.
FileFilterProfileStatus string: Enable/disable file filter. Valid values: enable, disable.
Fosid int: Sniffer ID.
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
Host string: Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
IpThreatfeedStatus string: Enable/disable IP threat feed. Valid values: enable, disable.
IpThreatfeeds List<Pulumiverse.Fortios.Firewall.Inputs.SnifferIpThreatfeed>: Name of an existing IP threat feed. The structure of ip_threatfeed block is documented below.
IpsDosStatus string: Enable/disable IPS DoS anomaly detection. Valid values: enable, disable.
IpsSensor string: Name of an existing IPS sensor.
IpsSensorStatus string: Enable/disable IPS sensor. Valid values: enable, disable.
Ipv6 string: Enable/disable sniffing IPv6 packets. Valid values: enable, disable.
Logtraffic string: Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values: all, utm, disable.
MaxPacketCount int: Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.14, 7.0.1-7.0.13: 1 - 1000000, default = 4000.
NonIp string: Enable/disable sniffing non-IP packets. Valid values: enable, disable.
Port string: Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
Protocol string: Integer value for the protocol type as defined by IANA (0 - 255).
ScanBotnetConnections string: Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
SpamfilterProfile string: Name of an existing spam filter profile.
SpamfilterProfileStatus string: Enable/disable spam filter. Valid values: enable, disable.
Status string: Enable/disable the active status of the sniffer. Valid values: enable, disable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Vlan string: List of VLANs to sniff.
WebfilterProfile string: Name of an existing web filter profile.
WebfilterProfileStatus string: Enable/disable web filter profile. Valid values: enable, disable.

Interface string: Interface name that traffic sniffing will take place on.
Anomalies []SnifferAnomalyArgs: Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of anomaly block is documented below.
ApplicationList string: Name of an existing application list.
ApplicationListStatus string: Enable/disable application control profile. Valid values: enable, disable.
AvProfile string: Name of an existing antivirus profile.
AvProfileStatus string: Enable/disable antivirus profile. Valid values: enable, disable.
CasbProfile string: Name of an existing CASB profile.
CasbProfileStatus string: Enable/disable CASB profile. Valid values: enable, disable.
DlpProfile string: Name of an existing DLP profile.
DlpProfileStatus string: Enable/disable DLP profile. Valid values: enable, disable.
DlpSensor string: Name of an existing DLP sensor.
DlpSensorStatus string: Enable/disable DLP sensor. Valid values: enable, disable.
Dsri string: Enable/disable DSRI. Valid values: enable, disable.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EmailfilterProfile string: Name of an existing email filter profile.
EmailfilterProfileStatus string: Enable/disable emailfilter. Valid values: enable, disable.
FileFilterProfile string: Name of an existing file-filter profile.
FileFilterProfileStatus string: Enable/disable file filter. Valid values: enable, disable.
Fosid int: Sniffer ID.
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
Host string: Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
IpThreatfeedStatus string: Enable/disable IP threat feed. Valid values: enable, disable.
IpThreatfeeds []SnifferIpThreatfeedArgs: Name of an existing IP threat feed. The structure of ip_threatfeed block is documented below.
IpsDosStatus string: Enable/disable IPS DoS anomaly detection. Valid values: enable, disable.
IpsSensor string: Name of an existing IPS sensor.
IpsSensorStatus string: Enable/disable IPS sensor. Valid values: enable, disable.
Ipv6 string: Enable/disable sniffing IPv6 packets. Valid values: enable, disable.
Logtraffic string: Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values: all, utm, disable.
MaxPacketCount int: Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.14, 7.0.1-7.0.13: 1 - 1000000, default = 4000.
NonIp string: Enable/disable sniffing non-IP packets. Valid values: enable, disable.
Port string: Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
Protocol string: Integer value for the protocol type as defined by IANA (0 - 255).
ScanBotnetConnections string: Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
SpamfilterProfile string: Name of an existing spam filter profile.
SpamfilterProfileStatus string: Enable/disable spam filter. Valid values: enable, disable.
Status string: Enable/disable the active status of the sniffer. Valid values: enable, disable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Vlan string: List of VLANs to sniff.
WebfilterProfile string: Name of an existing web filter profile.
WebfilterProfileStatus string: Enable/disable web filter profile. Valid values: enable, disable.

interface_ String: Interface name that traffic sniffing will take place on.
anomalies List<SnifferAnomaly>: Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of anomaly block is documented below.
applicationList String: Name of an existing application list.
applicationListStatus String: Enable/disable application control profile. Valid values: enable, disable.
avProfile String: Name of an existing antivirus profile.
avProfileStatus String: Enable/disable antivirus profile. Valid values: enable, disable.
casbProfile String: Name of an existing CASB profile.
casbProfileStatus String: Enable/disable CASB profile. Valid values: enable, disable.
dlpProfile String: Name of an existing DLP profile.
dlpProfileStatus String: Enable/disable DLP profile. Valid values: enable, disable.
dlpSensor String: Name of an existing DLP sensor.
dlpSensorStatus String: Enable/disable DLP sensor. Valid values: enable, disable.
dsri String: Enable/disable DSRI. Valid values: enable, disable.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
emailfilterProfile String: Name of an existing email filter profile.
emailfilterProfileStatus String: Enable/disable emailfilter. Valid values: enable, disable.
fileFilterProfile String: Name of an existing file-filter profile.
fileFilterProfileStatus String: Enable/disable file filter. Valid values: enable, disable.
fosid Integer: Sniffer ID.
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
host String: Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
ipThreatfeedStatus String: Enable/disable IP threat feed. Valid values: enable, disable.
ipThreatfeeds List<SnifferIpThreatfeed>: Name of an existing IP threat feed. The structure of ip_threatfeed block is documented below.
ipsDosStatus String: Enable/disable IPS DoS anomaly detection. Valid values: enable, disable.
ipsSensor String: Name of an existing IPS sensor.
ipsSensorStatus String: Enable/disable IPS sensor. Valid values: enable, disable.
ipv6 String: Enable/disable sniffing IPv6 packets. Valid values: enable, disable.
logtraffic String: Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values: all, utm, disable.
maxPacketCount Integer: Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.14, 7.0.1-7.0.13: 1 - 1000000, default = 4000.
nonIp String: Enable/disable sniffing non-IP packets. Valid values: enable, disable.
port String: Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
protocol String: Integer value for the protocol type as defined by IANA (0 - 255).
scanBotnetConnections String: Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
spamfilterProfile String: Name of an existing spam filter profile.
spamfilterProfileStatus String: Enable/disable spam filter. Valid values: enable, disable.
status String: Enable/disable the active status of the sniffer. Valid values: enable, disable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
vlan String: List of VLANs to sniff.
webfilterProfile String: Name of an existing web filter profile.
webfilterProfileStatus String: Enable/disable web filter profile. Valid values: enable, disable.

interface string: Interface name that traffic sniffing will take place on.
anomalies SnifferAnomaly[]: Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of anomaly block is documented below.
applicationList string: Name of an existing application list.
applicationListStatus string: Enable/disable application control profile. Valid values: enable, disable.
avProfile string: Name of an existing antivirus profile.
avProfileStatus string: Enable/disable antivirus profile. Valid values: enable, disable.
casbProfile string: Name of an existing CASB profile.
casbProfileStatus string: Enable/disable CASB profile. Valid values: enable, disable.
dlpProfile string: Name of an existing DLP profile.
dlpProfileStatus string: Enable/disable DLP profile. Valid values: enable, disable.
dlpSensor string: Name of an existing DLP sensor.
dlpSensorStatus string: Enable/disable DLP sensor. Valid values: enable, disable.
dsri string: Enable/disable DSRI. Valid values: enable, disable.
dynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
emailfilterProfile string: Name of an existing email filter profile.
emailfilterProfileStatus string: Enable/disable emailfilter. Valid values: enable, disable.
fileFilterProfile string: Name of an existing file-filter profile.
fileFilterProfileStatus string: Enable/disable file filter. Valid values: enable, disable.
fosid number: Sniffer ID.
getAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
host string: Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
ipThreatfeedStatus string: Enable/disable IP threat feed. Valid values: enable, disable.
ipThreatfeeds SnifferIpThreatfeed[]: Name of an existing IP threat feed. The structure of ip_threatfeed block is documented below.
ipsDosStatus string: Enable/disable IPS DoS anomaly detection. Valid values: enable, disable.
ipsSensor string: Name of an existing IPS sensor.
ipsSensorStatus string: Enable/disable IPS sensor. Valid values: enable, disable.
ipv6 string: Enable/disable sniffing IPv6 packets. Valid values: enable, disable.
logtraffic string: Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values: all, utm, disable.
maxPacketCount number: Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.14, 7.0.1-7.0.13: 1 - 1000000, default = 4000.
nonIp string: Enable/disable sniffing non-IP packets. Valid values: enable, disable.
port string: Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
protocol string: Integer value for the protocol type as defined by IANA (0 - 255).
scanBotnetConnections string: Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
spamfilterProfile string: Name of an existing spam filter profile.
spamfilterProfileStatus string: Enable/disable spam filter. Valid values: enable, disable.
status string: Enable/disable the active status of the sniffer. Valid values: enable, disable.
uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
vlan string: List of VLANs to sniff.
webfilterProfile string: Name of an existing web filter profile.
webfilterProfileStatus string: Enable/disable web filter profile. Valid values: enable, disable.

interface str: Interface name that traffic sniffing will take place on.
anomalies Sequence[SnifferAnomalyArgs]: Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of anomaly block is documented below.
application_list str: Name of an existing application list.
application_list_status str: Enable/disable application control profile. Valid values: enable, disable.
av_profile str: Name of an existing antivirus profile.
av_profile_status str: Enable/disable antivirus profile. Valid values: enable, disable.
casb_profile str: Name of an existing CASB profile.
casb_profile_status str: Enable/disable CASB profile. Valid values: enable, disable.
dlp_profile str: Name of an existing DLP profile.
dlp_profile_status str: Enable/disable DLP profile. Valid values: enable, disable.
dlp_sensor str: Name of an existing DLP sensor.
dlp_sensor_status str: Enable/disable DLP sensor. Valid values: enable, disable.
dsri str: Enable/disable DSRI. Valid values: enable, disable.
dynamic_sort_subtable str: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
emailfilter_profile str: Name of an existing email filter profile.
emailfilter_profile_status str: Enable/disable emailfilter. Valid values: enable, disable.
file_filter_profile str: Name of an existing file-filter profile.
file_filter_profile_status str: Enable/disable file filter. Valid values: enable, disable.
fosid int: Sniffer ID.
get_all_tables str: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
host str: Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
ip_threatfeed_status str: Enable/disable IP threat feed. Valid values: enable, disable.
ip_threatfeeds Sequence[SnifferIpThreatfeedArgs]: Name of an existing IP threat feed. The structure of ip_threatfeed block is documented below.
ips_dos_status str: Enable/disable IPS DoS anomaly detection. Valid values: enable, disable.
ips_sensor str: Name of an existing IPS sensor.
ips_sensor_status str: Enable/disable IPS sensor. Valid values: enable, disable.
ipv6 str: Enable/disable sniffing IPv6 packets. Valid values: enable, disable.
logtraffic str: Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values: all, utm, disable.
max_packet_count int: Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.14, 7.0.1-7.0.13: 1 - 1000000, default = 4000.
non_ip str: Enable/disable sniffing non-IP packets. Valid values: enable, disable.
port str: Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
protocol str: Integer value for the protocol type as defined by IANA (0 - 255).
scan_botnet_connections str: Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
spamfilter_profile str: Name of an existing spam filter profile.
spamfilter_profile_status str: Enable/disable spam filter. Valid values: enable, disable.
status str: Enable/disable the active status of the sniffer. Valid values: enable, disable.
uuid str: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
vlan str: List of VLANs to sniff.
webfilter_profile str: Name of an existing web filter profile.
webfilter_profile_status str: Enable/disable web filter profile. Valid values: enable, disable.

interface String: Interface name that traffic sniffing will take place on.
anomalies List<Property Map>: Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of anomaly block is documented below.
applicationList String: Name of an existing application list.
applicationListStatus String: Enable/disable application control profile. Valid values: enable, disable.
avProfile String: Name of an existing antivirus profile.
avProfileStatus String: Enable/disable antivirus profile. Valid values: enable, disable.
casbProfile String: Name of an existing CASB profile.
casbProfileStatus String: Enable/disable CASB profile. Valid values: enable, disable.
dlpProfile String: Name of an existing DLP profile.
dlpProfileStatus String: Enable/disable DLP profile. Valid values: enable, disable.
dlpSensor String: Name of an existing DLP sensor.
dlpSensorStatus String: Enable/disable DLP sensor. Valid values: enable, disable.
dsri String: Enable/disable DSRI. Valid values: enable, disable.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
emailfilterProfile String: Name of an existing email filter profile.
emailfilterProfileStatus String: Enable/disable emailfilter. Valid values: enable, disable.
fileFilterProfile String: Name of an existing file-filter profile.
fileFilterProfileStatus String: Enable/disable file filter. Valid values: enable, disable.
fosid Number: Sniffer ID.
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
host String: Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
ipThreatfeedStatus String: Enable/disable IP threat feed. Valid values: enable, disable.
ipThreatfeeds List<Property Map>: Name of an existing IP threat feed. The structure of ip_threatfeed block is documented below.
ipsDosStatus String: Enable/disable IPS DoS anomaly detection. Valid values: enable, disable.
ipsSensor String: Name of an existing IPS sensor.
ipsSensorStatus String: Enable/disable IPS sensor. Valid values: enable, disable.
ipv6 String: Enable/disable sniffing IPv6 packets. Valid values: enable, disable.
logtraffic String: Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values: all, utm, disable.
maxPacketCount Number: Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.14, 7.0.1-7.0.13: 1 - 1000000, default = 4000.
nonIp String: Enable/disable sniffing non-IP packets. Valid values: enable, disable.
port String: Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
protocol String: Integer value for the protocol type as defined by IANA (0 - 255).
scanBotnetConnections String: Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
spamfilterProfile String: Name of an existing spam filter profile.
spamfilterProfileStatus String: Enable/disable spam filter. Valid values: enable, disable.
status String: Enable/disable the active status of the sniffer. Valid values: enable, disable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
vlan String: List of VLANs to sniff.
webfilterProfile String: Name of an existing web filter profile.
webfilterProfileStatus String: Enable/disable web filter profile. Valid values: enable, disable.

Outputs

All input properties are implicitly available as output properties. Additionally, the Sniffer resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing Sniffer Resource

Get an existing Sniffer resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SnifferState, opts?: CustomResourceOptions): Sniffer

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        anomalies: Optional[Sequence[SnifferAnomalyArgs]] = None,
        application_list: Optional[str] = None,
        application_list_status: Optional[str] = None,
        av_profile: Optional[str] = None,
        av_profile_status: Optional[str] = None,
        casb_profile: Optional[str] = None,
        casb_profile_status: Optional[str] = None,
        dlp_profile: Optional[str] = None,
        dlp_profile_status: Optional[str] = None,
        dlp_sensor: Optional[str] = None,
        dlp_sensor_status: Optional[str] = None,
        dsri: Optional[str] = None,
        dynamic_sort_subtable: Optional[str] = None,
        emailfilter_profile: Optional[str] = None,
        emailfilter_profile_status: Optional[str] = None,
        file_filter_profile: Optional[str] = None,
        file_filter_profile_status: Optional[str] = None,
        fosid: Optional[int] = None,
        get_all_tables: Optional[str] = None,
        host: Optional[str] = None,
        interface: Optional[str] = None,
        ip_threatfeed_status: Optional[str] = None,
        ip_threatfeeds: Optional[Sequence[SnifferIpThreatfeedArgs]] = None,
        ips_dos_status: Optional[str] = None,
        ips_sensor: Optional[str] = None,
        ips_sensor_status: Optional[str] = None,
        ipv6: Optional[str] = None,
        logtraffic: Optional[str] = None,
        max_packet_count: Optional[int] = None,
        non_ip: Optional[str] = None,
        port: Optional[str] = None,
        protocol: Optional[str] = None,
        scan_botnet_connections: Optional[str] = None,
        spamfilter_profile: Optional[str] = None,
        spamfilter_profile_status: Optional[str] = None,
        status: Optional[str] = None,
        uuid: Optional[str] = None,
        vdomparam: Optional[str] = None,
        vlan: Optional[str] = None,
        webfilter_profile: Optional[str] = None,
        webfilter_profile_status: Optional[str] = None) -> Sniffer

func GetSniffer(ctx *Context, name string, id IDInput, state *SnifferState, opts ...ResourceOption) (*Sniffer, error)

public static Sniffer Get(string name, Input<string> id, SnifferState? state, CustomResourceOptions? opts = null)

public static Sniffer get(String name, Output<String> id, SnifferState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Anomalies List<Pulumiverse.Fortios.Firewall.Inputs.SnifferAnomaly>: Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of anomaly block is documented below.
ApplicationList string: Name of an existing application list.
ApplicationListStatus string: Enable/disable application control profile. Valid values: enable, disable.
AvProfile string: Name of an existing antivirus profile.
AvProfileStatus string: Enable/disable antivirus profile. Valid values: enable, disable.
CasbProfile string: Name of an existing CASB profile.
CasbProfileStatus string: Enable/disable CASB profile. Valid values: enable, disable.
DlpProfile string: Name of an existing DLP profile.
DlpProfileStatus string: Enable/disable DLP profile. Valid values: enable, disable.
DlpSensor string: Name of an existing DLP sensor.
DlpSensorStatus string: Enable/disable DLP sensor. Valid values: enable, disable.
Dsri string: Enable/disable DSRI. Valid values: enable, disable.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EmailfilterProfile string: Name of an existing email filter profile.
EmailfilterProfileStatus string: Enable/disable emailfilter. Valid values: enable, disable.
FileFilterProfile string: Name of an existing file-filter profile.
FileFilterProfileStatus string: Enable/disable file filter. Valid values: enable, disable.
Fosid int: Sniffer ID.
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
Host string: Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
Interface string: Interface name that traffic sniffing will take place on.
IpThreatfeedStatus string: Enable/disable IP threat feed. Valid values: enable, disable.
IpThreatfeeds List<Pulumiverse.Fortios.Firewall.Inputs.SnifferIpThreatfeed>: Name of an existing IP threat feed. The structure of ip_threatfeed block is documented below.
IpsDosStatus string: Enable/disable IPS DoS anomaly detection. Valid values: enable, disable.
IpsSensor string: Name of an existing IPS sensor.
IpsSensorStatus string: Enable/disable IPS sensor. Valid values: enable, disable.
Ipv6 string: Enable/disable sniffing IPv6 packets. Valid values: enable, disable.
Logtraffic string: Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values: all, utm, disable.
MaxPacketCount int: Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.14, 7.0.1-7.0.13: 1 - 1000000, default = 4000.
NonIp string: Enable/disable sniffing non-IP packets. Valid values: enable, disable.
Port string: Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
Protocol string: Integer value for the protocol type as defined by IANA (0 - 255).
ScanBotnetConnections string: Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
SpamfilterProfile string: Name of an existing spam filter profile.
SpamfilterProfileStatus string: Enable/disable spam filter. Valid values: enable, disable.
Status string: Enable/disable the active status of the sniffer. Valid values: enable, disable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Vlan string: List of VLANs to sniff.
WebfilterProfile string: Name of an existing web filter profile.
WebfilterProfileStatus string: Enable/disable web filter profile. Valid values: enable, disable.

Anomalies []SnifferAnomalyArgs: Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of anomaly block is documented below.
ApplicationList string: Name of an existing application list.
ApplicationListStatus string: Enable/disable application control profile. Valid values: enable, disable.
AvProfile string: Name of an existing antivirus profile.
AvProfileStatus string: Enable/disable antivirus profile. Valid values: enable, disable.
CasbProfile string: Name of an existing CASB profile.
CasbProfileStatus string: Enable/disable CASB profile. Valid values: enable, disable.
DlpProfile string: Name of an existing DLP profile.
DlpProfileStatus string: Enable/disable DLP profile. Valid values: enable, disable.
DlpSensor string: Name of an existing DLP sensor.
DlpSensorStatus string: Enable/disable DLP sensor. Valid values: enable, disable.
Dsri string: Enable/disable DSRI. Valid values: enable, disable.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EmailfilterProfile string: Name of an existing email filter profile.
EmailfilterProfileStatus string: Enable/disable emailfilter. Valid values: enable, disable.
FileFilterProfile string: Name of an existing file-filter profile.
FileFilterProfileStatus string: Enable/disable file filter. Valid values: enable, disable.
Fosid int: Sniffer ID.
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
Host string: Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
Interface string: Interface name that traffic sniffing will take place on.
IpThreatfeedStatus string: Enable/disable IP threat feed. Valid values: enable, disable.
IpThreatfeeds []SnifferIpThreatfeedArgs: Name of an existing IP threat feed. The structure of ip_threatfeed block is documented below.
IpsDosStatus string: Enable/disable IPS DoS anomaly detection. Valid values: enable, disable.
IpsSensor string: Name of an existing IPS sensor.
IpsSensorStatus string: Enable/disable IPS sensor. Valid values: enable, disable.
Ipv6 string: Enable/disable sniffing IPv6 packets. Valid values: enable, disable.
Logtraffic string: Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values: all, utm, disable.
MaxPacketCount int: Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.14, 7.0.1-7.0.13: 1 - 1000000, default = 4000.
NonIp string: Enable/disable sniffing non-IP packets. Valid values: enable, disable.
Port string: Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
Protocol string: Integer value for the protocol type as defined by IANA (0 - 255).
ScanBotnetConnections string: Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
SpamfilterProfile string: Name of an existing spam filter profile.
SpamfilterProfileStatus string: Enable/disable spam filter. Valid values: enable, disable.
Status string: Enable/disable the active status of the sniffer. Valid values: enable, disable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Vlan string: List of VLANs to sniff.
WebfilterProfile string: Name of an existing web filter profile.
WebfilterProfileStatus string: Enable/disable web filter profile. Valid values: enable, disable.

anomalies List<SnifferAnomaly>: Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of anomaly block is documented below.
applicationList String: Name of an existing application list.
applicationListStatus String: Enable/disable application control profile. Valid values: enable, disable.
avProfile String: Name of an existing antivirus profile.
avProfileStatus String: Enable/disable antivirus profile. Valid values: enable, disable.
casbProfile String: Name of an existing CASB profile.
casbProfileStatus String: Enable/disable CASB profile. Valid values: enable, disable.
dlpProfile String: Name of an existing DLP profile.
dlpProfileStatus String: Enable/disable DLP profile. Valid values: enable, disable.
dlpSensor String: Name of an existing DLP sensor.
dlpSensorStatus String: Enable/disable DLP sensor. Valid values: enable, disable.
dsri String: Enable/disable DSRI. Valid values: enable, disable.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
emailfilterProfile String: Name of an existing email filter profile.
emailfilterProfileStatus String: Enable/disable emailfilter. Valid values: enable, disable.
fileFilterProfile String: Name of an existing file-filter profile.
fileFilterProfileStatus String: Enable/disable file filter. Valid values: enable, disable.
fosid Integer: Sniffer ID.
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
host String: Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
interface_ String: Interface name that traffic sniffing will take place on.
ipThreatfeedStatus String: Enable/disable IP threat feed. Valid values: enable, disable.
ipThreatfeeds List<SnifferIpThreatfeed>: Name of an existing IP threat feed. The structure of ip_threatfeed block is documented below.
ipsDosStatus String: Enable/disable IPS DoS anomaly detection. Valid values: enable, disable.
ipsSensor String: Name of an existing IPS sensor.
ipsSensorStatus String: Enable/disable IPS sensor. Valid values: enable, disable.
ipv6 String: Enable/disable sniffing IPv6 packets. Valid values: enable, disable.
logtraffic String: Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values: all, utm, disable.
maxPacketCount Integer: Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.14, 7.0.1-7.0.13: 1 - 1000000, default = 4000.
nonIp String: Enable/disable sniffing non-IP packets. Valid values: enable, disable.
port String: Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
protocol String: Integer value for the protocol type as defined by IANA (0 - 255).
scanBotnetConnections String: Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
spamfilterProfile String: Name of an existing spam filter profile.
spamfilterProfileStatus String: Enable/disable spam filter. Valid values: enable, disable.
status String: Enable/disable the active status of the sniffer. Valid values: enable, disable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
vlan String: List of VLANs to sniff.
webfilterProfile String: Name of an existing web filter profile.
webfilterProfileStatus String: Enable/disable web filter profile. Valid values: enable, disable.

anomalies SnifferAnomaly[]: Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of anomaly block is documented below.
applicationList string: Name of an existing application list.
applicationListStatus string: Enable/disable application control profile. Valid values: enable, disable.
avProfile string: Name of an existing antivirus profile.
avProfileStatus string: Enable/disable antivirus profile. Valid values: enable, disable.
casbProfile string: Name of an existing CASB profile.
casbProfileStatus string: Enable/disable CASB profile. Valid values: enable, disable.
dlpProfile string: Name of an existing DLP profile.
dlpProfileStatus string: Enable/disable DLP profile. Valid values: enable, disable.
dlpSensor string: Name of an existing DLP sensor.
dlpSensorStatus string: Enable/disable DLP sensor. Valid values: enable, disable.
dsri string: Enable/disable DSRI. Valid values: enable, disable.
dynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
emailfilterProfile string: Name of an existing email filter profile.
emailfilterProfileStatus string: Enable/disable emailfilter. Valid values: enable, disable.
fileFilterProfile string: Name of an existing file-filter profile.
fileFilterProfileStatus string: Enable/disable file filter. Valid values: enable, disable.
fosid number: Sniffer ID.
getAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
host string: Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
interface string: Interface name that traffic sniffing will take place on.
ipThreatfeedStatus string: Enable/disable IP threat feed. Valid values: enable, disable.
ipThreatfeeds SnifferIpThreatfeed[]: Name of an existing IP threat feed. The structure of ip_threatfeed block is documented below.
ipsDosStatus string: Enable/disable IPS DoS anomaly detection. Valid values: enable, disable.
ipsSensor string: Name of an existing IPS sensor.
ipsSensorStatus string: Enable/disable IPS sensor. Valid values: enable, disable.
ipv6 string: Enable/disable sniffing IPv6 packets. Valid values: enable, disable.
logtraffic string: Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values: all, utm, disable.
maxPacketCount number: Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.14, 7.0.1-7.0.13: 1 - 1000000, default = 4000.
nonIp string: Enable/disable sniffing non-IP packets. Valid values: enable, disable.
port string: Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
protocol string: Integer value for the protocol type as defined by IANA (0 - 255).
scanBotnetConnections string: Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
spamfilterProfile string: Name of an existing spam filter profile.
spamfilterProfileStatus string: Enable/disable spam filter. Valid values: enable, disable.
status string: Enable/disable the active status of the sniffer. Valid values: enable, disable.
uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
vlan string: List of VLANs to sniff.
webfilterProfile string: Name of an existing web filter profile.
webfilterProfileStatus string: Enable/disable web filter profile. Valid values: enable, disable.

anomalies Sequence[SnifferAnomalyArgs]: Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of anomaly block is documented below.
application_list str: Name of an existing application list.
application_list_status str: Enable/disable application control profile. Valid values: enable, disable.
av_profile str: Name of an existing antivirus profile.
av_profile_status str: Enable/disable antivirus profile. Valid values: enable, disable.
casb_profile str: Name of an existing CASB profile.
casb_profile_status str: Enable/disable CASB profile. Valid values: enable, disable.
dlp_profile str: Name of an existing DLP profile.
dlp_profile_status str: Enable/disable DLP profile. Valid values: enable, disable.
dlp_sensor str: Name of an existing DLP sensor.
dlp_sensor_status str: Enable/disable DLP sensor. Valid values: enable, disable.
dsri str: Enable/disable DSRI. Valid values: enable, disable.
dynamic_sort_subtable str: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
emailfilter_profile str: Name of an existing email filter profile.
emailfilter_profile_status str: Enable/disable emailfilter. Valid values: enable, disable.
file_filter_profile str: Name of an existing file-filter profile.
file_filter_profile_status str: Enable/disable file filter. Valid values: enable, disable.
fosid int: Sniffer ID.
get_all_tables str: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
host str: Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
interface str: Interface name that traffic sniffing will take place on.
ip_threatfeed_status str: Enable/disable IP threat feed. Valid values: enable, disable.
ip_threatfeeds Sequence[SnifferIpThreatfeedArgs]: Name of an existing IP threat feed. The structure of ip_threatfeed block is documented below.
ips_dos_status str: Enable/disable IPS DoS anomaly detection. Valid values: enable, disable.
ips_sensor str: Name of an existing IPS sensor.
ips_sensor_status str: Enable/disable IPS sensor. Valid values: enable, disable.
ipv6 str: Enable/disable sniffing IPv6 packets. Valid values: enable, disable.
logtraffic str: Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values: all, utm, disable.
max_packet_count int: Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.14, 7.0.1-7.0.13: 1 - 1000000, default = 4000.
non_ip str: Enable/disable sniffing non-IP packets. Valid values: enable, disable.
port str: Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
protocol str: Integer value for the protocol type as defined by IANA (0 - 255).
scan_botnet_connections str: Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
spamfilter_profile str: Name of an existing spam filter profile.
spamfilter_profile_status str: Enable/disable spam filter. Valid values: enable, disable.
status str: Enable/disable the active status of the sniffer. Valid values: enable, disable.
uuid str: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
vlan str: List of VLANs to sniff.
webfilter_profile str: Name of an existing web filter profile.
webfilter_profile_status str: Enable/disable web filter profile. Valid values: enable, disable.

anomalies List<Property Map>: Configuration method to edit Denial of Service (DoS) anomaly settings. The structure of anomaly block is documented below.
applicationList String: Name of an existing application list.
applicationListStatus String: Enable/disable application control profile. Valid values: enable, disable.
avProfile String: Name of an existing antivirus profile.
avProfileStatus String: Enable/disable antivirus profile. Valid values: enable, disable.
casbProfile String: Name of an existing CASB profile.
casbProfileStatus String: Enable/disable CASB profile. Valid values: enable, disable.
dlpProfile String: Name of an existing DLP profile.
dlpProfileStatus String: Enable/disable DLP profile. Valid values: enable, disable.
dlpSensor String: Name of an existing DLP sensor.
dlpSensorStatus String: Enable/disable DLP sensor. Valid values: enable, disable.
dsri String: Enable/disable DSRI. Valid values: enable, disable.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
emailfilterProfile String: Name of an existing email filter profile.
emailfilterProfileStatus String: Enable/disable emailfilter. Valid values: enable, disable.
fileFilterProfile String: Name of an existing file-filter profile.
fileFilterProfileStatus String: Enable/disable file filter. Valid values: enable, disable.
fosid Number: Sniffer ID.
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
host String: Hosts to filter for in sniffer traffic (Format examples: 1.1.1.1, 2.2.2.0/24, 3.3.3.3/255.255.255.0, 4.4.4.0-4.4.4.240).
interface String: Interface name that traffic sniffing will take place on.
ipThreatfeedStatus String: Enable/disable IP threat feed. Valid values: enable, disable.
ipThreatfeeds List<Property Map>: Name of an existing IP threat feed. The structure of ip_threatfeed block is documented below.
ipsDosStatus String: Enable/disable IPS DoS anomaly detection. Valid values: enable, disable.
ipsSensor String: Name of an existing IPS sensor.
ipsSensorStatus String: Enable/disable IPS sensor. Valid values: enable, disable.
ipv6 String: Enable/disable sniffing IPv6 packets. Valid values: enable, disable.
logtraffic String: Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy. Valid values: all, utm, disable.
maxPacketCount Number: Maximum packet count. On FortiOS versions 6.2.0: 1 - 1000000, default = 10000. On FortiOS versions 6.2.4-6.4.2, 7.0.0: 1 - 10000, default = 4000. On FortiOS versions 6.4.10-6.4.14, 7.0.1-7.0.13: 1 - 1000000, default = 4000.
nonIp String: Enable/disable sniffing non-IP packets. Valid values: enable, disable.
port String: Ports to sniff (Format examples: 10, :20, 30:40, 50-, 100-200).
protocol String: Integer value for the protocol type as defined by IANA (0 - 255).
scanBotnetConnections String: Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
spamfilterProfile String: Name of an existing spam filter profile.
spamfilterProfileStatus String: Enable/disable spam filter. Valid values: enable, disable.
status String: Enable/disable the active status of the sniffer. Valid values: enable, disable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
vlan String: List of VLANs to sniff.
webfilterProfile String: Name of an existing web filter profile.
webfilterProfileStatus String: Enable/disable web filter profile. Valid values: enable, disable.

Supporting Types

SnifferAnomaly, SnifferAnomalyArgs

Action string: Action taken when the threshold is reached.
Log string: Enable/disable anomaly logging. Valid values: enable, disable.
Name string: Anomaly name.
Quarantine string: Quarantine method. Valid values: none, attacker.
QuarantineExpiry string: Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
QuarantineLog string: Enable/disable quarantine logging. Valid values: disable, enable.
Status string: Enable/disable this anomaly. Valid values: disable, enable.
Threshold int: Anomaly threshold. Number of detected instances that triggers the anomaly action. On FortiOS versions 6.2.0-6.4.2, 7.0.0-7.0.5, 7.2.0: packets per minute. On FortiOS versions 6.4.10-6.4.14, 7.0.6-7.0.13, >= 7.2.1: packets per second or concurrent session number.
Thresholddefault int: Number of detected instances (packets per second or concurrent session number) which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.

Action string: Action taken when the threshold is reached.
Log string: Enable/disable anomaly logging. Valid values: enable, disable.
Name string: Anomaly name.
Quarantine string: Quarantine method. Valid values: none, attacker.
QuarantineExpiry string: Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
QuarantineLog string: Enable/disable quarantine logging. Valid values: disable, enable.
Status string: Enable/disable this anomaly. Valid values: disable, enable.
Threshold int: Anomaly threshold. Number of detected instances that triggers the anomaly action. On FortiOS versions 6.2.0-6.4.2, 7.0.0-7.0.5, 7.2.0: packets per minute. On FortiOS versions 6.4.10-6.4.14, 7.0.6-7.0.13, >= 7.2.1: packets per second or concurrent session number.
Thresholddefault int: Number of detected instances (packets per second or concurrent session number) which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.

action String: Action taken when the threshold is reached.
log String: Enable/disable anomaly logging. Valid values: enable, disable.
name String: Anomaly name.
quarantine String: Quarantine method. Valid values: none, attacker.
quarantineExpiry String: Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
quarantineLog String: Enable/disable quarantine logging. Valid values: disable, enable.
status String: Enable/disable this anomaly. Valid values: disable, enable.
threshold Integer: Anomaly threshold. Number of detected instances that triggers the anomaly action. On FortiOS versions 6.2.0-6.4.2, 7.0.0-7.0.5, 7.2.0: packets per minute. On FortiOS versions 6.4.10-6.4.14, 7.0.6-7.0.13, >= 7.2.1: packets per second or concurrent session number.
thresholddefault Integer: Number of detected instances (packets per second or concurrent session number) which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.

action string: Action taken when the threshold is reached.
log string: Enable/disable anomaly logging. Valid values: enable, disable.
name string: Anomaly name.
quarantine string: Quarantine method. Valid values: none, attacker.
quarantineExpiry string: Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
quarantineLog string: Enable/disable quarantine logging. Valid values: disable, enable.
status string: Enable/disable this anomaly. Valid values: disable, enable.
threshold number: Anomaly threshold. Number of detected instances that triggers the anomaly action. On FortiOS versions 6.2.0-6.4.2, 7.0.0-7.0.5, 7.2.0: packets per minute. On FortiOS versions 6.4.10-6.4.14, 7.0.6-7.0.13, >= 7.2.1: packets per second or concurrent session number.
thresholddefault number: Number of detected instances (packets per second or concurrent session number) which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.

action str: Action taken when the threshold is reached.
log str: Enable/disable anomaly logging. Valid values: enable, disable.
name str: Anomaly name.
quarantine str: Quarantine method. Valid values: none, attacker.
quarantine_expiry str: Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
quarantine_log str: Enable/disable quarantine logging. Valid values: disable, enable.
status str: Enable/disable this anomaly. Valid values: disable, enable.
threshold int: Anomaly threshold. Number of detected instances that triggers the anomaly action. On FortiOS versions 6.2.0-6.4.2, 7.0.0-7.0.5, 7.2.0: packets per minute. On FortiOS versions 6.4.10-6.4.14, 7.0.6-7.0.13, >= 7.2.1: packets per second or concurrent session number.
thresholddefault int: Number of detected instances (packets per second or concurrent session number) which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.

action String: Action taken when the threshold is reached.
log String: Enable/disable anomaly logging. Valid values: enable, disable.
name String: Anomaly name.
quarantine String: Quarantine method. Valid values: none, attacker.
quarantineExpiry String: Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
quarantineLog String: Enable/disable quarantine logging. Valid values: disable, enable.
status String: Enable/disable this anomaly. Valid values: disable, enable.
threshold Number: Anomaly threshold. Number of detected instances that triggers the anomaly action. On FortiOS versions 6.2.0-6.4.2, 7.0.0-7.0.5, 7.2.0: packets per minute. On FortiOS versions 6.4.10-6.4.14, 7.0.6-7.0.13, >= 7.2.1: packets per second or concurrent session number.
thresholddefault Number: Number of detected instances (packets per second or concurrent session number) which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.

SnifferIpThreatfeed, SnifferIpThreatfeedArgs

Name string: Threat feed name.

Name string: Threat feed name.

name String: Threat feed name.

name string: Threat feed name.

name str: Threat feed name.

name String: Threat feed name.

Import

Firewall Sniffer can be imported using any of these accepted formats:

$ pulumi import fortios:firewall/sniffer:Sniffer labelname {{fosid}}

If you do not want to import arguments of block:

$ export “FORTIOS_IMPORT_TABLE”=“false”

$ pulumi import fortios:firewall/sniffer:Sniffer labelname {{fosid}}

$ unset “FORTIOS_IMPORT_TABLE”

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortios pulumiverse/pulumi-fortios
License: Apache-2.0
Notes: This Pulumi package is based on the fortios Terraform Provider.

Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

pulumiverse/pulumi-fortios

fortios.firewall.Sniffer

On this page

On this page

Example Usage

Create Sniffer Resource

Constructor syntax

Parameters

Constructor example

Sniffer Resource Properties

Inputs

Outputs

Look up Existing Sniffer Resource

Supporting Types

SnifferAnomaly, SnifferAnomalyArgs

SnifferIpThreatfeed, SnifferIpThreatfeedArgs

Import

Package Details

On this page

On this page