fortios.ips.Sensor
Explore with Pulumi AI
Configure IPS sensor.
Create Sensor Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Sensor(name: string, args?: SensorArgs, opts?: CustomResourceOptions);@overload
def Sensor(resource_name: str,
           args: Optional[SensorArgs] = None,
           opts: Optional[ResourceOptions] = None)
@overload
def Sensor(resource_name: str,
           opts: Optional[ResourceOptions] = None,
           block_malicious_url: Optional[str] = None,
           comment: Optional[str] = None,
           dynamic_sort_subtable: Optional[str] = None,
           entries: Optional[Sequence[SensorEntryArgs]] = None,
           extended_log: Optional[str] = None,
           filters: Optional[Sequence[SensorFilterArgs]] = None,
           get_all_tables: Optional[str] = None,
           name: Optional[str] = None,
           overrides: Optional[Sequence[SensorOverrideArgs]] = None,
           replacemsg_group: Optional[str] = None,
           scan_botnet_connections: Optional[str] = None,
           vdomparam: Optional[str] = None)func NewSensor(ctx *Context, name string, args *SensorArgs, opts ...ResourceOption) (*Sensor, error)public Sensor(string name, SensorArgs? args = null, CustomResourceOptions? opts = null)
public Sensor(String name, SensorArgs args)
public Sensor(String name, SensorArgs args, CustomResourceOptions options)
type: fortios:ips:Sensor
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SensorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SensorArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SensorArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SensorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SensorArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var fortiosSensorResource = new Fortios.Ips.Sensor("fortiosSensorResource", new()
{
    BlockMaliciousUrl = "string",
    Comment = "string",
    DynamicSortSubtable = "string",
    Entries = new[]
    {
        new Fortios.Ips.Inputs.SensorEntryArgs
        {
            Action = "string",
            Application = "string",
            Cves = new[]
            {
                new Fortios.Ips.Inputs.SensorEntryCfeArgs
                {
                    CveEntry = "string",
                },
            },
            DefaultAction = "string",
            DefaultStatus = "string",
            ExemptIps = new[]
            {
                new Fortios.Ips.Inputs.SensorEntryExemptIpArgs
                {
                    DstIp = "string",
                    Id = 0,
                    SrcIp = "string",
                },
            },
            Id = 0,
            LastModified = "string",
            Location = "string",
            Log = "string",
            LogAttackContext = "string",
            LogPacket = "string",
            Os = "string",
            Protocol = "string",
            Quarantine = "string",
            QuarantineExpiry = "string",
            QuarantineLog = "string",
            RateCount = 0,
            RateDuration = 0,
            RateMode = "string",
            RateTrack = "string",
            Rules = new[]
            {
                new Fortios.Ips.Inputs.SensorEntryRuleArgs
                {
                    Id = 0,
                },
            },
            Severity = "string",
            Status = "string",
            VulnTypes = new[]
            {
                new Fortios.Ips.Inputs.SensorEntryVulnTypeArgs
                {
                    Id = 0,
                },
            },
        },
    },
    ExtendedLog = "string",
    Filters = new[]
    {
        new Fortios.Ips.Inputs.SensorFilterArgs
        {
            Action = "string",
            Application = "string",
            Location = "string",
            Log = "string",
            LogPacket = "string",
            Name = "string",
            Os = "string",
            Protocol = "string",
            Quarantine = "string",
            QuarantineExpiry = 0,
            QuarantineLog = "string",
            Severity = "string",
            Status = "string",
        },
    },
    GetAllTables = "string",
    Name = "string",
    Overrides = new[]
    {
        new Fortios.Ips.Inputs.SensorOverrideArgs
        {
            Action = "string",
            ExemptIps = new[]
            {
                new Fortios.Ips.Inputs.SensorOverrideExemptIpArgs
                {
                    DstIp = "string",
                    Id = 0,
                    SrcIp = "string",
                },
            },
            Log = "string",
            LogPacket = "string",
            Quarantine = "string",
            QuarantineExpiry = 0,
            QuarantineLog = "string",
            RuleId = 0,
            Status = "string",
        },
    },
    ReplacemsgGroup = "string",
    ScanBotnetConnections = "string",
    Vdomparam = "string",
});
example, err := ips.NewSensor(ctx, "fortiosSensorResource", &ips.SensorArgs{
	BlockMaliciousUrl:   pulumi.String("string"),
	Comment:             pulumi.String("string"),
	DynamicSortSubtable: pulumi.String("string"),
	Entries: ips.SensorEntryArray{
		&ips.SensorEntryArgs{
			Action:      pulumi.String("string"),
			Application: pulumi.String("string"),
			Cves: ips.SensorEntryCfeArray{
				&ips.SensorEntryCfeArgs{
					CveEntry: pulumi.String("string"),
				},
			},
			DefaultAction: pulumi.String("string"),
			DefaultStatus: pulumi.String("string"),
			ExemptIps: ips.SensorEntryExemptIpArray{
				&ips.SensorEntryExemptIpArgs{
					DstIp: pulumi.String("string"),
					Id:    pulumi.Int(0),
					SrcIp: pulumi.String("string"),
				},
			},
			Id:               pulumi.Int(0),
			LastModified:     pulumi.String("string"),
			Location:         pulumi.String("string"),
			Log:              pulumi.String("string"),
			LogAttackContext: pulumi.String("string"),
			LogPacket:        pulumi.String("string"),
			Os:               pulumi.String("string"),
			Protocol:         pulumi.String("string"),
			Quarantine:       pulumi.String("string"),
			QuarantineExpiry: pulumi.String("string"),
			QuarantineLog:    pulumi.String("string"),
			RateCount:        pulumi.Int(0),
			RateDuration:     pulumi.Int(0),
			RateMode:         pulumi.String("string"),
			RateTrack:        pulumi.String("string"),
			Rules: ips.SensorEntryRuleArray{
				&ips.SensorEntryRuleArgs{
					Id: pulumi.Int(0),
				},
			},
			Severity: pulumi.String("string"),
			Status:   pulumi.String("string"),
			VulnTypes: ips.SensorEntryVulnTypeArray{
				&ips.SensorEntryVulnTypeArgs{
					Id: pulumi.Int(0),
				},
			},
		},
	},
	ExtendedLog: pulumi.String("string"),
	Filters: ips.SensorFilterArray{
		&ips.SensorFilterArgs{
			Action:           pulumi.String("string"),
			Application:      pulumi.String("string"),
			Location:         pulumi.String("string"),
			Log:              pulumi.String("string"),
			LogPacket:        pulumi.String("string"),
			Name:             pulumi.String("string"),
			Os:               pulumi.String("string"),
			Protocol:         pulumi.String("string"),
			Quarantine:       pulumi.String("string"),
			QuarantineExpiry: pulumi.Int(0),
			QuarantineLog:    pulumi.String("string"),
			Severity:         pulumi.String("string"),
			Status:           pulumi.String("string"),
		},
	},
	GetAllTables: pulumi.String("string"),
	Name:         pulumi.String("string"),
	Overrides: ips.SensorOverrideArray{
		&ips.SensorOverrideArgs{
			Action: pulumi.String("string"),
			ExemptIps: ips.SensorOverrideExemptIpArray{
				&ips.SensorOverrideExemptIpArgs{
					DstIp: pulumi.String("string"),
					Id:    pulumi.Int(0),
					SrcIp: pulumi.String("string"),
				},
			},
			Log:              pulumi.String("string"),
			LogPacket:        pulumi.String("string"),
			Quarantine:       pulumi.String("string"),
			QuarantineExpiry: pulumi.Int(0),
			QuarantineLog:    pulumi.String("string"),
			RuleId:           pulumi.Int(0),
			Status:           pulumi.String("string"),
		},
	},
	ReplacemsgGroup:       pulumi.String("string"),
	ScanBotnetConnections: pulumi.String("string"),
	Vdomparam:             pulumi.String("string"),
})
var fortiosSensorResource = new com.pulumiverse.fortios.ips.Sensor("fortiosSensorResource", com.pulumiverse.fortios.ips.SensorArgs.builder()
    .blockMaliciousUrl("string")
    .comment("string")
    .dynamicSortSubtable("string")
    .entries(SensorEntryArgs.builder()
        .action("string")
        .application("string")
        .cves(SensorEntryCfeArgs.builder()
            .cveEntry("string")
            .build())
        .defaultAction("string")
        .defaultStatus("string")
        .exemptIps(SensorEntryExemptIpArgs.builder()
            .dstIp("string")
            .id(0)
            .srcIp("string")
            .build())
        .id(0)
        .lastModified("string")
        .location("string")
        .log("string")
        .logAttackContext("string")
        .logPacket("string")
        .os("string")
        .protocol("string")
        .quarantine("string")
        .quarantineExpiry("string")
        .quarantineLog("string")
        .rateCount(0)
        .rateDuration(0)
        .rateMode("string")
        .rateTrack("string")
        .rules(SensorEntryRuleArgs.builder()
            .id(0)
            .build())
        .severity("string")
        .status("string")
        .vulnTypes(SensorEntryVulnTypeArgs.builder()
            .id(0)
            .build())
        .build())
    .extendedLog("string")
    .filters(SensorFilterArgs.builder()
        .action("string")
        .application("string")
        .location("string")
        .log("string")
        .logPacket("string")
        .name("string")
        .os("string")
        .protocol("string")
        .quarantine("string")
        .quarantineExpiry(0)
        .quarantineLog("string")
        .severity("string")
        .status("string")
        .build())
    .getAllTables("string")
    .name("string")
    .overrides(SensorOverrideArgs.builder()
        .action("string")
        .exemptIps(SensorOverrideExemptIpArgs.builder()
            .dstIp("string")
            .id(0)
            .srcIp("string")
            .build())
        .log("string")
        .logPacket("string")
        .quarantine("string")
        .quarantineExpiry(0)
        .quarantineLog("string")
        .ruleId(0)
        .status("string")
        .build())
    .replacemsgGroup("string")
    .scanBotnetConnections("string")
    .vdomparam("string")
    .build());
fortios_sensor_resource = fortios.ips.Sensor("fortiosSensorResource",
    block_malicious_url="string",
    comment="string",
    dynamic_sort_subtable="string",
    entries=[{
        "action": "string",
        "application": "string",
        "cves": [{
            "cve_entry": "string",
        }],
        "default_action": "string",
        "default_status": "string",
        "exempt_ips": [{
            "dst_ip": "string",
            "id": 0,
            "src_ip": "string",
        }],
        "id": 0,
        "last_modified": "string",
        "location": "string",
        "log": "string",
        "log_attack_context": "string",
        "log_packet": "string",
        "os": "string",
        "protocol": "string",
        "quarantine": "string",
        "quarantine_expiry": "string",
        "quarantine_log": "string",
        "rate_count": 0,
        "rate_duration": 0,
        "rate_mode": "string",
        "rate_track": "string",
        "rules": [{
            "id": 0,
        }],
        "severity": "string",
        "status": "string",
        "vuln_types": [{
            "id": 0,
        }],
    }],
    extended_log="string",
    filters=[{
        "action": "string",
        "application": "string",
        "location": "string",
        "log": "string",
        "log_packet": "string",
        "name": "string",
        "os": "string",
        "protocol": "string",
        "quarantine": "string",
        "quarantine_expiry": 0,
        "quarantine_log": "string",
        "severity": "string",
        "status": "string",
    }],
    get_all_tables="string",
    name="string",
    overrides=[{
        "action": "string",
        "exempt_ips": [{
            "dst_ip": "string",
            "id": 0,
            "src_ip": "string",
        }],
        "log": "string",
        "log_packet": "string",
        "quarantine": "string",
        "quarantine_expiry": 0,
        "quarantine_log": "string",
        "rule_id": 0,
        "status": "string",
    }],
    replacemsg_group="string",
    scan_botnet_connections="string",
    vdomparam="string")
const fortiosSensorResource = new fortios.ips.Sensor("fortiosSensorResource", {
    blockMaliciousUrl: "string",
    comment: "string",
    dynamicSortSubtable: "string",
    entries: [{
        action: "string",
        application: "string",
        cves: [{
            cveEntry: "string",
        }],
        defaultAction: "string",
        defaultStatus: "string",
        exemptIps: [{
            dstIp: "string",
            id: 0,
            srcIp: "string",
        }],
        id: 0,
        lastModified: "string",
        location: "string",
        log: "string",
        logAttackContext: "string",
        logPacket: "string",
        os: "string",
        protocol: "string",
        quarantine: "string",
        quarantineExpiry: "string",
        quarantineLog: "string",
        rateCount: 0,
        rateDuration: 0,
        rateMode: "string",
        rateTrack: "string",
        rules: [{
            id: 0,
        }],
        severity: "string",
        status: "string",
        vulnTypes: [{
            id: 0,
        }],
    }],
    extendedLog: "string",
    filters: [{
        action: "string",
        application: "string",
        location: "string",
        log: "string",
        logPacket: "string",
        name: "string",
        os: "string",
        protocol: "string",
        quarantine: "string",
        quarantineExpiry: 0,
        quarantineLog: "string",
        severity: "string",
        status: "string",
    }],
    getAllTables: "string",
    name: "string",
    overrides: [{
        action: "string",
        exemptIps: [{
            dstIp: "string",
            id: 0,
            srcIp: "string",
        }],
        log: "string",
        logPacket: "string",
        quarantine: "string",
        quarantineExpiry: 0,
        quarantineLog: "string",
        ruleId: 0,
        status: "string",
    }],
    replacemsgGroup: "string",
    scanBotnetConnections: "string",
    vdomparam: "string",
});
type: fortios:ips:Sensor
properties:
    blockMaliciousUrl: string
    comment: string
    dynamicSortSubtable: string
    entries:
        - action: string
          application: string
          cves:
            - cveEntry: string
          defaultAction: string
          defaultStatus: string
          exemptIps:
            - dstIp: string
              id: 0
              srcIp: string
          id: 0
          lastModified: string
          location: string
          log: string
          logAttackContext: string
          logPacket: string
          os: string
          protocol: string
          quarantine: string
          quarantineExpiry: string
          quarantineLog: string
          rateCount: 0
          rateDuration: 0
          rateMode: string
          rateTrack: string
          rules:
            - id: 0
          severity: string
          status: string
          vulnTypes:
            - id: 0
    extendedLog: string
    filters:
        - action: string
          application: string
          location: string
          log: string
          logPacket: string
          name: string
          os: string
          protocol: string
          quarantine: string
          quarantineExpiry: 0
          quarantineLog: string
          severity: string
          status: string
    getAllTables: string
    name: string
    overrides:
        - action: string
          exemptIps:
            - dstIp: string
              id: 0
              srcIp: string
          log: string
          logPacket: string
          quarantine: string
          quarantineExpiry: 0
          quarantineLog: string
          ruleId: 0
          status: string
    replacemsgGroup: string
    scanBotnetConnections: string
    vdomparam: string
Sensor Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Sensor resource accepts the following input properties:
- BlockMalicious stringUrl 
- Enable/disable malicious URL blocking. Valid values: disable,enable.
- Comment string
- Comment.
- DynamicSort stringSubtable 
- Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Entries
List<Pulumiverse.Fortios. Ips. Inputs. Sensor Entry> 
- IPS sensor filter. The structure of entriesblock is documented below.
- ExtendedLog string
- Enable/disable extended logging. Valid values: enable,disable.
- Filters
List<Pulumiverse.Fortios. Ips. Inputs. Sensor Filter> 
- IPS sensor filter. The structure of filterblock is documented below.
- GetAll stringTables 
- Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Name string
- Sensor name.
- Overrides
List<Pulumiverse.Fortios. Ips. Inputs. Sensor Override> 
- IPS override rule. The structure of overrideblock is documented below.
- ReplacemsgGroup string
- Replacement message group.
- ScanBotnet stringConnections 
- Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable,block,monitor.
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- BlockMalicious stringUrl 
- Enable/disable malicious URL blocking. Valid values: disable,enable.
- Comment string
- Comment.
- DynamicSort stringSubtable 
- Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Entries
[]SensorEntry Args 
- IPS sensor filter. The structure of entriesblock is documented below.
- ExtendedLog string
- Enable/disable extended logging. Valid values: enable,disable.
- Filters
[]SensorFilter Args 
- IPS sensor filter. The structure of filterblock is documented below.
- GetAll stringTables 
- Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Name string
- Sensor name.
- Overrides
[]SensorOverride Args 
- IPS override rule. The structure of overrideblock is documented below.
- ReplacemsgGroup string
- Replacement message group.
- ScanBotnet stringConnections 
- Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable,block,monitor.
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- blockMalicious StringUrl 
- Enable/disable malicious URL blocking. Valid values: disable,enable.
- comment String
- Comment.
- dynamicSort StringSubtable 
- Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- entries
List<SensorEntry> 
- IPS sensor filter. The structure of entriesblock is documented below.
- extendedLog String
- Enable/disable extended logging. Valid values: enable,disable.
- filters
List<SensorFilter> 
- IPS sensor filter. The structure of filterblock is documented below.
- getAll StringTables 
- Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- name String
- Sensor name.
- overrides
List<SensorOverride> 
- IPS override rule. The structure of overrideblock is documented below.
- replacemsgGroup String
- Replacement message group.
- scanBotnet StringConnections 
- Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable,block,monitor.
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- blockMalicious stringUrl 
- Enable/disable malicious URL blocking. Valid values: disable,enable.
- comment string
- Comment.
- dynamicSort stringSubtable 
- Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- entries
SensorEntry[] 
- IPS sensor filter. The structure of entriesblock is documented below.
- extendedLog string
- Enable/disable extended logging. Valid values: enable,disable.
- filters
SensorFilter[] 
- IPS sensor filter. The structure of filterblock is documented below.
- getAll stringTables 
- Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- name string
- Sensor name.
- overrides
SensorOverride[] 
- IPS override rule. The structure of overrideblock is documented below.
- replacemsgGroup string
- Replacement message group.
- scanBotnet stringConnections 
- Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable,block,monitor.
- vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- block_malicious_ strurl 
- Enable/disable malicious URL blocking. Valid values: disable,enable.
- comment str
- Comment.
- dynamic_sort_ strsubtable 
- Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- entries
Sequence[SensorEntry Args] 
- IPS sensor filter. The structure of entriesblock is documented below.
- extended_log str
- Enable/disable extended logging. Valid values: enable,disable.
- filters
Sequence[SensorFilter Args] 
- IPS sensor filter. The structure of filterblock is documented below.
- get_all_ strtables 
- Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- name str
- Sensor name.
- overrides
Sequence[SensorOverride Args] 
- IPS override rule. The structure of overrideblock is documented below.
- replacemsg_group str
- Replacement message group.
- scan_botnet_ strconnections 
- Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable,block,monitor.
- vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- blockMalicious StringUrl 
- Enable/disable malicious URL blocking. Valid values: disable,enable.
- comment String
- Comment.
- dynamicSort StringSubtable 
- Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- entries List<Property Map>
- IPS sensor filter. The structure of entriesblock is documented below.
- extendedLog String
- Enable/disable extended logging. Valid values: enable,disable.
- filters List<Property Map>
- IPS sensor filter. The structure of filterblock is documented below.
- getAll StringTables 
- Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- name String
- Sensor name.
- overrides List<Property Map>
- IPS override rule. The structure of overrideblock is documented below.
- replacemsgGroup String
- Replacement message group.
- scanBotnet StringConnections 
- Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable,block,monitor.
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Outputs
All input properties are implicitly available as output properties. Additionally, the Sensor resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Sensor Resource
Get an existing Sensor resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SensorState, opts?: CustomResourceOptions): Sensor@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        block_malicious_url: Optional[str] = None,
        comment: Optional[str] = None,
        dynamic_sort_subtable: Optional[str] = None,
        entries: Optional[Sequence[SensorEntryArgs]] = None,
        extended_log: Optional[str] = None,
        filters: Optional[Sequence[SensorFilterArgs]] = None,
        get_all_tables: Optional[str] = None,
        name: Optional[str] = None,
        overrides: Optional[Sequence[SensorOverrideArgs]] = None,
        replacemsg_group: Optional[str] = None,
        scan_botnet_connections: Optional[str] = None,
        vdomparam: Optional[str] = None) -> Sensorfunc GetSensor(ctx *Context, name string, id IDInput, state *SensorState, opts ...ResourceOption) (*Sensor, error)public static Sensor Get(string name, Input<string> id, SensorState? state, CustomResourceOptions? opts = null)public static Sensor get(String name, Output<String> id, SensorState state, CustomResourceOptions options)resources:  _:    type: fortios:ips:Sensor    get:      id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- BlockMalicious stringUrl 
- Enable/disable malicious URL blocking. Valid values: disable,enable.
- Comment string
- Comment.
- DynamicSort stringSubtable 
- Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Entries
List<Pulumiverse.Fortios. Ips. Inputs. Sensor Entry> 
- IPS sensor filter. The structure of entriesblock is documented below.
- ExtendedLog string
- Enable/disable extended logging. Valid values: enable,disable.
- Filters
List<Pulumiverse.Fortios. Ips. Inputs. Sensor Filter> 
- IPS sensor filter. The structure of filterblock is documented below.
- GetAll stringTables 
- Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Name string
- Sensor name.
- Overrides
List<Pulumiverse.Fortios. Ips. Inputs. Sensor Override> 
- IPS override rule. The structure of overrideblock is documented below.
- ReplacemsgGroup string
- Replacement message group.
- ScanBotnet stringConnections 
- Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable,block,monitor.
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- BlockMalicious stringUrl 
- Enable/disable malicious URL blocking. Valid values: disable,enable.
- Comment string
- Comment.
- DynamicSort stringSubtable 
- Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Entries
[]SensorEntry Args 
- IPS sensor filter. The structure of entriesblock is documented below.
- ExtendedLog string
- Enable/disable extended logging. Valid values: enable,disable.
- Filters
[]SensorFilter Args 
- IPS sensor filter. The structure of filterblock is documented below.
- GetAll stringTables 
- Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Name string
- Sensor name.
- Overrides
[]SensorOverride Args 
- IPS override rule. The structure of overrideblock is documented below.
- ReplacemsgGroup string
- Replacement message group.
- ScanBotnet stringConnections 
- Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable,block,monitor.
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- blockMalicious StringUrl 
- Enable/disable malicious URL blocking. Valid values: disable,enable.
- comment String
- Comment.
- dynamicSort StringSubtable 
- Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- entries
List<SensorEntry> 
- IPS sensor filter. The structure of entriesblock is documented below.
- extendedLog String
- Enable/disable extended logging. Valid values: enable,disable.
- filters
List<SensorFilter> 
- IPS sensor filter. The structure of filterblock is documented below.
- getAll StringTables 
- Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- name String
- Sensor name.
- overrides
List<SensorOverride> 
- IPS override rule. The structure of overrideblock is documented below.
- replacemsgGroup String
- Replacement message group.
- scanBotnet StringConnections 
- Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable,block,monitor.
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- blockMalicious stringUrl 
- Enable/disable malicious URL blocking. Valid values: disable,enable.
- comment string
- Comment.
- dynamicSort stringSubtable 
- Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- entries
SensorEntry[] 
- IPS sensor filter. The structure of entriesblock is documented below.
- extendedLog string
- Enable/disable extended logging. Valid values: enable,disable.
- filters
SensorFilter[] 
- IPS sensor filter. The structure of filterblock is documented below.
- getAll stringTables 
- Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- name string
- Sensor name.
- overrides
SensorOverride[] 
- IPS override rule. The structure of overrideblock is documented below.
- replacemsgGroup string
- Replacement message group.
- scanBotnet stringConnections 
- Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable,block,monitor.
- vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- block_malicious_ strurl 
- Enable/disable malicious URL blocking. Valid values: disable,enable.
- comment str
- Comment.
- dynamic_sort_ strsubtable 
- Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- entries
Sequence[SensorEntry Args] 
- IPS sensor filter. The structure of entriesblock is documented below.
- extended_log str
- Enable/disable extended logging. Valid values: enable,disable.
- filters
Sequence[SensorFilter Args] 
- IPS sensor filter. The structure of filterblock is documented below.
- get_all_ strtables 
- Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- name str
- Sensor name.
- overrides
Sequence[SensorOverride Args] 
- IPS override rule. The structure of overrideblock is documented below.
- replacemsg_group str
- Replacement message group.
- scan_botnet_ strconnections 
- Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable,block,monitor.
- vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- blockMalicious StringUrl 
- Enable/disable malicious URL blocking. Valid values: disable,enable.
- comment String
- Comment.
- dynamicSort StringSubtable 
- Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- entries List<Property Map>
- IPS sensor filter. The structure of entriesblock is documented below.
- extendedLog String
- Enable/disable extended logging. Valid values: enable,disable.
- filters List<Property Map>
- IPS sensor filter. The structure of filterblock is documented below.
- getAll StringTables 
- Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- name String
- Sensor name.
- overrides List<Property Map>
- IPS override rule. The structure of overrideblock is documented below.
- replacemsgGroup String
- Replacement message group.
- scanBotnet StringConnections 
- Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable,block,monitor.
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Supporting Types
SensorEntry, SensorEntryArgs    
- Action string
- Action taken with traffic in which signatures are detected. Valid values: pass,block,reset,default.
- Application string
- Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
- Cves
List<Pulumiverse.Fortios. Ips. Inputs. Sensor Entry Cfe> 
- List of CVE IDs of the signatures to add to the sensor The structure of cveblock is documented below.
- DefaultAction string
- Signature default action filter. Valid values: all,pass,block.
- DefaultStatus string
- Signature default status filter. Valid values: all,enable,disable.
- ExemptIps List<Pulumiverse.Fortios. Ips. Inputs. Sensor Entry Exempt Ip> 
- Traffic from selected source or destination IP addresses is exempt from this signature. The structure of exempt_ipblock is documented below.
- Id int
- Rule ID in IPS database (0 - 4294967295).
- LastModified string
- Filter by signature last modified date. Formats: before , after , between .
- Location string
- Protect client or server traffic.
- Log string
- Enable/disable logging of signatures included in filter. Valid values: disable,enable.
- LogAttack stringContext 
- Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable,enable.
- LogPacket string
- Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable,enable.
- Os string
- Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
- Protocol string
- Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
- Quarantine string
- Quarantine method. Valid values: none,attacker.
- QuarantineExpiry string
- Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- QuarantineLog string
- Enable/disable quarantine logging. Valid values: disable,enable.
- RateCount int
- Count of the rate.
- RateDuration int
- Duration (sec) of the rate.
- RateMode string
- Rate limit mode. Valid values: periodical,continuous.
- RateTrack string
- Track the packet protocol field. Valid values: none,src-ip,dest-ip,dhcp-client-mac,dns-domain.
- Rules
List<Pulumiverse.Fortios. Ips. Inputs. Sensor Entry Rule> 
- Identifies the predefined or custom IPS signatures to add to the sensor. The structure of ruleblock is documented below.
- Severity string
- Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
- Status string
- Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable,enable,default.
- VulnTypes List<Pulumiverse.Fortios. Ips. Inputs. Sensor Entry Vuln Type> 
- List of signature vulnerability types to filter by. The structure of vuln_typeblock is documented below.
- Action string
- Action taken with traffic in which signatures are detected. Valid values: pass,block,reset,default.
- Application string
- Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
- Cves
[]SensorEntry Cfe 
- List of CVE IDs of the signatures to add to the sensor The structure of cveblock is documented below.
- DefaultAction string
- Signature default action filter. Valid values: all,pass,block.
- DefaultStatus string
- Signature default status filter. Valid values: all,enable,disable.
- ExemptIps []SensorEntry Exempt Ip 
- Traffic from selected source or destination IP addresses is exempt from this signature. The structure of exempt_ipblock is documented below.
- Id int
- Rule ID in IPS database (0 - 4294967295).
- LastModified string
- Filter by signature last modified date. Formats: before , after , between .
- Location string
- Protect client or server traffic.
- Log string
- Enable/disable logging of signatures included in filter. Valid values: disable,enable.
- LogAttack stringContext 
- Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable,enable.
- LogPacket string
- Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable,enable.
- Os string
- Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
- Protocol string
- Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
- Quarantine string
- Quarantine method. Valid values: none,attacker.
- QuarantineExpiry string
- Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- QuarantineLog string
- Enable/disable quarantine logging. Valid values: disable,enable.
- RateCount int
- Count of the rate.
- RateDuration int
- Duration (sec) of the rate.
- RateMode string
- Rate limit mode. Valid values: periodical,continuous.
- RateTrack string
- Track the packet protocol field. Valid values: none,src-ip,dest-ip,dhcp-client-mac,dns-domain.
- Rules
[]SensorEntry Rule 
- Identifies the predefined or custom IPS signatures to add to the sensor. The structure of ruleblock is documented below.
- Severity string
- Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
- Status string
- Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable,enable,default.
- VulnTypes []SensorEntry Vuln Type 
- List of signature vulnerability types to filter by. The structure of vuln_typeblock is documented below.
- action String
- Action taken with traffic in which signatures are detected. Valid values: pass,block,reset,default.
- application String
- Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
- cves
List<SensorEntry Cfe> 
- List of CVE IDs of the signatures to add to the sensor The structure of cveblock is documented below.
- defaultAction String
- Signature default action filter. Valid values: all,pass,block.
- defaultStatus String
- Signature default status filter. Valid values: all,enable,disable.
- exemptIps List<SensorEntry Exempt Ip> 
- Traffic from selected source or destination IP addresses is exempt from this signature. The structure of exempt_ipblock is documented below.
- id Integer
- Rule ID in IPS database (0 - 4294967295).
- lastModified String
- Filter by signature last modified date. Formats: before , after , between .
- location String
- Protect client or server traffic.
- log String
- Enable/disable logging of signatures included in filter. Valid values: disable,enable.
- logAttack StringContext 
- Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable,enable.
- logPacket String
- Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable,enable.
- os String
- Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
- protocol String
- Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
- quarantine String
- Quarantine method. Valid values: none,attacker.
- quarantineExpiry String
- Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- quarantineLog String
- Enable/disable quarantine logging. Valid values: disable,enable.
- rateCount Integer
- Count of the rate.
- rateDuration Integer
- Duration (sec) of the rate.
- rateMode String
- Rate limit mode. Valid values: periodical,continuous.
- rateTrack String
- Track the packet protocol field. Valid values: none,src-ip,dest-ip,dhcp-client-mac,dns-domain.
- rules
List<SensorEntry Rule> 
- Identifies the predefined or custom IPS signatures to add to the sensor. The structure of ruleblock is documented below.
- severity String
- Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
- status String
- Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable,enable,default.
- vulnTypes List<SensorEntry Vuln Type> 
- List of signature vulnerability types to filter by. The structure of vuln_typeblock is documented below.
- action string
- Action taken with traffic in which signatures are detected. Valid values: pass,block,reset,default.
- application string
- Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
- cves
SensorEntry Cfe[] 
- List of CVE IDs of the signatures to add to the sensor The structure of cveblock is documented below.
- defaultAction string
- Signature default action filter. Valid values: all,pass,block.
- defaultStatus string
- Signature default status filter. Valid values: all,enable,disable.
- exemptIps SensorEntry Exempt Ip[] 
- Traffic from selected source or destination IP addresses is exempt from this signature. The structure of exempt_ipblock is documented below.
- id number
- Rule ID in IPS database (0 - 4294967295).
- lastModified string
- Filter by signature last modified date. Formats: before , after , between .
- location string
- Protect client or server traffic.
- log string
- Enable/disable logging of signatures included in filter. Valid values: disable,enable.
- logAttack stringContext 
- Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable,enable.
- logPacket string
- Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable,enable.
- os string
- Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
- protocol string
- Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
- quarantine string
- Quarantine method. Valid values: none,attacker.
- quarantineExpiry string
- Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- quarantineLog string
- Enable/disable quarantine logging. Valid values: disable,enable.
- rateCount number
- Count of the rate.
- rateDuration number
- Duration (sec) of the rate.
- rateMode string
- Rate limit mode. Valid values: periodical,continuous.
- rateTrack string
- Track the packet protocol field. Valid values: none,src-ip,dest-ip,dhcp-client-mac,dns-domain.
- rules
SensorEntry Rule[] 
- Identifies the predefined or custom IPS signatures to add to the sensor. The structure of ruleblock is documented below.
- severity string
- Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
- status string
- Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable,enable,default.
- vulnTypes SensorEntry Vuln Type[] 
- List of signature vulnerability types to filter by. The structure of vuln_typeblock is documented below.
- action str
- Action taken with traffic in which signatures are detected. Valid values: pass,block,reset,default.
- application str
- Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
- cves
Sequence[SensorEntry Cfe] 
- List of CVE IDs of the signatures to add to the sensor The structure of cveblock is documented below.
- default_action str
- Signature default action filter. Valid values: all,pass,block.
- default_status str
- Signature default status filter. Valid values: all,enable,disable.
- exempt_ips Sequence[SensorEntry Exempt Ip] 
- Traffic from selected source or destination IP addresses is exempt from this signature. The structure of exempt_ipblock is documented below.
- id int
- Rule ID in IPS database (0 - 4294967295).
- last_modified str
- Filter by signature last modified date. Formats: before , after , between .
- location str
- Protect client or server traffic.
- log str
- Enable/disable logging of signatures included in filter. Valid values: disable,enable.
- log_attack_ strcontext 
- Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable,enable.
- log_packet str
- Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable,enable.
- os str
- Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
- protocol str
- Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
- quarantine str
- Quarantine method. Valid values: none,attacker.
- quarantine_expiry str
- Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- quarantine_log str
- Enable/disable quarantine logging. Valid values: disable,enable.
- rate_count int
- Count of the rate.
- rate_duration int
- Duration (sec) of the rate.
- rate_mode str
- Rate limit mode. Valid values: periodical,continuous.
- rate_track str
- Track the packet protocol field. Valid values: none,src-ip,dest-ip,dhcp-client-mac,dns-domain.
- rules
Sequence[SensorEntry Rule] 
- Identifies the predefined or custom IPS signatures to add to the sensor. The structure of ruleblock is documented below.
- severity str
- Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
- status str
- Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable,enable,default.
- vuln_types Sequence[SensorEntry Vuln Type] 
- List of signature vulnerability types to filter by. The structure of vuln_typeblock is documented below.
- action String
- Action taken with traffic in which signatures are detected. Valid values: pass,block,reset,default.
- application String
- Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
- cves List<Property Map>
- List of CVE IDs of the signatures to add to the sensor The structure of cveblock is documented below.
- defaultAction String
- Signature default action filter. Valid values: all,pass,block.
- defaultStatus String
- Signature default status filter. Valid values: all,enable,disable.
- exemptIps List<Property Map>
- Traffic from selected source or destination IP addresses is exempt from this signature. The structure of exempt_ipblock is documented below.
- id Number
- Rule ID in IPS database (0 - 4294967295).
- lastModified String
- Filter by signature last modified date. Formats: before , after , between .
- location String
- Protect client or server traffic.
- log String
- Enable/disable logging of signatures included in filter. Valid values: disable,enable.
- logAttack StringContext 
- Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable,enable.
- logPacket String
- Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable,enable.
- os String
- Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
- protocol String
- Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
- quarantine String
- Quarantine method. Valid values: none,attacker.
- quarantineExpiry String
- Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- quarantineLog String
- Enable/disable quarantine logging. Valid values: disable,enable.
- rateCount Number
- Count of the rate.
- rateDuration Number
- Duration (sec) of the rate.
- rateMode String
- Rate limit mode. Valid values: periodical,continuous.
- rateTrack String
- Track the packet protocol field. Valid values: none,src-ip,dest-ip,dhcp-client-mac,dns-domain.
- rules List<Property Map>
- Identifies the predefined or custom IPS signatures to add to the sensor. The structure of ruleblock is documented below.
- severity String
- Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
- status String
- Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable,enable,default.
- vulnTypes List<Property Map>
- List of signature vulnerability types to filter by. The structure of vuln_typeblock is documented below.
SensorEntryCfe, SensorEntryCfeArgs      
- CveEntry string
- CVE IDs or CVE wildcards.
- CveEntry string
- CVE IDs or CVE wildcards.
- cveEntry String
- CVE IDs or CVE wildcards.
- cveEntry string
- CVE IDs or CVE wildcards.
- cve_entry str
- CVE IDs or CVE wildcards.
- cveEntry String
- CVE IDs or CVE wildcards.
SensorEntryExemptIp, SensorEntryExemptIpArgs        
SensorEntryRule, SensorEntryRuleArgs      
- Id int
- Rule IPS.
- Id int
- Rule IPS.
- id Integer
- Rule IPS.
- id number
- Rule IPS.
- id int
- Rule IPS.
- id Number
- Rule IPS.
SensorEntryVulnType, SensorEntryVulnTypeArgs        
- Id int
- Vulnerability type ID.
- Id int
- Vulnerability type ID.
- id Integer
- Vulnerability type ID.
- id number
- Vulnerability type ID.
- id int
- Vulnerability type ID.
- id Number
- Vulnerability type ID.
SensorFilter, SensorFilterArgs    
- Action string
- Action of selected rules. Valid values: pass,block,reset,default.
- Application string
- Vulnerable application filter.
- Location string
- Vulnerability location filter.
- Log string
- Enable/disable logging of selected rules. Valid values: disable,enable.
- LogPacket string
- Enable/disable packet logging of selected rules. Valid values: disable,enable.
- Name string
- Filter name.
- Os string
- Vulnerable OS filter.
- Protocol string
- Vulnerable protocol filter.
- Quarantine string
- Quarantine IP or interface. Valid values: none,attacker.
- QuarantineExpiry int
- Duration of quarantine in minute.
- QuarantineLog string
- Enable/disable logging of selected quarantine. Valid values: disable,enable.
- Severity string
- Vulnerability severity filter.
- Status string
- Selected rules status. Valid values: disable,enable,default.
- Action string
- Action of selected rules. Valid values: pass,block,reset,default.
- Application string
- Vulnerable application filter.
- Location string
- Vulnerability location filter.
- Log string
- Enable/disable logging of selected rules. Valid values: disable,enable.
- LogPacket string
- Enable/disable packet logging of selected rules. Valid values: disable,enable.
- Name string
- Filter name.
- Os string
- Vulnerable OS filter.
- Protocol string
- Vulnerable protocol filter.
- Quarantine string
- Quarantine IP or interface. Valid values: none,attacker.
- QuarantineExpiry int
- Duration of quarantine in minute.
- QuarantineLog string
- Enable/disable logging of selected quarantine. Valid values: disable,enable.
- Severity string
- Vulnerability severity filter.
- Status string
- Selected rules status. Valid values: disable,enable,default.
- action String
- Action of selected rules. Valid values: pass,block,reset,default.
- application String
- Vulnerable application filter.
- location String
- Vulnerability location filter.
- log String
- Enable/disable logging of selected rules. Valid values: disable,enable.
- logPacket String
- Enable/disable packet logging of selected rules. Valid values: disable,enable.
- name String
- Filter name.
- os String
- Vulnerable OS filter.
- protocol String
- Vulnerable protocol filter.
- quarantine String
- Quarantine IP or interface. Valid values: none,attacker.
- quarantineExpiry Integer
- Duration of quarantine in minute.
- quarantineLog String
- Enable/disable logging of selected quarantine. Valid values: disable,enable.
- severity String
- Vulnerability severity filter.
- status String
- Selected rules status. Valid values: disable,enable,default.
- action string
- Action of selected rules. Valid values: pass,block,reset,default.
- application string
- Vulnerable application filter.
- location string
- Vulnerability location filter.
- log string
- Enable/disable logging of selected rules. Valid values: disable,enable.
- logPacket string
- Enable/disable packet logging of selected rules. Valid values: disable,enable.
- name string
- Filter name.
- os string
- Vulnerable OS filter.
- protocol string
- Vulnerable protocol filter.
- quarantine string
- Quarantine IP or interface. Valid values: none,attacker.
- quarantineExpiry number
- Duration of quarantine in minute.
- quarantineLog string
- Enable/disable logging of selected quarantine. Valid values: disable,enable.
- severity string
- Vulnerability severity filter.
- status string
- Selected rules status. Valid values: disable,enable,default.
- action str
- Action of selected rules. Valid values: pass,block,reset,default.
- application str
- Vulnerable application filter.
- location str
- Vulnerability location filter.
- log str
- Enable/disable logging of selected rules. Valid values: disable,enable.
- log_packet str
- Enable/disable packet logging of selected rules. Valid values: disable,enable.
- name str
- Filter name.
- os str
- Vulnerable OS filter.
- protocol str
- Vulnerable protocol filter.
- quarantine str
- Quarantine IP or interface. Valid values: none,attacker.
- quarantine_expiry int
- Duration of quarantine in minute.
- quarantine_log str
- Enable/disable logging of selected quarantine. Valid values: disable,enable.
- severity str
- Vulnerability severity filter.
- status str
- Selected rules status. Valid values: disable,enable,default.
- action String
- Action of selected rules. Valid values: pass,block,reset,default.
- application String
- Vulnerable application filter.
- location String
- Vulnerability location filter.
- log String
- Enable/disable logging of selected rules. Valid values: disable,enable.
- logPacket String
- Enable/disable packet logging of selected rules. Valid values: disable,enable.
- name String
- Filter name.
- os String
- Vulnerable OS filter.
- protocol String
- Vulnerable protocol filter.
- quarantine String
- Quarantine IP or interface. Valid values: none,attacker.
- quarantineExpiry Number
- Duration of quarantine in minute.
- quarantineLog String
- Enable/disable logging of selected quarantine. Valid values: disable,enable.
- severity String
- Vulnerability severity filter.
- status String
- Selected rules status. Valid values: disable,enable,default.
SensorOverride, SensorOverrideArgs    
- Action string
- Action of override rule. Valid values: pass,block,reset.
- ExemptIps List<Pulumiverse.Fortios. Ips. Inputs. Sensor Override Exempt Ip> 
- Exempted IP. The structure of exempt_ipblock is documented below.
- Log string
- Enable/disable logging. Valid values: disable,enable.
- LogPacket string
- Enable/disable packet logging. Valid values: disable,enable.
- Quarantine string
- Quarantine IP or interface. Valid values: none,attacker.
- QuarantineExpiry int
- Duration of quarantine in minute.
- QuarantineLog string
- Enable/disable logging of selected quarantine. Valid values: disable,enable.
- RuleId int
- Override rule ID.
- Status string
- Enable/disable status of override rule. Valid values: disable,enable.
- Action string
- Action of override rule. Valid values: pass,block,reset.
- ExemptIps []SensorOverride Exempt Ip 
- Exempted IP. The structure of exempt_ipblock is documented below.
- Log string
- Enable/disable logging. Valid values: disable,enable.
- LogPacket string
- Enable/disable packet logging. Valid values: disable,enable.
- Quarantine string
- Quarantine IP or interface. Valid values: none,attacker.
- QuarantineExpiry int
- Duration of quarantine in minute.
- QuarantineLog string
- Enable/disable logging of selected quarantine. Valid values: disable,enable.
- RuleId int
- Override rule ID.
- Status string
- Enable/disable status of override rule. Valid values: disable,enable.
- action String
- Action of override rule. Valid values: pass,block,reset.
- exemptIps List<SensorOverride Exempt Ip> 
- Exempted IP. The structure of exempt_ipblock is documented below.
- log String
- Enable/disable logging. Valid values: disable,enable.
- logPacket String
- Enable/disable packet logging. Valid values: disable,enable.
- quarantine String
- Quarantine IP or interface. Valid values: none,attacker.
- quarantineExpiry Integer
- Duration of quarantine in minute.
- quarantineLog String
- Enable/disable logging of selected quarantine. Valid values: disable,enable.
- ruleId Integer
- Override rule ID.
- status String
- Enable/disable status of override rule. Valid values: disable,enable.
- action string
- Action of override rule. Valid values: pass,block,reset.
- exemptIps SensorOverride Exempt Ip[] 
- Exempted IP. The structure of exempt_ipblock is documented below.
- log string
- Enable/disable logging. Valid values: disable,enable.
- logPacket string
- Enable/disable packet logging. Valid values: disable,enable.
- quarantine string
- Quarantine IP or interface. Valid values: none,attacker.
- quarantineExpiry number
- Duration of quarantine in minute.
- quarantineLog string
- Enable/disable logging of selected quarantine. Valid values: disable,enable.
- ruleId number
- Override rule ID.
- status string
- Enable/disable status of override rule. Valid values: disable,enable.
- action str
- Action of override rule. Valid values: pass,block,reset.
- exempt_ips Sequence[SensorOverride Exempt Ip] 
- Exempted IP. The structure of exempt_ipblock is documented below.
- log str
- Enable/disable logging. Valid values: disable,enable.
- log_packet str
- Enable/disable packet logging. Valid values: disable,enable.
- quarantine str
- Quarantine IP or interface. Valid values: none,attacker.
- quarantine_expiry int
- Duration of quarantine in minute.
- quarantine_log str
- Enable/disable logging of selected quarantine. Valid values: disable,enable.
- rule_id int
- Override rule ID.
- status str
- Enable/disable status of override rule. Valid values: disable,enable.
- action String
- Action of override rule. Valid values: pass,block,reset.
- exemptIps List<Property Map>
- Exempted IP. The structure of exempt_ipblock is documented below.
- log String
- Enable/disable logging. Valid values: disable,enable.
- logPacket String
- Enable/disable packet logging. Valid values: disable,enable.
- quarantine String
- Quarantine IP or interface. Valid values: none,attacker.
- quarantineExpiry Number
- Duration of quarantine in minute.
- quarantineLog String
- Enable/disable logging of selected quarantine. Valid values: disable,enable.
- ruleId Number
- Override rule ID.
- status String
- Enable/disable status of override rule. Valid values: disable,enable.
SensorOverrideExemptIp, SensorOverrideExemptIpArgs        
Import
Ips Sensor can be imported using any of these accepted formats:
$ pulumi import fortios:ips/sensor:Sensor labelname {{name}}
If you do not want to import arguments of block:
$ export “FORTIOS_IMPORT_TABLE”=“false”
$ pulumi import fortios:ips/sensor:Sensor labelname {{name}}
$ unset “FORTIOS_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortios pulumiverse/pulumi-fortios
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the fortiosTerraform Provider.
