1. Packages
  2. Fortios
  3. API Docs
  4. ips
  5. Sensor
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

fortios.ips.Sensor

Explore with Pulumi AI

fortios logo
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

    Configure IPS sensor.

    Create Sensor Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Sensor(name: string, args?: SensorArgs, opts?: CustomResourceOptions);
    @overload
    def Sensor(resource_name: str,
               args: Optional[SensorArgs] = None,
               opts: Optional[ResourceOptions] = None)
    
    @overload
    def Sensor(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               block_malicious_url: Optional[str] = None,
               comment: Optional[str] = None,
               dynamic_sort_subtable: Optional[str] = None,
               entries: Optional[Sequence[SensorEntryArgs]] = None,
               extended_log: Optional[str] = None,
               filters: Optional[Sequence[SensorFilterArgs]] = None,
               get_all_tables: Optional[str] = None,
               name: Optional[str] = None,
               overrides: Optional[Sequence[SensorOverrideArgs]] = None,
               replacemsg_group: Optional[str] = None,
               scan_botnet_connections: Optional[str] = None,
               vdomparam: Optional[str] = None)
    func NewSensor(ctx *Context, name string, args *SensorArgs, opts ...ResourceOption) (*Sensor, error)
    public Sensor(string name, SensorArgs? args = null, CustomResourceOptions? opts = null)
    public Sensor(String name, SensorArgs args)
    public Sensor(String name, SensorArgs args, CustomResourceOptions options)
    
    type: fortios:ips:Sensor
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SensorArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SensorArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SensorArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SensorArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SensorArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var fortiosSensorResource = new Fortios.Ips.Sensor("fortiosSensorResource", new()
    {
        BlockMaliciousUrl = "string",
        Comment = "string",
        DynamicSortSubtable = "string",
        Entries = new[]
        {
            new Fortios.Ips.Inputs.SensorEntryArgs
            {
                Action = "string",
                Application = "string",
                Cves = new[]
                {
                    new Fortios.Ips.Inputs.SensorEntryCfeArgs
                    {
                        CveEntry = "string",
                    },
                },
                DefaultAction = "string",
                DefaultStatus = "string",
                ExemptIps = new[]
                {
                    new Fortios.Ips.Inputs.SensorEntryExemptIpArgs
                    {
                        DstIp = "string",
                        Id = 0,
                        SrcIp = "string",
                    },
                },
                Id = 0,
                LastModified = "string",
                Location = "string",
                Log = "string",
                LogAttackContext = "string",
                LogPacket = "string",
                Os = "string",
                Protocol = "string",
                Quarantine = "string",
                QuarantineExpiry = "string",
                QuarantineLog = "string",
                RateCount = 0,
                RateDuration = 0,
                RateMode = "string",
                RateTrack = "string",
                Rules = new[]
                {
                    new Fortios.Ips.Inputs.SensorEntryRuleArgs
                    {
                        Id = 0,
                    },
                },
                Severity = "string",
                Status = "string",
                VulnTypes = new[]
                {
                    new Fortios.Ips.Inputs.SensorEntryVulnTypeArgs
                    {
                        Id = 0,
                    },
                },
            },
        },
        ExtendedLog = "string",
        Filters = new[]
        {
            new Fortios.Ips.Inputs.SensorFilterArgs
            {
                Action = "string",
                Application = "string",
                Location = "string",
                Log = "string",
                LogPacket = "string",
                Name = "string",
                Os = "string",
                Protocol = "string",
                Quarantine = "string",
                QuarantineExpiry = 0,
                QuarantineLog = "string",
                Severity = "string",
                Status = "string",
            },
        },
        GetAllTables = "string",
        Name = "string",
        Overrides = new[]
        {
            new Fortios.Ips.Inputs.SensorOverrideArgs
            {
                Action = "string",
                ExemptIps = new[]
                {
                    new Fortios.Ips.Inputs.SensorOverrideExemptIpArgs
                    {
                        DstIp = "string",
                        Id = 0,
                        SrcIp = "string",
                    },
                },
                Log = "string",
                LogPacket = "string",
                Quarantine = "string",
                QuarantineExpiry = 0,
                QuarantineLog = "string",
                RuleId = 0,
                Status = "string",
            },
        },
        ReplacemsgGroup = "string",
        ScanBotnetConnections = "string",
        Vdomparam = "string",
    });
    
    example, err := ips.NewSensor(ctx, "fortiosSensorResource", &ips.SensorArgs{
    	BlockMaliciousUrl:   pulumi.String("string"),
    	Comment:             pulumi.String("string"),
    	DynamicSortSubtable: pulumi.String("string"),
    	Entries: ips.SensorEntryArray{
    		&ips.SensorEntryArgs{
    			Action:      pulumi.String("string"),
    			Application: pulumi.String("string"),
    			Cves: ips.SensorEntryCfeArray{
    				&ips.SensorEntryCfeArgs{
    					CveEntry: pulumi.String("string"),
    				},
    			},
    			DefaultAction: pulumi.String("string"),
    			DefaultStatus: pulumi.String("string"),
    			ExemptIps: ips.SensorEntryExemptIpArray{
    				&ips.SensorEntryExemptIpArgs{
    					DstIp: pulumi.String("string"),
    					Id:    pulumi.Int(0),
    					SrcIp: pulumi.String("string"),
    				},
    			},
    			Id:               pulumi.Int(0),
    			LastModified:     pulumi.String("string"),
    			Location:         pulumi.String("string"),
    			Log:              pulumi.String("string"),
    			LogAttackContext: pulumi.String("string"),
    			LogPacket:        pulumi.String("string"),
    			Os:               pulumi.String("string"),
    			Protocol:         pulumi.String("string"),
    			Quarantine:       pulumi.String("string"),
    			QuarantineExpiry: pulumi.String("string"),
    			QuarantineLog:    pulumi.String("string"),
    			RateCount:        pulumi.Int(0),
    			RateDuration:     pulumi.Int(0),
    			RateMode:         pulumi.String("string"),
    			RateTrack:        pulumi.String("string"),
    			Rules: ips.SensorEntryRuleArray{
    				&ips.SensorEntryRuleArgs{
    					Id: pulumi.Int(0),
    				},
    			},
    			Severity: pulumi.String("string"),
    			Status:   pulumi.String("string"),
    			VulnTypes: ips.SensorEntryVulnTypeArray{
    				&ips.SensorEntryVulnTypeArgs{
    					Id: pulumi.Int(0),
    				},
    			},
    		},
    	},
    	ExtendedLog: pulumi.String("string"),
    	Filters: ips.SensorFilterArray{
    		&ips.SensorFilterArgs{
    			Action:           pulumi.String("string"),
    			Application:      pulumi.String("string"),
    			Location:         pulumi.String("string"),
    			Log:              pulumi.String("string"),
    			LogPacket:        pulumi.String("string"),
    			Name:             pulumi.String("string"),
    			Os:               pulumi.String("string"),
    			Protocol:         pulumi.String("string"),
    			Quarantine:       pulumi.String("string"),
    			QuarantineExpiry: pulumi.Int(0),
    			QuarantineLog:    pulumi.String("string"),
    			Severity:         pulumi.String("string"),
    			Status:           pulumi.String("string"),
    		},
    	},
    	GetAllTables: pulumi.String("string"),
    	Name:         pulumi.String("string"),
    	Overrides: ips.SensorOverrideArray{
    		&ips.SensorOverrideArgs{
    			Action: pulumi.String("string"),
    			ExemptIps: ips.SensorOverrideExemptIpArray{
    				&ips.SensorOverrideExemptIpArgs{
    					DstIp: pulumi.String("string"),
    					Id:    pulumi.Int(0),
    					SrcIp: pulumi.String("string"),
    				},
    			},
    			Log:              pulumi.String("string"),
    			LogPacket:        pulumi.String("string"),
    			Quarantine:       pulumi.String("string"),
    			QuarantineExpiry: pulumi.Int(0),
    			QuarantineLog:    pulumi.String("string"),
    			RuleId:           pulumi.Int(0),
    			Status:           pulumi.String("string"),
    		},
    	},
    	ReplacemsgGroup:       pulumi.String("string"),
    	ScanBotnetConnections: pulumi.String("string"),
    	Vdomparam:             pulumi.String("string"),
    })
    
    var fortiosSensorResource = new Sensor("fortiosSensorResource", SensorArgs.builder()
        .blockMaliciousUrl("string")
        .comment("string")
        .dynamicSortSubtable("string")
        .entries(SensorEntryArgs.builder()
            .action("string")
            .application("string")
            .cves(SensorEntryCfeArgs.builder()
                .cveEntry("string")
                .build())
            .defaultAction("string")
            .defaultStatus("string")
            .exemptIps(SensorEntryExemptIpArgs.builder()
                .dstIp("string")
                .id(0)
                .srcIp("string")
                .build())
            .id(0)
            .lastModified("string")
            .location("string")
            .log("string")
            .logAttackContext("string")
            .logPacket("string")
            .os("string")
            .protocol("string")
            .quarantine("string")
            .quarantineExpiry("string")
            .quarantineLog("string")
            .rateCount(0)
            .rateDuration(0)
            .rateMode("string")
            .rateTrack("string")
            .rules(SensorEntryRuleArgs.builder()
                .id(0)
                .build())
            .severity("string")
            .status("string")
            .vulnTypes(SensorEntryVulnTypeArgs.builder()
                .id(0)
                .build())
            .build())
        .extendedLog("string")
        .filters(SensorFilterArgs.builder()
            .action("string")
            .application("string")
            .location("string")
            .log("string")
            .logPacket("string")
            .name("string")
            .os("string")
            .protocol("string")
            .quarantine("string")
            .quarantineExpiry(0)
            .quarantineLog("string")
            .severity("string")
            .status("string")
            .build())
        .getAllTables("string")
        .name("string")
        .overrides(SensorOverrideArgs.builder()
            .action("string")
            .exemptIps(SensorOverrideExemptIpArgs.builder()
                .dstIp("string")
                .id(0)
                .srcIp("string")
                .build())
            .log("string")
            .logPacket("string")
            .quarantine("string")
            .quarantineExpiry(0)
            .quarantineLog("string")
            .ruleId(0)
            .status("string")
            .build())
        .replacemsgGroup("string")
        .scanBotnetConnections("string")
        .vdomparam("string")
        .build());
    
    fortios_sensor_resource = fortios.ips.Sensor("fortiosSensorResource",
        block_malicious_url="string",
        comment="string",
        dynamic_sort_subtable="string",
        entries=[{
            "action": "string",
            "application": "string",
            "cves": [{
                "cve_entry": "string",
            }],
            "default_action": "string",
            "default_status": "string",
            "exempt_ips": [{
                "dst_ip": "string",
                "id": 0,
                "src_ip": "string",
            }],
            "id": 0,
            "last_modified": "string",
            "location": "string",
            "log": "string",
            "log_attack_context": "string",
            "log_packet": "string",
            "os": "string",
            "protocol": "string",
            "quarantine": "string",
            "quarantine_expiry": "string",
            "quarantine_log": "string",
            "rate_count": 0,
            "rate_duration": 0,
            "rate_mode": "string",
            "rate_track": "string",
            "rules": [{
                "id": 0,
            }],
            "severity": "string",
            "status": "string",
            "vuln_types": [{
                "id": 0,
            }],
        }],
        extended_log="string",
        filters=[{
            "action": "string",
            "application": "string",
            "location": "string",
            "log": "string",
            "log_packet": "string",
            "name": "string",
            "os": "string",
            "protocol": "string",
            "quarantine": "string",
            "quarantine_expiry": 0,
            "quarantine_log": "string",
            "severity": "string",
            "status": "string",
        }],
        get_all_tables="string",
        name="string",
        overrides=[{
            "action": "string",
            "exempt_ips": [{
                "dst_ip": "string",
                "id": 0,
                "src_ip": "string",
            }],
            "log": "string",
            "log_packet": "string",
            "quarantine": "string",
            "quarantine_expiry": 0,
            "quarantine_log": "string",
            "rule_id": 0,
            "status": "string",
        }],
        replacemsg_group="string",
        scan_botnet_connections="string",
        vdomparam="string")
    
    const fortiosSensorResource = new fortios.ips.Sensor("fortiosSensorResource", {
        blockMaliciousUrl: "string",
        comment: "string",
        dynamicSortSubtable: "string",
        entries: [{
            action: "string",
            application: "string",
            cves: [{
                cveEntry: "string",
            }],
            defaultAction: "string",
            defaultStatus: "string",
            exemptIps: [{
                dstIp: "string",
                id: 0,
                srcIp: "string",
            }],
            id: 0,
            lastModified: "string",
            location: "string",
            log: "string",
            logAttackContext: "string",
            logPacket: "string",
            os: "string",
            protocol: "string",
            quarantine: "string",
            quarantineExpiry: "string",
            quarantineLog: "string",
            rateCount: 0,
            rateDuration: 0,
            rateMode: "string",
            rateTrack: "string",
            rules: [{
                id: 0,
            }],
            severity: "string",
            status: "string",
            vulnTypes: [{
                id: 0,
            }],
        }],
        extendedLog: "string",
        filters: [{
            action: "string",
            application: "string",
            location: "string",
            log: "string",
            logPacket: "string",
            name: "string",
            os: "string",
            protocol: "string",
            quarantine: "string",
            quarantineExpiry: 0,
            quarantineLog: "string",
            severity: "string",
            status: "string",
        }],
        getAllTables: "string",
        name: "string",
        overrides: [{
            action: "string",
            exemptIps: [{
                dstIp: "string",
                id: 0,
                srcIp: "string",
            }],
            log: "string",
            logPacket: "string",
            quarantine: "string",
            quarantineExpiry: 0,
            quarantineLog: "string",
            ruleId: 0,
            status: "string",
        }],
        replacemsgGroup: "string",
        scanBotnetConnections: "string",
        vdomparam: "string",
    });
    
    type: fortios:ips:Sensor
    properties:
        blockMaliciousUrl: string
        comment: string
        dynamicSortSubtable: string
        entries:
            - action: string
              application: string
              cves:
                - cveEntry: string
              defaultAction: string
              defaultStatus: string
              exemptIps:
                - dstIp: string
                  id: 0
                  srcIp: string
              id: 0
              lastModified: string
              location: string
              log: string
              logAttackContext: string
              logPacket: string
              os: string
              protocol: string
              quarantine: string
              quarantineExpiry: string
              quarantineLog: string
              rateCount: 0
              rateDuration: 0
              rateMode: string
              rateTrack: string
              rules:
                - id: 0
              severity: string
              status: string
              vulnTypes:
                - id: 0
        extendedLog: string
        filters:
            - action: string
              application: string
              location: string
              log: string
              logPacket: string
              name: string
              os: string
              protocol: string
              quarantine: string
              quarantineExpiry: 0
              quarantineLog: string
              severity: string
              status: string
        getAllTables: string
        name: string
        overrides:
            - action: string
              exemptIps:
                - dstIp: string
                  id: 0
                  srcIp: string
              log: string
              logPacket: string
              quarantine: string
              quarantineExpiry: 0
              quarantineLog: string
              ruleId: 0
              status: string
        replacemsgGroup: string
        scanBotnetConnections: string
        vdomparam: string
    

    Sensor Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Sensor resource accepts the following input properties:

    BlockMaliciousUrl string
    Enable/disable malicious URL blocking. Valid values: disable, enable.
    Comment string
    Comment.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    Entries List<Pulumiverse.Fortios.Ips.Inputs.SensorEntry>
    IPS sensor filter. The structure of entries block is documented below.
    ExtendedLog string
    Enable/disable extended logging. Valid values: enable, disable.
    Filters List<Pulumiverse.Fortios.Ips.Inputs.SensorFilter>
    IPS sensor filter. The structure of filter block is documented below.
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    Name string
    Sensor name.
    Overrides List<Pulumiverse.Fortios.Ips.Inputs.SensorOverride>
    IPS override rule. The structure of override block is documented below.
    ReplacemsgGroup string
    Replacement message group.
    ScanBotnetConnections string
    Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    BlockMaliciousUrl string
    Enable/disable malicious URL blocking. Valid values: disable, enable.
    Comment string
    Comment.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    Entries []SensorEntryArgs
    IPS sensor filter. The structure of entries block is documented below.
    ExtendedLog string
    Enable/disable extended logging. Valid values: enable, disable.
    Filters []SensorFilterArgs
    IPS sensor filter. The structure of filter block is documented below.
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    Name string
    Sensor name.
    Overrides []SensorOverrideArgs
    IPS override rule. The structure of override block is documented below.
    ReplacemsgGroup string
    Replacement message group.
    ScanBotnetConnections string
    Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    blockMaliciousUrl String
    Enable/disable malicious URL blocking. Valid values: disable, enable.
    comment String
    Comment.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    entries List<SensorEntry>
    IPS sensor filter. The structure of entries block is documented below.
    extendedLog String
    Enable/disable extended logging. Valid values: enable, disable.
    filters List<SensorFilter>
    IPS sensor filter. The structure of filter block is documented below.
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    name String
    Sensor name.
    overrides List<SensorOverride>
    IPS override rule. The structure of override block is documented below.
    replacemsgGroup String
    Replacement message group.
    scanBotnetConnections String
    Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    blockMaliciousUrl string
    Enable/disable malicious URL blocking. Valid values: disable, enable.
    comment string
    Comment.
    dynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    entries SensorEntry[]
    IPS sensor filter. The structure of entries block is documented below.
    extendedLog string
    Enable/disable extended logging. Valid values: enable, disable.
    filters SensorFilter[]
    IPS sensor filter. The structure of filter block is documented below.
    getAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    name string
    Sensor name.
    overrides SensorOverride[]
    IPS override rule. The structure of override block is documented below.
    replacemsgGroup string
    Replacement message group.
    scanBotnetConnections string
    Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
    vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    block_malicious_url str
    Enable/disable malicious URL blocking. Valid values: disable, enable.
    comment str
    Comment.
    dynamic_sort_subtable str
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    entries Sequence[SensorEntryArgs]
    IPS sensor filter. The structure of entries block is documented below.
    extended_log str
    Enable/disable extended logging. Valid values: enable, disable.
    filters Sequence[SensorFilterArgs]
    IPS sensor filter. The structure of filter block is documented below.
    get_all_tables str
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    name str
    Sensor name.
    overrides Sequence[SensorOverrideArgs]
    IPS override rule. The structure of override block is documented below.
    replacemsg_group str
    Replacement message group.
    scan_botnet_connections str
    Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
    vdomparam str
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    blockMaliciousUrl String
    Enable/disable malicious URL blocking. Valid values: disable, enable.
    comment String
    Comment.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    entries List<Property Map>
    IPS sensor filter. The structure of entries block is documented below.
    extendedLog String
    Enable/disable extended logging. Valid values: enable, disable.
    filters List<Property Map>
    IPS sensor filter. The structure of filter block is documented below.
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    name String
    Sensor name.
    overrides List<Property Map>
    IPS override rule. The structure of override block is documented below.
    replacemsgGroup String
    Replacement message group.
    scanBotnetConnections String
    Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Sensor resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Sensor Resource

    Get an existing Sensor resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SensorState, opts?: CustomResourceOptions): Sensor
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            block_malicious_url: Optional[str] = None,
            comment: Optional[str] = None,
            dynamic_sort_subtable: Optional[str] = None,
            entries: Optional[Sequence[SensorEntryArgs]] = None,
            extended_log: Optional[str] = None,
            filters: Optional[Sequence[SensorFilterArgs]] = None,
            get_all_tables: Optional[str] = None,
            name: Optional[str] = None,
            overrides: Optional[Sequence[SensorOverrideArgs]] = None,
            replacemsg_group: Optional[str] = None,
            scan_botnet_connections: Optional[str] = None,
            vdomparam: Optional[str] = None) -> Sensor
    func GetSensor(ctx *Context, name string, id IDInput, state *SensorState, opts ...ResourceOption) (*Sensor, error)
    public static Sensor Get(string name, Input<string> id, SensorState? state, CustomResourceOptions? opts = null)
    public static Sensor get(String name, Output<String> id, SensorState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    BlockMaliciousUrl string
    Enable/disable malicious URL blocking. Valid values: disable, enable.
    Comment string
    Comment.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    Entries List<Pulumiverse.Fortios.Ips.Inputs.SensorEntry>
    IPS sensor filter. The structure of entries block is documented below.
    ExtendedLog string
    Enable/disable extended logging. Valid values: enable, disable.
    Filters List<Pulumiverse.Fortios.Ips.Inputs.SensorFilter>
    IPS sensor filter. The structure of filter block is documented below.
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    Name string
    Sensor name.
    Overrides List<Pulumiverse.Fortios.Ips.Inputs.SensorOverride>
    IPS override rule. The structure of override block is documented below.
    ReplacemsgGroup string
    Replacement message group.
    ScanBotnetConnections string
    Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    BlockMaliciousUrl string
    Enable/disable malicious URL blocking. Valid values: disable, enable.
    Comment string
    Comment.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    Entries []SensorEntryArgs
    IPS sensor filter. The structure of entries block is documented below.
    ExtendedLog string
    Enable/disable extended logging. Valid values: enable, disable.
    Filters []SensorFilterArgs
    IPS sensor filter. The structure of filter block is documented below.
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    Name string
    Sensor name.
    Overrides []SensorOverrideArgs
    IPS override rule. The structure of override block is documented below.
    ReplacemsgGroup string
    Replacement message group.
    ScanBotnetConnections string
    Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    blockMaliciousUrl String
    Enable/disable malicious URL blocking. Valid values: disable, enable.
    comment String
    Comment.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    entries List<SensorEntry>
    IPS sensor filter. The structure of entries block is documented below.
    extendedLog String
    Enable/disable extended logging. Valid values: enable, disable.
    filters List<SensorFilter>
    IPS sensor filter. The structure of filter block is documented below.
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    name String
    Sensor name.
    overrides List<SensorOverride>
    IPS override rule. The structure of override block is documented below.
    replacemsgGroup String
    Replacement message group.
    scanBotnetConnections String
    Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    blockMaliciousUrl string
    Enable/disable malicious URL blocking. Valid values: disable, enable.
    comment string
    Comment.
    dynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    entries SensorEntry[]
    IPS sensor filter. The structure of entries block is documented below.
    extendedLog string
    Enable/disable extended logging. Valid values: enable, disable.
    filters SensorFilter[]
    IPS sensor filter. The structure of filter block is documented below.
    getAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    name string
    Sensor name.
    overrides SensorOverride[]
    IPS override rule. The structure of override block is documented below.
    replacemsgGroup string
    Replacement message group.
    scanBotnetConnections string
    Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
    vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    block_malicious_url str
    Enable/disable malicious URL blocking. Valid values: disable, enable.
    comment str
    Comment.
    dynamic_sort_subtable str
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    entries Sequence[SensorEntryArgs]
    IPS sensor filter. The structure of entries block is documented below.
    extended_log str
    Enable/disable extended logging. Valid values: enable, disable.
    filters Sequence[SensorFilterArgs]
    IPS sensor filter. The structure of filter block is documented below.
    get_all_tables str
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    name str
    Sensor name.
    overrides Sequence[SensorOverrideArgs]
    IPS override rule. The structure of override block is documented below.
    replacemsg_group str
    Replacement message group.
    scan_botnet_connections str
    Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
    vdomparam str
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    blockMaliciousUrl String
    Enable/disable malicious URL blocking. Valid values: disable, enable.
    comment String
    Comment.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    entries List<Property Map>
    IPS sensor filter. The structure of entries block is documented below.
    extendedLog String
    Enable/disable extended logging. Valid values: enable, disable.
    filters List<Property Map>
    IPS sensor filter. The structure of filter block is documented below.
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    name String
    Sensor name.
    overrides List<Property Map>
    IPS override rule. The structure of override block is documented below.
    replacemsgGroup String
    Replacement message group.
    scanBotnetConnections String
    Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

    Supporting Types

    SensorEntry, SensorEntryArgs

    Action string
    Action taken with traffic in which signatures are detected. Valid values: pass, block, reset, default.
    Application string
    Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
    Cves List<Pulumiverse.Fortios.Ips.Inputs.SensorEntryCfe>
    List of CVE IDs of the signatures to add to the sensor The structure of cve block is documented below.
    DefaultAction string
    Signature default action filter. Valid values: all, pass, block.
    DefaultStatus string
    Signature default status filter. Valid values: all, enable, disable.
    ExemptIps List<Pulumiverse.Fortios.Ips.Inputs.SensorEntryExemptIp>
    Traffic from selected source or destination IP addresses is exempt from this signature. The structure of exempt_ip block is documented below.
    Id int
    Rule ID in IPS database (0 - 4294967295).
    LastModified string
    Filter by signature last modified date. Formats: before , after , between .
    Location string
    Protect client or server traffic.
    Log string
    Enable/disable logging of signatures included in filter. Valid values: disable, enable.
    LogAttackContext string
    Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable, enable.
    LogPacket string
    Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable, enable.
    Os string
    Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
    Protocol string
    Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
    Quarantine string
    Quarantine method. Valid values: none, attacker.
    QuarantineExpiry string
    Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
    QuarantineLog string
    Enable/disable quarantine logging. Valid values: disable, enable.
    RateCount int
    Count of the rate.
    RateDuration int
    Duration (sec) of the rate.
    RateMode string
    Rate limit mode. Valid values: periodical, continuous.
    RateTrack string
    Track the packet protocol field. Valid values: none, src-ip, dest-ip, dhcp-client-mac, dns-domain.
    Rules List<Pulumiverse.Fortios.Ips.Inputs.SensorEntryRule>
    Identifies the predefined or custom IPS signatures to add to the sensor. The structure of rule block is documented below.
    Severity string
    Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
    Status string
    Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable, enable, default.
    VulnTypes List<Pulumiverse.Fortios.Ips.Inputs.SensorEntryVulnType>
    List of signature vulnerability types to filter by. The structure of vuln_type block is documented below.
    Action string
    Action taken with traffic in which signatures are detected. Valid values: pass, block, reset, default.
    Application string
    Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
    Cves []SensorEntryCfe
    List of CVE IDs of the signatures to add to the sensor The structure of cve block is documented below.
    DefaultAction string
    Signature default action filter. Valid values: all, pass, block.
    DefaultStatus string
    Signature default status filter. Valid values: all, enable, disable.
    ExemptIps []SensorEntryExemptIp
    Traffic from selected source or destination IP addresses is exempt from this signature. The structure of exempt_ip block is documented below.
    Id int
    Rule ID in IPS database (0 - 4294967295).
    LastModified string
    Filter by signature last modified date. Formats: before , after , between .
    Location string
    Protect client or server traffic.
    Log string
    Enable/disable logging of signatures included in filter. Valid values: disable, enable.
    LogAttackContext string
    Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable, enable.
    LogPacket string
    Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable, enable.
    Os string
    Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
    Protocol string
    Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
    Quarantine string
    Quarantine method. Valid values: none, attacker.
    QuarantineExpiry string
    Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
    QuarantineLog string
    Enable/disable quarantine logging. Valid values: disable, enable.
    RateCount int
    Count of the rate.
    RateDuration int
    Duration (sec) of the rate.
    RateMode string
    Rate limit mode. Valid values: periodical, continuous.
    RateTrack string
    Track the packet protocol field. Valid values: none, src-ip, dest-ip, dhcp-client-mac, dns-domain.
    Rules []SensorEntryRule
    Identifies the predefined or custom IPS signatures to add to the sensor. The structure of rule block is documented below.
    Severity string
    Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
    Status string
    Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable, enable, default.
    VulnTypes []SensorEntryVulnType
    List of signature vulnerability types to filter by. The structure of vuln_type block is documented below.
    action String
    Action taken with traffic in which signatures are detected. Valid values: pass, block, reset, default.
    application String
    Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
    cves List<SensorEntryCfe>
    List of CVE IDs of the signatures to add to the sensor The structure of cve block is documented below.
    defaultAction String
    Signature default action filter. Valid values: all, pass, block.
    defaultStatus String
    Signature default status filter. Valid values: all, enable, disable.
    exemptIps List<SensorEntryExemptIp>
    Traffic from selected source or destination IP addresses is exempt from this signature. The structure of exempt_ip block is documented below.
    id Integer
    Rule ID in IPS database (0 - 4294967295).
    lastModified String
    Filter by signature last modified date. Formats: before , after , between .
    location String
    Protect client or server traffic.
    log String
    Enable/disable logging of signatures included in filter. Valid values: disable, enable.
    logAttackContext String
    Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable, enable.
    logPacket String
    Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable, enable.
    os String
    Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
    protocol String
    Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
    quarantine String
    Quarantine method. Valid values: none, attacker.
    quarantineExpiry String
    Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
    quarantineLog String
    Enable/disable quarantine logging. Valid values: disable, enable.
    rateCount Integer
    Count of the rate.
    rateDuration Integer
    Duration (sec) of the rate.
    rateMode String
    Rate limit mode. Valid values: periodical, continuous.
    rateTrack String
    Track the packet protocol field. Valid values: none, src-ip, dest-ip, dhcp-client-mac, dns-domain.
    rules List<SensorEntryRule>
    Identifies the predefined or custom IPS signatures to add to the sensor. The structure of rule block is documented below.
    severity String
    Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
    status String
    Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable, enable, default.
    vulnTypes List<SensorEntryVulnType>
    List of signature vulnerability types to filter by. The structure of vuln_type block is documented below.
    action string
    Action taken with traffic in which signatures are detected. Valid values: pass, block, reset, default.
    application string
    Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
    cves SensorEntryCfe[]
    List of CVE IDs of the signatures to add to the sensor The structure of cve block is documented below.
    defaultAction string
    Signature default action filter. Valid values: all, pass, block.
    defaultStatus string
    Signature default status filter. Valid values: all, enable, disable.
    exemptIps SensorEntryExemptIp[]
    Traffic from selected source or destination IP addresses is exempt from this signature. The structure of exempt_ip block is documented below.
    id number
    Rule ID in IPS database (0 - 4294967295).
    lastModified string
    Filter by signature last modified date. Formats: before , after , between .
    location string
    Protect client or server traffic.
    log string
    Enable/disable logging of signatures included in filter. Valid values: disable, enable.
    logAttackContext string
    Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable, enable.
    logPacket string
    Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable, enable.
    os string
    Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
    protocol string
    Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
    quarantine string
    Quarantine method. Valid values: none, attacker.
    quarantineExpiry string
    Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
    quarantineLog string
    Enable/disable quarantine logging. Valid values: disable, enable.
    rateCount number
    Count of the rate.
    rateDuration number
    Duration (sec) of the rate.
    rateMode string
    Rate limit mode. Valid values: periodical, continuous.
    rateTrack string
    Track the packet protocol field. Valid values: none, src-ip, dest-ip, dhcp-client-mac, dns-domain.
    rules SensorEntryRule[]
    Identifies the predefined or custom IPS signatures to add to the sensor. The structure of rule block is documented below.
    severity string
    Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
    status string
    Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable, enable, default.
    vulnTypes SensorEntryVulnType[]
    List of signature vulnerability types to filter by. The structure of vuln_type block is documented below.
    action str
    Action taken with traffic in which signatures are detected. Valid values: pass, block, reset, default.
    application str
    Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
    cves Sequence[SensorEntryCfe]
    List of CVE IDs of the signatures to add to the sensor The structure of cve block is documented below.
    default_action str
    Signature default action filter. Valid values: all, pass, block.
    default_status str
    Signature default status filter. Valid values: all, enable, disable.
    exempt_ips Sequence[SensorEntryExemptIp]
    Traffic from selected source or destination IP addresses is exempt from this signature. The structure of exempt_ip block is documented below.
    id int
    Rule ID in IPS database (0 - 4294967295).
    last_modified str
    Filter by signature last modified date. Formats: before , after , between .
    location str
    Protect client or server traffic.
    log str
    Enable/disable logging of signatures included in filter. Valid values: disable, enable.
    log_attack_context str
    Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable, enable.
    log_packet str
    Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable, enable.
    os str
    Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
    protocol str
    Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
    quarantine str
    Quarantine method. Valid values: none, attacker.
    quarantine_expiry str
    Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
    quarantine_log str
    Enable/disable quarantine logging. Valid values: disable, enable.
    rate_count int
    Count of the rate.
    rate_duration int
    Duration (sec) of the rate.
    rate_mode str
    Rate limit mode. Valid values: periodical, continuous.
    rate_track str
    Track the packet protocol field. Valid values: none, src-ip, dest-ip, dhcp-client-mac, dns-domain.
    rules Sequence[SensorEntryRule]
    Identifies the predefined or custom IPS signatures to add to the sensor. The structure of rule block is documented below.
    severity str
    Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
    status str
    Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable, enable, default.
    vuln_types Sequence[SensorEntryVulnType]
    List of signature vulnerability types to filter by. The structure of vuln_type block is documented below.
    action String
    Action taken with traffic in which signatures are detected. Valid values: pass, block, reset, default.
    application String
    Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
    cves List<Property Map>
    List of CVE IDs of the signatures to add to the sensor The structure of cve block is documented below.
    defaultAction String
    Signature default action filter. Valid values: all, pass, block.
    defaultStatus String
    Signature default status filter. Valid values: all, enable, disable.
    exemptIps List<Property Map>
    Traffic from selected source or destination IP addresses is exempt from this signature. The structure of exempt_ip block is documented below.
    id Number
    Rule ID in IPS database (0 - 4294967295).
    lastModified String
    Filter by signature last modified date. Formats: before , after , between .
    location String
    Protect client or server traffic.
    log String
    Enable/disable logging of signatures included in filter. Valid values: disable, enable.
    logAttackContext String
    Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable, enable.
    logPacket String
    Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable, enable.
    os String
    Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
    protocol String
    Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
    quarantine String
    Quarantine method. Valid values: none, attacker.
    quarantineExpiry String
    Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
    quarantineLog String
    Enable/disable quarantine logging. Valid values: disable, enable.
    rateCount Number
    Count of the rate.
    rateDuration Number
    Duration (sec) of the rate.
    rateMode String
    Rate limit mode. Valid values: periodical, continuous.
    rateTrack String
    Track the packet protocol field. Valid values: none, src-ip, dest-ip, dhcp-client-mac, dns-domain.
    rules List<Property Map>
    Identifies the predefined or custom IPS signatures to add to the sensor. The structure of rule block is documented below.
    severity String
    Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
    status String
    Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable, enable, default.
    vulnTypes List<Property Map>
    List of signature vulnerability types to filter by. The structure of vuln_type block is documented below.

    SensorEntryCfe, SensorEntryCfeArgs

    CveEntry string
    CVE IDs or CVE wildcards.
    CveEntry string
    CVE IDs or CVE wildcards.
    cveEntry String
    CVE IDs or CVE wildcards.
    cveEntry string
    CVE IDs or CVE wildcards.
    cve_entry str
    CVE IDs or CVE wildcards.
    cveEntry String
    CVE IDs or CVE wildcards.

    SensorEntryExemptIp, SensorEntryExemptIpArgs

    DstIp string
    Destination IP address and netmask.
    Id int
    Exempt IP ID.
    SrcIp string
    Source IP address and netmask.
    DstIp string
    Destination IP address and netmask.
    Id int
    Exempt IP ID.
    SrcIp string
    Source IP address and netmask.
    dstIp String
    Destination IP address and netmask.
    id Integer
    Exempt IP ID.
    srcIp String
    Source IP address and netmask.
    dstIp string
    Destination IP address and netmask.
    id number
    Exempt IP ID.
    srcIp string
    Source IP address and netmask.
    dst_ip str
    Destination IP address and netmask.
    id int
    Exempt IP ID.
    src_ip str
    Source IP address and netmask.
    dstIp String
    Destination IP address and netmask.
    id Number
    Exempt IP ID.
    srcIp String
    Source IP address and netmask.

    SensorEntryRule, SensorEntryRuleArgs

    Id int
    Rule IPS.
    Id int
    Rule IPS.
    id Integer
    Rule IPS.
    id number
    Rule IPS.
    id int
    Rule IPS.
    id Number
    Rule IPS.

    SensorEntryVulnType, SensorEntryVulnTypeArgs

    Id int
    Vulnerability type ID.
    Id int
    Vulnerability type ID.
    id Integer
    Vulnerability type ID.
    id number
    Vulnerability type ID.
    id int
    Vulnerability type ID.
    id Number
    Vulnerability type ID.

    SensorFilter, SensorFilterArgs

    Action string
    Action of selected rules. Valid values: pass, block, reset, default.
    Application string
    Vulnerable application filter.
    Location string
    Vulnerability location filter.
    Log string
    Enable/disable logging of selected rules. Valid values: disable, enable.
    LogPacket string
    Enable/disable packet logging of selected rules. Valid values: disable, enable.
    Name string
    Filter name.
    Os string
    Vulnerable OS filter.
    Protocol string
    Vulnerable protocol filter.
    Quarantine string
    Quarantine IP or interface. Valid values: none, attacker.
    QuarantineExpiry int
    Duration of quarantine in minute.
    QuarantineLog string
    Enable/disable logging of selected quarantine. Valid values: disable, enable.
    Severity string
    Vulnerability severity filter.
    Status string
    Selected rules status. Valid values: disable, enable, default.
    Action string
    Action of selected rules. Valid values: pass, block, reset, default.
    Application string
    Vulnerable application filter.
    Location string
    Vulnerability location filter.
    Log string
    Enable/disable logging of selected rules. Valid values: disable, enable.
    LogPacket string
    Enable/disable packet logging of selected rules. Valid values: disable, enable.
    Name string
    Filter name.
    Os string
    Vulnerable OS filter.
    Protocol string
    Vulnerable protocol filter.
    Quarantine string
    Quarantine IP or interface. Valid values: none, attacker.
    QuarantineExpiry int
    Duration of quarantine in minute.
    QuarantineLog string
    Enable/disable logging of selected quarantine. Valid values: disable, enable.
    Severity string
    Vulnerability severity filter.
    Status string
    Selected rules status. Valid values: disable, enable, default.
    action String
    Action of selected rules. Valid values: pass, block, reset, default.
    application String
    Vulnerable application filter.
    location String
    Vulnerability location filter.
    log String
    Enable/disable logging of selected rules. Valid values: disable, enable.
    logPacket String
    Enable/disable packet logging of selected rules. Valid values: disable, enable.
    name String
    Filter name.
    os String
    Vulnerable OS filter.
    protocol String
    Vulnerable protocol filter.
    quarantine String
    Quarantine IP or interface. Valid values: none, attacker.
    quarantineExpiry Integer
    Duration of quarantine in minute.
    quarantineLog String
    Enable/disable logging of selected quarantine. Valid values: disable, enable.
    severity String
    Vulnerability severity filter.
    status String
    Selected rules status. Valid values: disable, enable, default.
    action string
    Action of selected rules. Valid values: pass, block, reset, default.
    application string
    Vulnerable application filter.
    location string
    Vulnerability location filter.
    log string
    Enable/disable logging of selected rules. Valid values: disable, enable.
    logPacket string
    Enable/disable packet logging of selected rules. Valid values: disable, enable.
    name string
    Filter name.
    os string
    Vulnerable OS filter.
    protocol string
    Vulnerable protocol filter.
    quarantine string
    Quarantine IP or interface. Valid values: none, attacker.
    quarantineExpiry number
    Duration of quarantine in minute.
    quarantineLog string
    Enable/disable logging of selected quarantine. Valid values: disable, enable.
    severity string
    Vulnerability severity filter.
    status string
    Selected rules status. Valid values: disable, enable, default.
    action str
    Action of selected rules. Valid values: pass, block, reset, default.
    application str
    Vulnerable application filter.
    location str
    Vulnerability location filter.
    log str
    Enable/disable logging of selected rules. Valid values: disable, enable.
    log_packet str
    Enable/disable packet logging of selected rules. Valid values: disable, enable.
    name str
    Filter name.
    os str
    Vulnerable OS filter.
    protocol str
    Vulnerable protocol filter.
    quarantine str
    Quarantine IP or interface. Valid values: none, attacker.
    quarantine_expiry int
    Duration of quarantine in minute.
    quarantine_log str
    Enable/disable logging of selected quarantine. Valid values: disable, enable.
    severity str
    Vulnerability severity filter.
    status str
    Selected rules status. Valid values: disable, enable, default.
    action String
    Action of selected rules. Valid values: pass, block, reset, default.
    application String
    Vulnerable application filter.
    location String
    Vulnerability location filter.
    log String
    Enable/disable logging of selected rules. Valid values: disable, enable.
    logPacket String
    Enable/disable packet logging of selected rules. Valid values: disable, enable.
    name String
    Filter name.
    os String
    Vulnerable OS filter.
    protocol String
    Vulnerable protocol filter.
    quarantine String
    Quarantine IP or interface. Valid values: none, attacker.
    quarantineExpiry Number
    Duration of quarantine in minute.
    quarantineLog String
    Enable/disable logging of selected quarantine. Valid values: disable, enable.
    severity String
    Vulnerability severity filter.
    status String
    Selected rules status. Valid values: disable, enable, default.

    SensorOverride, SensorOverrideArgs

    Action string
    Action of override rule. Valid values: pass, block, reset.
    ExemptIps List<Pulumiverse.Fortios.Ips.Inputs.SensorOverrideExemptIp>
    Exempted IP. The structure of exempt_ip block is documented below.
    Log string
    Enable/disable logging. Valid values: disable, enable.
    LogPacket string
    Enable/disable packet logging. Valid values: disable, enable.
    Quarantine string
    Quarantine IP or interface. Valid values: none, attacker.
    QuarantineExpiry int
    Duration of quarantine in minute.
    QuarantineLog string
    Enable/disable logging of selected quarantine. Valid values: disable, enable.
    RuleId int
    Override rule ID.
    Status string
    Enable/disable status of override rule. Valid values: disable, enable.
    Action string
    Action of override rule. Valid values: pass, block, reset.
    ExemptIps []SensorOverrideExemptIp
    Exempted IP. The structure of exempt_ip block is documented below.
    Log string
    Enable/disable logging. Valid values: disable, enable.
    LogPacket string
    Enable/disable packet logging. Valid values: disable, enable.
    Quarantine string
    Quarantine IP or interface. Valid values: none, attacker.
    QuarantineExpiry int
    Duration of quarantine in minute.
    QuarantineLog string
    Enable/disable logging of selected quarantine. Valid values: disable, enable.
    RuleId int
    Override rule ID.
    Status string
    Enable/disable status of override rule. Valid values: disable, enable.
    action String
    Action of override rule. Valid values: pass, block, reset.
    exemptIps List<SensorOverrideExemptIp>
    Exempted IP. The structure of exempt_ip block is documented below.
    log String
    Enable/disable logging. Valid values: disable, enable.
    logPacket String
    Enable/disable packet logging. Valid values: disable, enable.
    quarantine String
    Quarantine IP or interface. Valid values: none, attacker.
    quarantineExpiry Integer
    Duration of quarantine in minute.
    quarantineLog String
    Enable/disable logging of selected quarantine. Valid values: disable, enable.
    ruleId Integer
    Override rule ID.
    status String
    Enable/disable status of override rule. Valid values: disable, enable.
    action string
    Action of override rule. Valid values: pass, block, reset.
    exemptIps SensorOverrideExemptIp[]
    Exempted IP. The structure of exempt_ip block is documented below.
    log string
    Enable/disable logging. Valid values: disable, enable.
    logPacket string
    Enable/disable packet logging. Valid values: disable, enable.
    quarantine string
    Quarantine IP or interface. Valid values: none, attacker.
    quarantineExpiry number
    Duration of quarantine in minute.
    quarantineLog string
    Enable/disable logging of selected quarantine. Valid values: disable, enable.
    ruleId number
    Override rule ID.
    status string
    Enable/disable status of override rule. Valid values: disable, enable.
    action str
    Action of override rule. Valid values: pass, block, reset.
    exempt_ips Sequence[SensorOverrideExemptIp]
    Exempted IP. The structure of exempt_ip block is documented below.
    log str
    Enable/disable logging. Valid values: disable, enable.
    log_packet str
    Enable/disable packet logging. Valid values: disable, enable.
    quarantine str
    Quarantine IP or interface. Valid values: none, attacker.
    quarantine_expiry int
    Duration of quarantine in minute.
    quarantine_log str
    Enable/disable logging of selected quarantine. Valid values: disable, enable.
    rule_id int
    Override rule ID.
    status str
    Enable/disable status of override rule. Valid values: disable, enable.
    action String
    Action of override rule. Valid values: pass, block, reset.
    exemptIps List<Property Map>
    Exempted IP. The structure of exempt_ip block is documented below.
    log String
    Enable/disable logging. Valid values: disable, enable.
    logPacket String
    Enable/disable packet logging. Valid values: disable, enable.
    quarantine String
    Quarantine IP or interface. Valid values: none, attacker.
    quarantineExpiry Number
    Duration of quarantine in minute.
    quarantineLog String
    Enable/disable logging of selected quarantine. Valid values: disable, enable.
    ruleId Number
    Override rule ID.
    status String
    Enable/disable status of override rule. Valid values: disable, enable.

    SensorOverrideExemptIp, SensorOverrideExemptIpArgs

    DstIp string
    Destination IP address and netmask.
    Id int
    Exempt IP ID.
    SrcIp string
    Source IP address and netmask.
    DstIp string
    Destination IP address and netmask.
    Id int
    Exempt IP ID.
    SrcIp string
    Source IP address and netmask.
    dstIp String
    Destination IP address and netmask.
    id Integer
    Exempt IP ID.
    srcIp String
    Source IP address and netmask.
    dstIp string
    Destination IP address and netmask.
    id number
    Exempt IP ID.
    srcIp string
    Source IP address and netmask.
    dst_ip str
    Destination IP address and netmask.
    id int
    Exempt IP ID.
    src_ip str
    Source IP address and netmask.
    dstIp String
    Destination IP address and netmask.
    id Number
    Exempt IP ID.
    srcIp String
    Source IP address and netmask.

    Import

    Ips Sensor can be imported using any of these accepted formats:

    $ pulumi import fortios:ips/sensor:Sensor labelname {{name}}
    

    If you do not want to import arguments of block:

    $ export “FORTIOS_IMPORT_TABLE”=“false”

    $ pulumi import fortios:ips/sensor:Sensor labelname {{name}}
    

    $ unset “FORTIOS_IMPORT_TABLE”

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    fortios pulumiverse/pulumi-fortios
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the fortios Terraform Provider.
    fortios logo
    Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse