Hi there, I wanted to build an Ansible playbook to ensure a basic configuration of security gateways. I'm using API version 2.0.1 (R82 JHF Take 91). I started with the "cp_mgmt_simple_gateway" module like in the example below, but stumbled over the missing "log_settings" option "distribute_logs_between_all_active_servers".
Here is the playbook example:
- name: set-simple-gateway
check_point.mgmt.cp_mgmt_simple_gateway:
name: T-SGW1
firewall: True
send_alerts_to_server:
- T-LOG1
- T-LOG2
send_logs_to_backup_server:
- T-SMS1
- T-SMS2
save_logs_locally: False
logs_settings:
distribute_logs_between_all_active_servers: True
Here is the according error message:
fatal: [T-SMS1]: FAILED! => {"changed": false, "msg": "Unsupported parameters for (check_point.mgmt.cp_mgmt_simple_gateway) module: logs_settings.distribute_logs_between_all_active_servers. Supported parameters include: alert_when_free_disk_space_below, alert_when_free_disk_space_below_threshold, alert_when_free_disk_space_below_type, before_delete_keep_logs_from_the_last_days, before_delete_keep_logs_from_the_last_days_threshold, before_delete_run_script, before_delete_run_script_command, delete_index_files_older_than_days, delete_index_files_older_than_days_threshold, delete_index_files_when_index_size_above, delete_index_files_when_index_size_above_threshold, delete_when_free_disk_space_below, delete_when_free_disk_space_below_threshold, detect_new_citrix_ica_application_names, forward_logs_to_log_server, forward_logs_to_log_server_name, forward_logs_to_log_server_schedule_name, free_disk_space_metrics, perform_log_rotate_before_log_forwarding, reject_connections_when_free_disk_space_below_threshold, reserve_for_packet_capture_metrics, reserve_for_packet_capture_threshold, rotate_log_by_file_size, rotate_log_file_size_threshold, rotate_log_on_schedule, rotate_log_schedule_name, stop_logging_when_free_disk_space_below, stop_logging_when_free_disk_space_below_threshold, turn_on_qos_logging, update_account_log_every."}
When using the "cp_mgmt_simple_gateway_facts" module to check the settings, the option is there as you can see from the output below:
"logs-settings": {
"alert-when-free-disk-space-below": true,
"alert-when-free-disk-space-below-metrics": "mbytes",
"alert-when-free-disk-space-below-threshold": 20,
"alert-when-free-disk-space-below-type": "popup alert",
"before-delete-keep-logs-from-the-last-days": false,
"before-delete-keep-logs-from-the-last-days-threshold": 3664,
"before-delete-run-script": false,
"before-delete-run-script-command": "",
"delete-index-files-older-than-days": false,
"delete-index-files-older-than-days-threshold": 14,
"delete-index-files-when-index-size-above": false,
"delete-index-files-when-index-size-above-metrics": "mbytes",
"delete-index-files-when-index-size-above-threshold": 100000,
"delete-when-free-disk-space-below": true,
"delete-when-free-disk-space-below-metrics": "mbytes",
"delete-when-free-disk-space-below-threshold": 5000,
"detect-new-citrix-ica-application-names": false,
"distribute-logs-between-all-active-servers": true,
"forward-logs-to-log-server": true,
"forward-logs-to-log-server-name": "T-LOG1",
"forward-logs-to-log-server-schedule-name": "Midnight",
"perform-log-rotate-before-log-forwarding": false,
It would be great to reflect all the configuration settings from the API documentation for set-simple-gateway in the Ansible collection.
Hi there, I wanted to build an Ansible playbook to ensure a basic configuration of security gateways. I'm using API version 2.0.1 (R82 JHF Take 91). I started with the "cp_mgmt_simple_gateway" module like in the example below, but stumbled over the missing "log_settings" option "distribute_logs_between_all_active_servers".
Here is the playbook example:
Here is the according error message:
fatal: [T-SMS1]: FAILED! => {"changed": false, "msg": "Unsupported parameters for (check_point.mgmt.cp_mgmt_simple_gateway) module: logs_settings.distribute_logs_between_all_active_servers. Supported parameters include: alert_when_free_disk_space_below, alert_when_free_disk_space_below_threshold, alert_when_free_disk_space_below_type, before_delete_keep_logs_from_the_last_days, before_delete_keep_logs_from_the_last_days_threshold, before_delete_run_script, before_delete_run_script_command, delete_index_files_older_than_days, delete_index_files_older_than_days_threshold, delete_index_files_when_index_size_above, delete_index_files_when_index_size_above_threshold, delete_when_free_disk_space_below, delete_when_free_disk_space_below_threshold, detect_new_citrix_ica_application_names, forward_logs_to_log_server, forward_logs_to_log_server_name, forward_logs_to_log_server_schedule_name, free_disk_space_metrics, perform_log_rotate_before_log_forwarding, reject_connections_when_free_disk_space_below_threshold, reserve_for_packet_capture_metrics, reserve_for_packet_capture_threshold, rotate_log_by_file_size, rotate_log_file_size_threshold, rotate_log_on_schedule, rotate_log_schedule_name, stop_logging_when_free_disk_space_below, stop_logging_when_free_disk_space_below_threshold, turn_on_qos_logging, update_account_log_every."}When using the "cp_mgmt_simple_gateway_facts" module to check the settings, the option is there as you can see from the output below:
It would be great to reflect all the configuration settings from the API documentation for set-simple-gateway in the Ansible collection.