panos_facts – Collects facts from Palo Alto Networks device¶
New in version 2.8.
Synopsis¶
NOTE: The modules in this role are deprecated in favour of the modules in the collection https://paloaltonetworks.github.io/pan-os-ansible
Collects fact information from Palo Alto Networks firewall running PanOS.
Requirements¶
The below requirements are needed on the host that executes this module.
pan-python
Parameters¶
| Parameter | Choices/Defaults | Comments | |
|---|---|---|---|
|
api_key
string
|
Deprecated
Use provider to specify PAN-OS connectivity instead.
The API key to use instead of generating it using username / password.
|
||
|
gather_subset
-
|
Default: ["!config"]
|
Scopes what information is gathered from the device. Possible values for this argument include all, system, session, interfaces, ha, routing, vr, vsys and config. You can specify a list of values to include a larger subset. Values can also be used with an initial ! to specify that a specific subset should not be collected. Certain subsets might be supported by Panorama.
|
|
|
host
-
|
Removed
Use provider instead.
|
||
|
ip_address
string
|
Deprecated
Use provider to specify PAN-OS connectivity instead.
The IP address or hostname of the PAN-OS device being configured.
|
||
|
password
string
|
Deprecated
Use provider to specify PAN-OS connectivity instead.
The password to use for authentication. This is ignored if api_key is specified.
|
||
|
port
integer
|
Default: 443
|
Deprecated
Use provider to specify PAN-OS connectivity instead.
The port number to connect to the PAN-OS device on.
|
|
|
provider
-
added in 2.8 |
A dict object containing connection details.
|
||
|
api_key
string
|
The API key to use instead of generating it using username / password.
|
||
|
ip_address
string
|
The IP address or hostname of the PAN-OS device being configured.
|
||
|
password
string
|
The password to use for authentication. This is ignored if api_key is specified.
|
||
|
port
integer
|
Default: 443
|
The port number to connect to the PAN-OS device on.
|
|
|
serial_number
string
|
The serial number of a firewall to use for targeted commands. If ip_address is not a Panorama PAN-OS device, then this param is ignored.
|
||
|
username
string
|
Default: "admin"
|
The username to use for authentication. This is ignored if api_key is specified.
|
|
|
username
string
|
Default: "admin"
|
Deprecated
Use provider to specify PAN-OS connectivity instead.
The username to use for authentication. This is ignored if api_key is specified.
|
|
Notes¶
Note
Tested on PanOS 8.0.5
Checkmode is not supported.
Panorama is not supported.
PAN-OS connectivity should be specified using provider or the classic PAN-OS connectivity params (ip_address, username, password, api_key, and port). If both are present, then the classic params are ignored.
Examples¶
# Gather facts
- name: Get facts
panos_facts:
provider: '{{ provider }}'
gather_subset: ['config']
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | |
|---|---|---|---|
|
ansible_net_config
string
|
When config is specified in gather_subset. |
Device confiration in XML format.
|
|
|
ansible_net_full_commit_required
boolean
|
When system is specified in gather_subset. |
Specifies whether full commit is required to apply changes.
|
|
|
ansible_net_ha_enabled
boolean
|
When ha is specified in gather_subset. |
Specifies whether HA is enabled or not.
|
|
|
ansible_net_ha_localmode
string
|
When ha is specified in gather_subset. |
Specifies the HA mode on local node.
Sample:
Active-Passive
|
|
|
ansible_net_ha_localstate
string
|
When ha is specified in gather_subset. |
Specifies the HA state on local node.
Sample:
active
|
|
|
ansible_net_hostname
string
|
When system is specified in gather_subset. |
Hostname of the local node.
|
|
|
ansible_net_interfaces
complex
|
When interface is specified in gather_subset. |
Network interface information.
|
|
|
comment
string
|
Interface description/comment.
|
||
|
ip
list
|
List of interface IP addresses in CIDR format.
Sample:
192.0.2.1/24
|
||
|
ipv6
list
|
List of interface IPv6 addresses in CIDR format.
Sample:
2001:db8::0000:1/64
|
||
|
name
string
|
Interface name.
Sample:
ae1.23
|
||
|
tag
integer
|
VLAN tag for the subinterface.
Sample:
23
|
||
|
ansible_net_kbps
integer
|
When session is specified in gather_subset. |
Current kb/s throughput.
|
|
|
ansible_net_model
string
|
When system is specified in gather_subset. |
Device model of the local node.
|
|
|
ansible_net_multivsys
string
|
When system is specified in gather_subset. |
Specifies whether multivsys mode is enabled on local node.
Sample:
True
|
|
|
ansible_net_pps
integer
|
When session is specified in gather_subset. |
Current packets/s throughput.
|
|
|
ansible_net_routing_table
complex
|
When routing is specified in gather_subset. |
Routing Table information.
|
|
|
age
string
|
Age of the route entry in the routing table.
|
||
|
destination
string
|
IP prefix of the destination.
|
||
|
flags
string
|
Flags for the route entry in the routing table.
|
||
|
interface
string
|
Egress interface the router will use to reach the next hop.
|
||
|
metric
string
|
Metric for the route.
|
||
|
nexthop
string
|
Address of the device at the next hop toward the destination network.
|
||
|
route_table
string
|
Unicast or multicast route table.
|
||
|
virtual_router
string
|
Virtual router the route belongs to.
|
||
|
ansible_net_serial
string
|
When system is specified in gather_subset. |
Serial number of the local node.
|
|
|
ansible_net_session_max
integer
|
When session is specified in gather_subset. |
Maximum number of sessions on local node.
|
|
|
ansible_net_session_usage
integer
|
When session is specified in gather_subset. |
Current number of active sessions on local node
|
|
|
ansible_net_uncommitted_changes
boolean
|
When system is specified in gather_subset. |
Specifies if commit is required to apply changes.
|
|
|
ansible_net_uptime
string
|
When system is specified in gather_subset. |
Uptime of the local node.
Sample:
469 days, 19:30:16
|
|
|
ansible_net_version
string
|
When system is specified in gather_subset. |
PanOS version of the local node.
|
|
|
ansible_net_virtual_routers
complex
|
When vr is specified in gather_subset. |
Virtual Router information.
|
|
|
vr_asn
integer
|
BGP autonomous system number.
Sample:
65001
|
||
|
vr_iflist
list
|
List interfaces in the VR.
Sample:
['ae2.12', 'ae2.14']
|
||
|
vr_name
string
|
Name of the virtual router.
|
||
|
vr_routerid
string
|
BGP router ID.
Sample:
192.0.2.1
|
||
|
ansible_net_virtual_systems
complex
|
When vsys is specified in gather_subset. |
Virtual System information.
|
|
|
vsys_currentsessions
integer
|
Number of active sessions on VSYS.
|
||
|
vsys_description
string
|
VSYS description/name.
|
||
|
vsys_id
integer
|
VSYS ID.
|
||
|
vsys_iflist
list
|
List of interfaces attached to the VSYS.
|
||
|
vsys_name
integer
|
VSYS name.
Sample:
vsys1
|
||
|
vsys_vrlist
list
|
List of virtual routers attached to the VSYS.
|
||
|
vsys_vsys_maxsessions
integer
|
Number of configured maximum sessions on VSYS. 0 for unlimited.
|
||
|
vsys_zonelist
list
|
List of security zones attached to the VSYS.
|
||
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Community.