 
    New in version 2.8.
The below requirements are needed on the host that executes this module.
| Parameter | Choices/Defaults | Comments | ||
|---|---|---|---|---|
| antivirus_profile 
                    -
                                         | Default: null | Configure AntiVirus profiles. | ||
| analytics-bl-filetype 
                    -
                                         | Only submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id. | |||
| analytics-db 
                    -
                                         | 
 | Enable/disable using the FortiSandbox signature database to supplement the AV signature databases. | ||
| analytics-max-upload 
                    -
                                         | Maximum size of files that can be uploaded to FortiSandbox (1 - 395 MBytes, default = 10). | |||
| analytics-wl-filetype 
                    -
                                         | Do not submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id. | |||
| av-block-log 
                    -
                                         | 
 | Enable/disable logging for AntiVirus file blocking. | ||
| av-virus-log 
                    -
                                         | 
 | Enable/disable AntiVirus logging. | ||
| comment 
                    -
                                         | Comment. | |||
| content-disarm 
                    -
                                         | AV Content Disarm and Reconstruction settings. | |||
| cover-page 
                    -
                                         | 
 | Enable/disable inserting a cover page into the disarmed document. | ||
| detect-only 
                    -
                                         | 
 | Enable/disable only detect disarmable files, do not alter content. | ||
| office-embed 
                    -
                                         | 
 | Enable/disable stripping of embedded objects in Microsoft Office documents. | ||
| office-hylink 
                    -
                                         | 
 | Enable/disable stripping of hyperlinks in Microsoft Office documents. | ||
| office-linked 
                    -
                                         | 
 | Enable/disable stripping of linked objects in Microsoft Office documents. | ||
| office-macro 
                    -
                                         | 
 | Enable/disable stripping of macros in Microsoft Office documents. | ||
| original-file-destination 
                    -
                                         | 
 | Destination to send original file if active content is removed. | ||
| pdf-act-form 
                    -
                                         | 
 | Enable/disable stripping of actions that submit data to other targets in PDF documents. | ||
| pdf-act-gotor 
                    -
                                         | 
 | Enable/disable stripping of links to other PDFs in PDF documents. | ||
| pdf-act-java 
                    -
                                         | 
 | Enable/disable stripping of actions that execute JavaScript code in PDF documents. | ||
| pdf-act-launch 
                    -
                                         | 
 | Enable/disable stripping of links to external applications in PDF documents. | ||
| pdf-act-movie 
                    -
                                         | 
 | Enable/disable stripping of embedded movies in PDF documents. | ||
| pdf-act-sound 
                    -
                                         | 
 | Enable/disable stripping of embedded sound files in PDF documents. | ||
| pdf-embedfile 
                    -
                                         | 
 | Enable/disable stripping of embedded files in PDF documents. | ||
| pdf-hyperlink 
                    -
                                         | 
 | Enable/disable stripping of hyperlinks from PDF documents. | ||
| pdf-javacode 
                    -
                                         | 
 | Enable/disable stripping of JavaScript code in PDF documents. | ||
| extended-log 
                    -
                                         | 
 | Enable/disable extended logging for antivirus. | ||
| ftgd-analytics 
                    -
                                         | 
 | Settings to control which files are uploaded to FortiSandbox. | ||
| ftp 
                    -
                                         | Configure FTP AntiVirus options. | |||
| archive-block 
                    -
                                         | 
 | Select the archive types to block. | ||
| archive-log 
                    -
                                         | 
 | Select the archive types to log. | ||
| emulator 
                    -
                                         | 
 | Enable/disable the virus emulator. | ||
| options 
                    -
                                         | 
 | Enable/disable FTP AntiVirus scanning, monitoring, and quarantine. | ||
| outbreak-prevention 
                    -
                                         | 
 | Enable FortiGuard Virus Outbreak Prevention service. | ||
| http 
                    -
                                         | Configure HTTP AntiVirus options. | |||
| archive-block 
                    -
                                         | 
 | Select the archive types to block. | ||
| archive-log 
                    -
                                         | 
 | Select the archive types to log. | ||
| content-disarm 
                    -
                                         | 
 | Enable Content Disarm and Reconstruction for this protocol. | ||
| emulator 
                    -
                                         | 
 | Enable/disable the virus emulator. | ||
| options 
                    -
                                         | 
 | Enable/disable HTTP AntiVirus scanning, monitoring, and quarantine. | ||
| outbreak-prevention 
                    -
                                         | 
 | Enable FortiGuard Virus Outbreak Prevention service. | ||
| imap 
                    -
                                         | Configure IMAP AntiVirus options. | |||
| archive-block 
                    -
                                         | 
 | Select the archive types to block. | ||
| archive-log 
                    -
                                         | 
 | Select the archive types to log. | ||
| content-disarm 
                    -
                                         | 
 | Enable Content Disarm and Reconstruction for this protocol. | ||
| emulator 
                    -
                                         | 
 | Enable/disable the virus emulator. | ||
| executables 
                    -
                                         | 
 | Treat Windows executable files as viruses for the purpose of blocking or monitoring. | ||
| options 
                    -
                                         | 
 | Enable/disable IMAP AntiVirus scanning, monitoring, and quarantine. | ||
| outbreak-prevention 
                    -
                                         | 
 | Enable FortiGuard Virus Outbreak Prevention service. | ||
| inspection-mode 
                    -
                                         | 
 | Inspection mode. | ||
| mapi 
                    -
                                         | Configure MAPI AntiVirus options. | |||
| archive-block 
                    -
                                         | 
 | Select the archive types to block. | ||
| archive-log 
                    -
                                         | 
 | Select the archive types to log. | ||
| emulator 
                    -
                                         | 
 | Enable/disable the virus emulator. | ||
| executables 
                    -
                                         | 
 | Treat Windows executable files as viruses for the purpose of blocking or monitoring. | ||
| options 
                    -
                                         | 
 | Enable/disable MAPI AntiVirus scanning, monitoring, and quarantine. | ||
| outbreak-prevention 
                    -
                                         | 
 | Enable FortiGuard Virus Outbreak Prevention service. | ||
| mobile-malware-db 
                    -
                                         | 
 | Enable/disable using the mobile malware signature database. | ||
| nac-quar 
                    -
                                         | Configure AntiVirus quarantine settings. | |||
| expiry 
                    -
                                         | Duration of quarantine. | |||
| infected 
                    -
                                         | 
 | Enable/Disable quarantining infected hosts to the banned user list. | ||
| log 
                    -
                                         | 
 | Enable/disable AntiVirus quarantine logging. | ||
| name 
                    -
                     / required                     | Profile name. | |||
| nntp 
                    -
                                         | Configure NNTP AntiVirus options. | |||
| archive-block 
                    -
                                         | 
 | Select the archive types to block. | ||
| archive-log 
                    -
                                         | 
 | Select the archive types to log. | ||
| emulator 
                    -
                                         | 
 | Enable/disable the virus emulator. | ||
| options 
                    -
                                         | 
 | Enable/disable NNTP AntiVirus scanning, monitoring, and quarantine. | ||
| outbreak-prevention 
                    -
                                         | 
 | Enable FortiGuard Virus Outbreak Prevention service. | ||
| pop3 
                    -
                                         | Configure POP3 AntiVirus options. | |||
| archive-block 
                    -
                                         | 
 | Select the archive types to block. | ||
| archive-log 
                    -
                                         | 
 | Select the archive types to log. | ||
| content-disarm 
                    -
                                         | 
 | Enable Content Disarm and Reconstruction for this protocol. | ||
| emulator 
                    -
                                         | 
 | Enable/disable the virus emulator. | ||
| executables 
                    -
                                         | 
 | Treat Windows executable files as viruses for the purpose of blocking or monitoring. | ||
| options 
                    -
                                         | 
 | Enable/disable POP3 AntiVirus scanning, monitoring, and quarantine. | ||
| outbreak-prevention 
                    -
                                         | 
 | Enable FortiGuard Virus Outbreak Prevention service. | ||
| replacemsg-group 
                    -
                                         | Replacement message group customized for this profile. Source system.replacemsg-group.name. | |||
| scan-mode 
                    -
                                         | 
 | Choose between full scan mode and quick scan mode. | ||
| smb 
                    -
                                         | Configure SMB AntiVirus options. | |||
| archive-block 
                    -
                                         | 
 | Select the archive types to block. | ||
| archive-log 
                    -
                                         | 
 | Select the archive types to log. | ||
| emulator 
                    -
                                         | 
 | Enable/disable the virus emulator. | ||
| options 
                    -
                                         | 
 | Enable/disable SMB AntiVirus scanning, monitoring, and quarantine. | ||
| outbreak-prevention 
                    -
                                         | 
 | Enable FortiGuard Virus Outbreak Prevention service. | ||
| smtp 
                    -
                                         | Configure SMTP AntiVirus options. | |||
| archive-block 
                    -
                                         | 
 | Select the archive types to block. | ||
| archive-log 
                    -
                                         | 
 | Select the archive types to log. | ||
| content-disarm 
                    -
                                         | 
 | Enable Content Disarm and Reconstruction for this protocol. | ||
| emulator 
                    -
                                         | 
 | Enable/disable the virus emulator. | ||
| executables 
                    -
                                         | 
 | Treat Windows executable files as viruses for the purpose of blocking or monitoring. | ||
| options 
                    -
                                         | 
 | Enable/disable SMTP AntiVirus scanning, monitoring, and quarantine. | ||
| outbreak-prevention 
                    -
                                         | 
 | Enable FortiGuard Virus Outbreak Prevention service. | ||
| state 
                    -
                                         | 
 | Indicates whether to create or remove the object | ||
| host 
                    -
                     / required                     | FortiOS or FortiGate ip address. | |||
| https 
                    boolean
                                         | 
 | Indicates if the requests towards FortiGate must use HTTPS protocol | ||
| password 
                    -
                                         | Default: "" | FortiOS or FortiGate password. | ||
| username 
                    -
                     / required                     | FortiOS or FortiGate username. | |||
| vdom 
                    -
                                         | Default: "root" | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. | ||
Note
- hosts: localhost
  vars:
   host: "192.168.122.40"
   username: "admin"
   password: ""
   vdom: "root"
  tasks:
  - name: Configure AntiVirus profiles.
    fortios_antivirus_profile:
      host:  "{{ host }}"
      username: "{{ username }}"
      password: "{{ password }}"
      vdom:  "{{ vdom }}"
      antivirus_profile:
        state: "present"
        analytics-bl-filetype: "3 (source dlp.filepattern.id)"
        analytics-db: "disable"
        analytics-max-upload: "5"
        analytics-wl-filetype: "6 (source dlp.filepattern.id)"
        av-block-log: "enable"
        av-virus-log: "enable"
        comment: "Comment."
        content-disarm:
            cover-page: "disable"
            detect-only: "disable"
            office-embed: "disable"
            office-hylink: "disable"
            office-linked: "disable"
            office-macro: "disable"
            original-file-destination: "fortisandbox"
            pdf-act-form: "disable"
            pdf-act-gotor: "disable"
            pdf-act-java: "disable"
            pdf-act-launch: "disable"
            pdf-act-movie: "disable"
            pdf-act-sound: "disable"
            pdf-embedfile: "disable"
            pdf-hyperlink: "disable"
            pdf-javacode: "disable"
        extended-log: "enable"
        ftgd-analytics: "disable"
        ftp:
            archive-block: "encrypted"
            archive-log: "encrypted"
            emulator: "enable"
            options: "scan"
            outbreak-prevention: "disabled"
        http:
            archive-block: "encrypted"
            archive-log: "encrypted"
            content-disarm: "disable"
            emulator: "enable"
            options: "scan"
            outbreak-prevention: "disabled"
        imap:
            archive-block: "encrypted"
            archive-log: "encrypted"
            content-disarm: "disable"
            emulator: "enable"
            executables: "default"
            options: "scan"
            outbreak-prevention: "disabled"
        inspection-mode: "proxy"
        mapi:
            archive-block: "encrypted"
            archive-log: "encrypted"
            emulator: "enable"
            executables: "default"
            options: "scan"
            outbreak-prevention: "disabled"
        mobile-malware-db: "disable"
        nac-quar:
            expiry: "<your_own_value>"
            infected: "none"
            log: "enable"
        name: "default_name_63"
        nntp:
            archive-block: "encrypted"
            archive-log: "encrypted"
            emulator: "enable"
            options: "scan"
            outbreak-prevention: "disabled"
        pop3:
            archive-block: "encrypted"
            archive-log: "encrypted"
            content-disarm: "disable"
            emulator: "enable"
            executables: "default"
            options: "scan"
            outbreak-prevention: "disabled"
        replacemsg-group: "<your_own_value> (source system.replacemsg-group.name)"
        scan-mode: "quick"
        smb:
            archive-block: "encrypted"
            archive-log: "encrypted"
            emulator: "enable"
            options: "scan"
            outbreak-prevention: "disabled"
        smtp:
            archive-block: "encrypted"
            archive-log: "encrypted"
            content-disarm: "disable"
            emulator: "enable"
            executables: "default"
            options: "scan"
            outbreak-prevention: "disabled"
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | 
|---|---|---|
| build string | always | Build number of the fortigate image Sample: 1547 | 
| http_method string | always | Last method used to provision the content into FortiGate Sample: PUT | 
| http_status string | always | Last result given by FortiGate on last operation applied Sample: 200 | 
| mkey string | success | Master key (id) used in the last call to FortiGate Sample: id | 
| name string | always | Name of the table used to fulfill the request Sample: urlfilter | 
| path string | always | Path of the table used to fulfill the request Sample: webfilter | 
| revision string | always | Internal revision number Sample: 17.0.2.10658 | 
| serial string | always | Serial number of the unit Sample: FGVMEVYYQT3AB5352 | 
| status string | always | Indication of the operation's result Sample: success | 
| vdom string | always | Virtual domain used Sample: root | 
| version string | always | Version of the FortiGate Sample: v5.6.3 | 
Hint
If you notice any issues in this documentation you can edit this document to improve it.