Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.0.6
Download PDF
Copy Link

system automation-action

Use this command to define the action type taken for user-defined automation stitches in the Security Fabric.

When certain triggers or events takes place in the Security Fabric, predefined actions can be carried out through the use of stitches. The actions can be executed in the Security Fabric root FortiGate, or relayed to the downstream FortiGates.

History

The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.1.

Command Description

set delay <seconds>

set required {enable | disable}

Enable or disable (by default) the chaining of actions until the previous action has finished. Once enabled, set the delay in seconds between these actions. Set the delay range between 0-3600 (or no delay to one hour).

Note that delay and required are only available when action-type is set to either aws-lambda or webhook.

The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.

Command Description

config system automation-action

New config command.

Define the action type taken for user-defined automation stitches.

config system automation-action
    edit {name}
    # Action for automation stitches.
        set name {string}   Name. size[64]
        set action-type {option}   Action type.
                email                   Send notification email.
                ios-notification        Send push notification to FortiExplorer iOS.
                alert                   Generate FortiOS dashboard alert.
                disable-ssid            Disable interface.
                quarantine              Quarantine host.
                quarantine-forticlient  Quarantine FortiClient by EMS.
                ban-ip                  Ban IP address.
                aws-lambda              Send log data to integrated AWS service.
                webhook                 Send an HTTP request.
        config email-to
            edit {name}
            # Email addresses.
                set name {string}   Email address. size[255]
            next
        set email-subject {string}   Email subject. size[511]
        set minimum-interval {integer}   Limit execution to no more than once in this interval (in seconds). range[0-2592000]
        set delay {integer}   Delay before execution (in seconds). range[0-3600]
        set required {enable | disable}   Required in action chain.
        set aws-api-id {string}   AWS API Gateway ID. size[35]
        set aws-region {string}   AWS region. size[35]
        set aws-domain {string}   AWS domain. size[63]
        set aws-api-stage {string}   AWS API Gateway deployment stage name. size[63]
        set aws-api-path {string}   AWS API Gateway path. size[63]
        set aws-api-key {string}   AWS API Gateway API key. size[127]
        set protocol {http | https}   Request protocol.
                http   HTTP.
                https  HTTPS.
        set method {post | put | get}   Request method (GET, POST or PUT).
                post  POST.
                put   PUT.
                get   GET.
        set uri {string}   Request API URI. size[255]
        set http-body {string}   Request body (if necessary). Should be serialized json string. size[1023]
        set port {integer}   Protocol port. range[1-65535]
        config headers
            edit {header}
            # Request headers.
                set header {string}   Request header. size[255]
            next
    next
end

system automation-action

Use this command to define the action type taken for user-defined automation stitches in the Security Fabric.

When certain triggers or events takes place in the Security Fabric, predefined actions can be carried out through the use of stitches. The actions can be executed in the Security Fabric root FortiGate, or relayed to the downstream FortiGates.

History

The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.1.

Command Description

set delay <seconds>

set required {enable | disable}

Enable or disable (by default) the chaining of actions until the previous action has finished. Once enabled, set the delay in seconds between these actions. Set the delay range between 0-3600 (or no delay to one hour).

Note that delay and required are only available when action-type is set to either aws-lambda or webhook.

The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.

Command Description

config system automation-action

New config command.

Define the action type taken for user-defined automation stitches.

config system automation-action
    edit {name}
    # Action for automation stitches.
        set name {string}   Name. size[64]
        set action-type {option}   Action type.
                email                   Send notification email.
                ios-notification        Send push notification to FortiExplorer iOS.
                alert                   Generate FortiOS dashboard alert.
                disable-ssid            Disable interface.
                quarantine              Quarantine host.
                quarantine-forticlient  Quarantine FortiClient by EMS.
                ban-ip                  Ban IP address.
                aws-lambda              Send log data to integrated AWS service.
                webhook                 Send an HTTP request.
        config email-to
            edit {name}
            # Email addresses.
                set name {string}   Email address. size[255]
            next
        set email-subject {string}   Email subject. size[511]
        set minimum-interval {integer}   Limit execution to no more than once in this interval (in seconds). range[0-2592000]
        set delay {integer}   Delay before execution (in seconds). range[0-3600]
        set required {enable | disable}   Required in action chain.
        set aws-api-id {string}   AWS API Gateway ID. size[35]
        set aws-region {string}   AWS region. size[35]
        set aws-domain {string}   AWS domain. size[63]
        set aws-api-stage {string}   AWS API Gateway deployment stage name. size[63]
        set aws-api-path {string}   AWS API Gateway path. size[63]
        set aws-api-key {string}   AWS API Gateway API key. size[127]
        set protocol {http | https}   Request protocol.
                http   HTTP.
                https  HTTPS.
        set method {post | put | get}   Request method (GET, POST or PUT).
                post  POST.
                put   PUT.
                get   GET.
        set uri {string}   Request API URI. size[255]
        set http-body {string}   Request body (if necessary). Should be serialized json string. size[1023]
        set port {integer}   Protocol port. range[1-65535]
        config headers
            edit {header}
            # Request headers.
                set header {string}   Request header. size[255]
            next
    next
end