Fortinet Document Library

Version:


Table of Contents

New Features

6.2.0
Download PDF
Copy Link

Action - CLI Script

This feature adds support for calling a CLI script when an automation stitch is triggered. You can use this feature to add CLI script actions for Security Fabric automation.

CLI scripts can be manually entered, uploaded as a file, or recorded in CLI console. The CLI script output can be sent in an Automation Action email.

To configure a Security Fabric Automation Stitch using the GUI:
  1. Go to Security Fabric > Automation.
  2. In the Action section, select CLI Script and Email.
  3. Configure a CLI script.
    • To manually enter a CLI script, enter the script in the Script box.
    • To upload a script file, click Upload and specify the script file.

    • To record a script in CLI console, click >_Record in CLI console and then save the script.

  4. Enter the other fields as required and click OK.
To configure a Security Fabric Automation Stitch using the CLI:
config system automation-trigger
    edit "auto-cli-1"
        set trigger-type event-based
        set event-type security-rating-summary
    next
end

config system automation-action
    edit "set admintimeout480"
        set action-type cli-script
        set minimum-interval 0
        set delay 0
        set required enable
        set script "config system global
            set admintimeout 480
            end"
    next
    edit "auto-cli-1_email"
        set action-type email
        set email-to "jamesli@fortinet.com"
        set email-subject "CSF stitch alert"
        set email-body "%%results%%"
        set minimum-interval 0
    next
end

config system automation-stitch
    edit "auto-cli-1"
        set status enable
        set trigger "auto-cli-1"
        set action "set admintimeout480" "auto-cli-1_email"
    next
end
To execute the CLI script automatically after the Automation Stitch is triggered:

To execute the CLI script automatically after the Automation Stitch is triggered:
FGTA-1 # show system global
config system global
    set admintimeout 480
...
end

Sample of script output sent in automation action email

Action - CLI Script

This feature adds support for calling a CLI script when an automation stitch is triggered. You can use this feature to add CLI script actions for Security Fabric automation.

CLI scripts can be manually entered, uploaded as a file, or recorded in CLI console. The CLI script output can be sent in an Automation Action email.

To configure a Security Fabric Automation Stitch using the GUI:
  1. Go to Security Fabric > Automation.
  2. In the Action section, select CLI Script and Email.
  3. Configure a CLI script.
    • To manually enter a CLI script, enter the script in the Script box.
    • To upload a script file, click Upload and specify the script file.

    • To record a script in CLI console, click >_Record in CLI console and then save the script.

  4. Enter the other fields as required and click OK.
To configure a Security Fabric Automation Stitch using the CLI:
config system automation-trigger
    edit "auto-cli-1"
        set trigger-type event-based
        set event-type security-rating-summary
    next
end

config system automation-action
    edit "set admintimeout480"
        set action-type cli-script
        set minimum-interval 0
        set delay 0
        set required enable
        set script "config system global
            set admintimeout 480
            end"
    next
    edit "auto-cli-1_email"
        set action-type email
        set email-to "jamesli@fortinet.com"
        set email-subject "CSF stitch alert"
        set email-body "%%results%%"
        set minimum-interval 0
    next
end

config system automation-stitch
    edit "auto-cli-1"
        set status enable
        set trigger "auto-cli-1"
        set action "set admintimeout480" "auto-cli-1_email"
    next
end
To execute the CLI script automatically after the Automation Stitch is triggered:

To execute the CLI script automatically after the Automation Stitch is triggered:
FGTA-1 # show system global
config system global
    set admintimeout 480
...
end

Sample of script output sent in automation action email