Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.2.1
Copy Link

Trigger for automation stitches.

  config system automation-trigger
      Description: Trigger for automation stitches.
      edit <name>
          set trigger-type [event-based|scheduled]
          set event-type [ioc|event-log|...]
          set license-type [forticare-support|fortiguard-webfilter|...]
          set ioc-level [medium|high]
          set logid {integer}
          set trigger-frequency [hourly|daily|...]
          set trigger-weekday [sunday|monday|...]
          set trigger-day {integer}
          set trigger-hour {integer}
          set trigger-minute {integer}
          config fields
              Description: Customized trigger field settings.
              edit <id>
                  set name {string}
                  set value {var-string}
              next
          end
          set faz-event-name {var-string}
          set faz-event-severity {var-string}
          set faz-event-tags {var-string}
      next
  end

config system automation-trigger

Parameter Name Description Type Size
trigger-type Trigger type.
event-based: Event based trigger.
scheduled: Scheduled trigger.
option -
event-type Event type.
ioc: Indicator of compromise detected.
event-log: Use log ID as trigger.
reboot: Device reboot.
low-memory: Conserve mode due to low memory.
high-cpu: High CPU usage.
license-near-expiry: License near expiration date.
ha-failover: HA failover.
config-change: Configuration change.
security-rating-summary: Security rating summary.
virus-ips-db-updated: Virus and IPS database updated.
faz-event: FortiAnalyzer event.
option -
license-type License type.
forticare-support: FortiCare support license.
fortiguard-webfilter: FortiGuard web filter license.
fortiguard-antispam: FortiGuard antispam license.
fortiguard-antivirus: FortiGuard AntiVirus license.
fortiguard-ips: FortiGuard IPS license.
fortiguard-management: FortiGuard management service license.
forticloud: FortiCloud license.
option -
ioc-level IOC threat level.
medium: IOC level medium and high.
high: IOC level high only.
option -
logid Log ID to trigger event. integer Minimum value: 1 Maximum value: 65535
trigger-frequency Scheduled trigger frequency (default = daily).
hourly: Run hourly.
daily: Run daily.
weekly: Run weekly.
monthly: Run monthly.
option -
trigger-weekday Day of week for trigger.
sunday: Sunday.
monday: Monday.
tuesday: Tuesday.
wednesday: Wednesday.
thursday: Thursday.
friday: Friday.
saturday: Saturday.
option -
trigger-day Day within a month to trigger. integer Minimum value: 1 Maximum value: 31
trigger-hour Hour of the day on which to trigger (0 - 23, default = 1). integer Minimum value: 0 Maximum value: 23
trigger-minute Minute of the hour on which to trigger (0 - 59, default = 0). integer Minimum value: 0 Maximum value: 59
faz-event-name FortiAnalyzer event handler name. var-string Maximum length: 255
faz-event-severity FortiAnalyzer event severity. var-string Maximum length: 255
faz-event-tags FortiAnalyzer event tags. var-string Maximum length: 255

config fields

Parameter Name Description Type Size
name Name. string Maximum length: 35
value Value. var-string Maximum length: 63

Trigger for automation stitches.

  config system automation-trigger
      Description: Trigger for automation stitches.
      edit <name>
          set trigger-type [event-based|scheduled]
          set event-type [ioc|event-log|...]
          set license-type [forticare-support|fortiguard-webfilter|...]
          set ioc-level [medium|high]
          set logid {integer}
          set trigger-frequency [hourly|daily|...]
          set trigger-weekday [sunday|monday|...]
          set trigger-day {integer}
          set trigger-hour {integer}
          set trigger-minute {integer}
          config fields
              Description: Customized trigger field settings.
              edit <id>
                  set name {string}
                  set value {var-string}
              next
          end
          set faz-event-name {var-string}
          set faz-event-severity {var-string}
          set faz-event-tags {var-string}
      next
  end

config system automation-trigger

Parameter Name Description Type Size
trigger-type Trigger type.
event-based: Event based trigger.
scheduled: Scheduled trigger.
option -
event-type Event type.
ioc: Indicator of compromise detected.
event-log: Use log ID as trigger.
reboot: Device reboot.
low-memory: Conserve mode due to low memory.
high-cpu: High CPU usage.
license-near-expiry: License near expiration date.
ha-failover: HA failover.
config-change: Configuration change.
security-rating-summary: Security rating summary.
virus-ips-db-updated: Virus and IPS database updated.
faz-event: FortiAnalyzer event.
option -
license-type License type.
forticare-support: FortiCare support license.
fortiguard-webfilter: FortiGuard web filter license.
fortiguard-antispam: FortiGuard antispam license.
fortiguard-antivirus: FortiGuard AntiVirus license.
fortiguard-ips: FortiGuard IPS license.
fortiguard-management: FortiGuard management service license.
forticloud: FortiCloud license.
option -
ioc-level IOC threat level.
medium: IOC level medium and high.
high: IOC level high only.
option -
logid Log ID to trigger event. integer Minimum value: 1 Maximum value: 65535
trigger-frequency Scheduled trigger frequency (default = daily).
hourly: Run hourly.
daily: Run daily.
weekly: Run weekly.
monthly: Run monthly.
option -
trigger-weekday Day of week for trigger.
sunday: Sunday.
monday: Monday.
tuesday: Tuesday.
wednesday: Wednesday.
thursday: Thursday.
friday: Friday.
saturday: Saturday.
option -
trigger-day Day within a month to trigger. integer Minimum value: 1 Maximum value: 31
trigger-hour Hour of the day on which to trigger (0 - 23, default = 1). integer Minimum value: 0 Maximum value: 23
trigger-minute Minute of the hour on which to trigger (0 - 59, default = 0). integer Minimum value: 0 Maximum value: 59
faz-event-name FortiAnalyzer event handler name. var-string Maximum length: 255
faz-event-severity FortiAnalyzer event severity. var-string Maximum length: 255
faz-event-tags FortiAnalyzer event tags. var-string Maximum length: 255

config fields

Parameter Name Description Type Size
name Name. string Maximum length: 35
value Value. var-string Maximum length: 63