Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.2.1
Copy Link

Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints.

  config dlp fp-doc-source
      Description: Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints.
      edit <name>
          set server-type {option}
          set server {string}
          set period [none|daily|...]
          set vdom [mgmt|current]
          set scan-subdirectories [enable|disable]
          set scan-on-creation [enable|disable]
          set remove-deleted [enable|disable]
          set keep-modified [enable|disable]
          set username {string}
          set password {password}
          set file-path {string}
          set file-pattern {string}
          set sensitivity {string}
          set tod-hour {integer}
          set tod-min {integer}
          set weekday [sunday|monday|...]
          set date {integer}
      next
  end

config dlp fp-doc-source

Parameter Name Description Type Size
server-type Protocol used to communicate with the file server. Currently only Samba (SMB) servers are supported.
samba: SAMBA server.
option -
server IPv4 or IPv6 address of the server. string Maximum length: 35
period Frequency for which the FortiGate checks the server for new or changed files.
none: Check the server when the FortiGate starts up.
daily: Check the server once a day.
weekly: Check the server once a week.
monthly: Check the server once a month.
option -
vdom Select the VDOM that can communicate with the file server.
mgmt: Communicate with the file server through the management VDOM.
current: Communicate with the file server through the VDOM containing this DLP fingerprint database configuration.
option -
scan-subdirectories Enable/disable scanning subdirectories to find files to create fingerprints from.
enable: Scan subdirectories.
disable: Do not scan subdirectories.
option -
scan-on-creation Enable to keep the fingerprint database up to date when a file is added or changed on the server.
enable: Keep the fingerprint database up to date when a file is added or changed on the server.
disable: Do not check for added or changed files on the server. Saves system resources.
option -
remove-deleted Enable to keep the fingerprint database up to date when a file is deleted from the server.
enable: Keep the fingerprint database up to date when a file is deleted from the server.
disable: Do not check for deleted files on the server. Saves system resources.
option -
keep-modified Enable so that when a file is changed on the server the FortiGate keeps the old fingerprint and adds a new fingerprint to the database.
enable: Keep the old fingerprint and add a new fingerprint when a file is changed on the server.
disable: Replace the old fingerprint with the new fingerprint when a file is changed on the server.
option -
username User name required to log into the file server. string Maximum length: 35
password Password required to log into the file server. password Not Specified
file-path Path on the server to the fingerprint files (max 119 characters). string Maximum length: 119
file-pattern Files matching this pattern on the server are fingerprinted. Optionally use the * and ? wildcards. string Maximum length: 35
sensitivity Select a sensitivity or threat level for matches with this fingerprint database. Add sensitivities using sensitivity. string Maximum length: 35
tod-hour Hour of the day on which to scan the server (0 - 23, default = 1). integer Minimum value: 0 Maximum value: 23
tod-min Minute of the hour on which to scan the server (0 - 59). integer Minimum value: 0 Maximum value: 59
weekday Day of the week on which to scan the server.
sunday: Sunday
monday: Monday
tuesday: Tuesday
wednesday: Wednesday
thursday: Thursday
friday: Friday
saturday: Saturday
option -
date Day of the month on which to scan the server (1 - 31). integer Minimum value: 1 Maximum value: 31

Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints.

  config dlp fp-doc-source
      Description: Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints.
      edit <name>
          set server-type {option}
          set server {string}
          set period [none|daily|...]
          set vdom [mgmt|current]
          set scan-subdirectories [enable|disable]
          set scan-on-creation [enable|disable]
          set remove-deleted [enable|disable]
          set keep-modified [enable|disable]
          set username {string}
          set password {password}
          set file-path {string}
          set file-pattern {string}
          set sensitivity {string}
          set tod-hour {integer}
          set tod-min {integer}
          set weekday [sunday|monday|...]
          set date {integer}
      next
  end

config dlp fp-doc-source

Parameter Name Description Type Size
server-type Protocol used to communicate with the file server. Currently only Samba (SMB) servers are supported.
samba: SAMBA server.
option -
server IPv4 or IPv6 address of the server. string Maximum length: 35
period Frequency for which the FortiGate checks the server for new or changed files.
none: Check the server when the FortiGate starts up.
daily: Check the server once a day.
weekly: Check the server once a week.
monthly: Check the server once a month.
option -
vdom Select the VDOM that can communicate with the file server.
mgmt: Communicate with the file server through the management VDOM.
current: Communicate with the file server through the VDOM containing this DLP fingerprint database configuration.
option -
scan-subdirectories Enable/disable scanning subdirectories to find files to create fingerprints from.
enable: Scan subdirectories.
disable: Do not scan subdirectories.
option -
scan-on-creation Enable to keep the fingerprint database up to date when a file is added or changed on the server.
enable: Keep the fingerprint database up to date when a file is added or changed on the server.
disable: Do not check for added or changed files on the server. Saves system resources.
option -
remove-deleted Enable to keep the fingerprint database up to date when a file is deleted from the server.
enable: Keep the fingerprint database up to date when a file is deleted from the server.
disable: Do not check for deleted files on the server. Saves system resources.
option -
keep-modified Enable so that when a file is changed on the server the FortiGate keeps the old fingerprint and adds a new fingerprint to the database.
enable: Keep the old fingerprint and add a new fingerprint when a file is changed on the server.
disable: Replace the old fingerprint with the new fingerprint when a file is changed on the server.
option -
username User name required to log into the file server. string Maximum length: 35
password Password required to log into the file server. password Not Specified
file-path Path on the server to the fingerprint files (max 119 characters). string Maximum length: 119
file-pattern Files matching this pattern on the server are fingerprinted. Optionally use the * and ? wildcards. string Maximum length: 35
sensitivity Select a sensitivity or threat level for matches with this fingerprint database. Add sensitivities using sensitivity. string Maximum length: 35
tod-hour Hour of the day on which to scan the server (0 - 23, default = 1). integer Minimum value: 0 Maximum value: 23
tod-min Minute of the hour on which to scan the server (0 - 59). integer Minimum value: 0 Maximum value: 59
weekday Day of the week on which to scan the server.
sunday: Sunday
monday: Monday
tuesday: Tuesday
wednesday: Wednesday
thursday: Thursday
friday: Friday
saturday: Saturday
option -
date Day of the month on which to scan the server (1 - 31). integer Minimum value: 1 Maximum value: 31