Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Cookbook

    6.2.3
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.0
    6.0.0
    5.6.0
    5.4.0

    CLI script action

    CLI script action

    CLI scripts can be run when an automation stitch is triggered. The scripts can be manually entered, uploaded as a file, or recorded in the CLI console. The output of the script can be sent as an email action.

    In this example, the script sets the idle timeout value to 479 minutes, and sends an email with the script output.

    To configure a CLI script automation stitch in the GUI:
    1. Go to Security Fabric > Automation.
    2. Click Create New.
    3. Enter a name for the stitch, and select the FortiGate devices that it will be applied to.
    4. Select a trigger, such as Security Rating Summary.
    5. Select CLI Script and Email actions.

    6. Configure the CLI script:

      • To manually enter the script, type it into the Script field.

      • To upload a script file, click Upload and locate the file on your management computer.
      • To record the script in the CLI console, click >_Record in CLI console, then enter the CLI commands.

    7. Configure the email action.
    8. Click OK.
    To configure a CLI script automation stitch in the CLI:
    1. Create an automation action:
      config system automation-action
    edit "set admintimeout479"
        set action-type cli-script
        set minimum-interval 0
        set delay 0
        set required enable
        set script "config system global
            set admintimeout 480
            end"
    next
    edit "auto-cli-1_email"
        set action-type email
        set email-to "jnkssll@fortinet.com"
        set email-subject "CSF stitch alert"
        set email-body "%%results%%"
        set minimum-interval 0
    next
end
    2. Create an automation trigger:
      config system automation-trigger
    edit "auto-cli-1"
        set trigger-type event-based
        set event-type security-rating-summary
    next
end
    3. Create the automation stitch:
      config system automation-stitch
    edit "auto-cli-1"
        set status enable
        set trigger "auto-cli-1"
        set action "set admintimeout479
end

    Email sample

    The email sent by the action will look similar to the following:

    Previous
    Next

    CLI script action

    CLI script action

    CLI scripts can be run when an automation stitch is triggered. The scripts can be manually entered, uploaded as a file, or recorded in the CLI console. The output of the script can be sent as an email action.

    In this example, the script sets the idle timeout value to 479 minutes, and sends an email with the script output.

    To configure a CLI script automation stitch in the GUI:
    1. Go to Security Fabric > Automation.
    2. Click Create New.
    3. Enter a name for the stitch, and select the FortiGate devices that it will be applied to.
    4. Select a trigger, such as Security Rating Summary.
    5. Select CLI Script and Email actions.

    6. Configure the CLI script:

      • To manually enter the script, type it into the Script field.

      • To upload a script file, click Upload and locate the file on your management computer.
      • To record the script in the CLI console, click >_Record in CLI console, then enter the CLI commands.

    7. Configure the email action.
    8. Click OK.
    To configure a CLI script automation stitch in the CLI:
    1. Create an automation action:
      config system automation-action
    edit "set admintimeout479"
        set action-type cli-script
        set minimum-interval 0
        set delay 0
        set required enable
        set script "config system global
            set admintimeout 480
            end"
    next
    edit "auto-cli-1_email"
        set action-type email
        set email-to "jnkssll@fortinet.com"
        set email-subject "CSF stitch alert"
        set email-body "%%results%%"
        set minimum-interval 0
    next
end
    2. Create an automation trigger:
      config system automation-trigger
    edit "auto-cli-1"
        set trigger-type event-based
        set event-type security-rating-summary
    next
end
    3. Create the automation stitch:
      config system automation-stitch
    edit "auto-cli-1"
        set status enable
        set trigger "auto-cli-1"
        set action "set admintimeout479
end

    Email sample

    The email sent by the action will look similar to the following:

    Previous
    Next