Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config dlp fp-doc-source

Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints.

config dlp fp-doc-source

Description: Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints.

edit <name>

set server-type {option}

set server {string}

set period [none|daily|...]

set vdom [mgmt|current]

set scan-subdirectories [enable|disable]

set scan-on-creation [enable|disable]

set remove-deleted [enable|disable]

set keep-modified [enable|disable]

set username {string}

set password {password}

set file-path {string}

set file-pattern {string}

set sensitivity {string}

set tod-hour {integer}

set tod-min {integer}

set weekday [sunday|monday|...]

set date {integer}

next

end

config dlp fp-doc-source

Parameter

Description

Type

Size

Default

server-type

Protocol used to communicate with the file server. Currently only Samba (SMB) servers are supported.

option

-

samba

 

Option

Description

samba

SAMBA server.

server

IPv4 or IPv6 address of the server.

string

Maximum length: 35

period

Frequency for which the FortiGate checks the server for new or changed files.

option

-

none

 

Option

Description

none

Check the server when the FortiGate starts up.

daily

Check the server once a day.

weekly

Check the server once a week.

monthly

Check the server once a month.

vdom

Select the VDOM that can communicate with the file server.

option

-

mgmt

 

Option

Description

mgmt

Communicate with the file server through the management VDOM.

current

Communicate with the file server through the VDOM containing this DLP fingerprint database configuration.

scan-subdirectories

Enable/disable scanning subdirectories to find files to create fingerprints from.

option

-

enable

 

Option

Description

enable

Scan subdirectories.

disable

Do not scan subdirectories.

scan-on-creation

Enable to keep the fingerprint database up to date when a file is added or changed on the server.

option

-

enable

 

Option

Description

enable

Keep the fingerprint database up to date when a file is added or changed on the server.

disable

Do not check for added or changed files on the server. Saves system resources.

remove-deleted

Enable to keep the fingerprint database up to date when a file is deleted from the server.

option

-

enable

 

Option

Description

enable

Keep the fingerprint database up to date when a file is deleted from the server.

disable

Do not check for deleted files on the server. Saves system resources.

keep-modified

Enable so that when a file is changed on the server the FortiGate keeps the old fingerprint and adds a new fingerprint to the database.

option

-

enable

 

Option

Description

enable

Keep the old fingerprint and add a new fingerprint when a file is changed on the server.

disable

Replace the old fingerprint with the new fingerprint when a file is changed on the server.

username

User name required to log into the file server.

string

Maximum length: 35

password

Password required to log into the file server.

password

Not Specified

file-path

Path on the server to the fingerprint files (max 119 characters).

string

Maximum length: 119

file-pattern

Files matching this pattern on the server are fingerprinted. Optionally use the * and ? wildcards.

string

Maximum length: 35

*

sensitivity

Select a sensitivity or threat level for matches with this fingerprint database. Add sensitivities using sensitivity.

string

Maximum length: 35

tod-hour

Hour of the day on which to scan the server (0 - 23, default = 1).

integer

Minimum value: 0 Maximum value: 23

1

tod-min

Minute of the hour on which to scan the server (0 - 59).

integer

Minimum value: 0 Maximum value: 59

0

weekday

Day of the week on which to scan the server.

option

-

sunday

 

Option

Description

sunday

Sunday

monday

Monday

tuesday

Tuesday

wednesday

Wednesday

thursday

Thursday

friday

Friday

saturday

Saturday

date

Day of the month on which to scan the server (1 - 31).

integer

Minimum value: 1 Maximum value: 31

1

config dlp fp-doc-source

Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints.

config dlp fp-doc-source

Description: Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints.

edit <name>

set server-type {option}

set server {string}

set period [none|daily|...]

set vdom [mgmt|current]

set scan-subdirectories [enable|disable]

set scan-on-creation [enable|disable]

set remove-deleted [enable|disable]

set keep-modified [enable|disable]

set username {string}

set password {password}

set file-path {string}

set file-pattern {string}

set sensitivity {string}

set tod-hour {integer}

set tod-min {integer}

set weekday [sunday|monday|...]

set date {integer}

next

end

config dlp fp-doc-source

Parameter

Description

Type

Size

Default

server-type

Protocol used to communicate with the file server. Currently only Samba (SMB) servers are supported.

option

-

samba

 

Option

Description

samba

SAMBA server.

server

IPv4 or IPv6 address of the server.

string

Maximum length: 35

period

Frequency for which the FortiGate checks the server for new or changed files.

option

-

none

 

Option

Description

none

Check the server when the FortiGate starts up.

daily

Check the server once a day.

weekly

Check the server once a week.

monthly

Check the server once a month.

vdom

Select the VDOM that can communicate with the file server.

option

-

mgmt

 

Option

Description

mgmt

Communicate with the file server through the management VDOM.

current

Communicate with the file server through the VDOM containing this DLP fingerprint database configuration.

scan-subdirectories

Enable/disable scanning subdirectories to find files to create fingerprints from.

option

-

enable

 

Option

Description

enable

Scan subdirectories.

disable

Do not scan subdirectories.

scan-on-creation

Enable to keep the fingerprint database up to date when a file is added or changed on the server.

option

-

enable

 

Option

Description

enable

Keep the fingerprint database up to date when a file is added or changed on the server.

disable

Do not check for added or changed files on the server. Saves system resources.

remove-deleted

Enable to keep the fingerprint database up to date when a file is deleted from the server.

option

-

enable

 

Option

Description

enable

Keep the fingerprint database up to date when a file is deleted from the server.

disable

Do not check for deleted files on the server. Saves system resources.

keep-modified

Enable so that when a file is changed on the server the FortiGate keeps the old fingerprint and adds a new fingerprint to the database.

option

-

enable

 

Option

Description

enable

Keep the old fingerprint and add a new fingerprint when a file is changed on the server.

disable

Replace the old fingerprint with the new fingerprint when a file is changed on the server.

username

User name required to log into the file server.

string

Maximum length: 35

password

Password required to log into the file server.

password

Not Specified

file-path

Path on the server to the fingerprint files (max 119 characters).

string

Maximum length: 119

file-pattern

Files matching this pattern on the server are fingerprinted. Optionally use the * and ? wildcards.

string

Maximum length: 35

*

sensitivity

Select a sensitivity or threat level for matches with this fingerprint database. Add sensitivities using sensitivity.

string

Maximum length: 35

tod-hour

Hour of the day on which to scan the server (0 - 23, default = 1).

integer

Minimum value: 0 Maximum value: 23

1

tod-min

Minute of the hour on which to scan the server (0 - 59).

integer

Minimum value: 0 Maximum value: 59

0

weekday

Day of the week on which to scan the server.

option

-

sunday

 

Option

Description

sunday

Sunday

monday

Monday

tuesday

Tuesday

wednesday

Wednesday

thursday

Thursday

friday

Friday

saturday

Saturday

date

Day of the month on which to scan the server (1 - 31).

integer

Minimum value: 1 Maximum value: 31

1