Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config system automation-action

Action for automation stitches.

config system automation-action

Description: Action for automation stitches.

edit <name>

set description {var-string}

set action-type [email|fortiexplorer-notification|...]

set tls-certificate {string}

set email-to <name1>, <name2>, ...

set email-from {var-string}

set email-subject {var-string}

set minimum-interval {integer}

set delay {integer}

set required [enable|disable]

set aws-api-key {password}

set azure-function-authorization [anonymous|function|...]

set azure-api-key {password}

set alicloud-function-authorization [anonymous|function]

set alicloud-access-key-id {string}

set alicloud-access-key-secret {password}

set message-type [text|json]

set message {string}

set replacement-message [enable|disable]

set replacemsg-group {string}

set protocol [http|https]

set method [post|put|...]

set uri {var-string}

set http-body {var-string}

set port {integer}

set headers <header1>, <header2>, ...

set verify-host-cert [enable|disable]

set script {var-string}

set accprofile {string}

set security-tag {string}

set sdn-connector <name1>, <name2>, ...

next

end

config system automation-action

Parameter

Description

Type

Size

Default

description

Description.

var-string

Maximum length: 255

action-type

Action type.

option

-

alert

 

Option

Description

email

Send notification email.

fortiexplorer-notification

Send push notification to FortiExplorer.

alert

Generate FortiOS dashboard alert.

disable-ssid

Disable interface.

quarantine

Quarantine host.

quarantine-forticlient

Quarantine FortiClient by EMS.

quarantine-nsx

Quarantine NSX instance.

quarantine-fortinac

Quarantine host by FortiNAC.

ban-ip

Ban IP address.

aws-lambda

Send log data to integrated AWS service.

azure-function

Send log data to an Azure function.

google-cloud-function

Send log data to a Google Cloud function.

alicloud-function

Send log data to an AliCloud function.

webhook

Send an HTTP request.

cli-script

Run CLI script.

slack-notification

Send a notification message to a Slack incoming webhook.

microsoft-teams-notification

Send a notification message to a Microsoft Teams incoming webhook.

tls-certificate

Custom TLS certificate for API request.

string

Maximum length: 35

email-to <name>

Email addresses.

Email address.

string

Maximum length: 255

email-from

Email sender name.

var-string

Maximum length: 127

email-subject

Email subject.

var-string

Maximum length: 511

minimum-interval

Limit execution to no more than once in this interval (in seconds).

integer

Minimum value: 0 Maximum value: 2592000

0

delay

Delay before execution (in seconds).

integer

Minimum value: 0 Maximum value: 3600

0

required

Required in action chain.

option

-

disable

 

Option

Description

enable

Required in action chain.

disable

Not required in action chain.

aws-api-key

AWS API Gateway API key.

password

Not Specified

azure-function-authorization

Azure function authorization level.

option

-

anonymous

 

Option

Description

anonymous

Anonymous authorization level (No authorization required).

function

Function authorization level (Function or Host Key required).

admin

Admin authorization level (Master Host Key required).

azure-api-key

Azure function API key.

password

Not Specified

alicloud-function-authorization

AliCloud function authorization type.

option

-

anonymous

 

Option

Description

anonymous

Anonymous authorization (No authorization required).

function

Function authorization (Authorization required).

alicloud-access-key-id

AliCloud AccessKey ID.

string

Maximum length: 35

alicloud-access-key-secret

AliCloud AccessKey secret.

password

Not Specified

message-type

Message type.

option

-

text

 

Option

Description

text

Plaintext.

json

Custom JSON.

message

Message content.

string

Maximum length: 4095

%%log%%

replacement-message

Enable/disable replacement message.

option

-

disable

 

Option

Description

enable

Enable replacement message.

disable

Disable replacement message.

replacemsg-group

Replacement message group.

string

Maximum length: 35

protocol

Request protocol.

option

-

http

 

Option

Description

http

HTTP.

https

HTTPS.

method

Request method (POST, PUT, GET, PATCH or DELETE).

option

-

post

 

Option

Description

post

POST.

put

PUT.

get

GET.

patch

PATCH.

delete

DELETE.

uri

Request API URI.

var-string

Maximum length: 1023

http-body

Request body (if necessary). Should be serialized json string.

var-string

Maximum length: 4095

port

Protocol port.

integer

Minimum value: 1 Maximum value: 65535

0

headers <header>

Request headers.

Request header.

string

Maximum length: 255

verify-host-cert

Enable/disable verification of the remote host certificate.

option

-

enable

 

Option

Description

enable

Enable verification of the remote host certificate.

disable

Disable verification of the remote host certificate.

script

CLI script.

var-string

Maximum length: 1023

accprofile

Access profile for CLI script action to access FortiGate features.

string

Maximum length: 35

security-tag

NSX security tag.

string

Maximum length: 255

sdn-connector <name>

NSX SDN connector names.

SDN connector name.

string

Maximum length: 79

config system automation-action

Action for automation stitches.

config system automation-action

Description: Action for automation stitches.

edit <name>

set description {var-string}

set action-type [email|fortiexplorer-notification|...]

set tls-certificate {string}

set email-to <name1>, <name2>, ...

set email-from {var-string}

set email-subject {var-string}

set minimum-interval {integer}

set delay {integer}

set required [enable|disable]

set aws-api-key {password}

set azure-function-authorization [anonymous|function|...]

set azure-api-key {password}

set alicloud-function-authorization [anonymous|function]

set alicloud-access-key-id {string}

set alicloud-access-key-secret {password}

set message-type [text|json]

set message {string}

set replacement-message [enable|disable]

set replacemsg-group {string}

set protocol [http|https]

set method [post|put|...]

set uri {var-string}

set http-body {var-string}

set port {integer}

set headers <header1>, <header2>, ...

set verify-host-cert [enable|disable]

set script {var-string}

set accprofile {string}

set security-tag {string}

set sdn-connector <name1>, <name2>, ...

next

end

config system automation-action

Parameter

Description

Type

Size

Default

description

Description.

var-string

Maximum length: 255

action-type

Action type.

option

-

alert

 

Option

Description

email

Send notification email.

fortiexplorer-notification

Send push notification to FortiExplorer.

alert

Generate FortiOS dashboard alert.

disable-ssid

Disable interface.

quarantine

Quarantine host.

quarantine-forticlient

Quarantine FortiClient by EMS.

quarantine-nsx

Quarantine NSX instance.

quarantine-fortinac

Quarantine host by FortiNAC.

ban-ip

Ban IP address.

aws-lambda

Send log data to integrated AWS service.

azure-function

Send log data to an Azure function.

google-cloud-function

Send log data to a Google Cloud function.

alicloud-function

Send log data to an AliCloud function.

webhook

Send an HTTP request.

cli-script

Run CLI script.

slack-notification

Send a notification message to a Slack incoming webhook.

microsoft-teams-notification

Send a notification message to a Microsoft Teams incoming webhook.

tls-certificate

Custom TLS certificate for API request.

string

Maximum length: 35

email-to <name>

Email addresses.

Email address.

string

Maximum length: 255

email-from

Email sender name.

var-string

Maximum length: 127

email-subject

Email subject.

var-string

Maximum length: 511

minimum-interval

Limit execution to no more than once in this interval (in seconds).

integer

Minimum value: 0 Maximum value: 2592000

0

delay

Delay before execution (in seconds).

integer

Minimum value: 0 Maximum value: 3600

0

required

Required in action chain.

option

-

disable

 

Option

Description

enable

Required in action chain.

disable

Not required in action chain.

aws-api-key

AWS API Gateway API key.

password

Not Specified

azure-function-authorization

Azure function authorization level.

option

-

anonymous

 

Option

Description

anonymous

Anonymous authorization level (No authorization required).

function

Function authorization level (Function or Host Key required).

admin

Admin authorization level (Master Host Key required).

azure-api-key

Azure function API key.

password

Not Specified

alicloud-function-authorization

AliCloud function authorization type.

option

-

anonymous

 

Option

Description

anonymous

Anonymous authorization (No authorization required).

function

Function authorization (Authorization required).

alicloud-access-key-id

AliCloud AccessKey ID.

string

Maximum length: 35

alicloud-access-key-secret

AliCloud AccessKey secret.

password

Not Specified

message-type

Message type.

option

-

text

 

Option

Description

text

Plaintext.

json

Custom JSON.

message

Message content.

string

Maximum length: 4095

%%log%%

replacement-message

Enable/disable replacement message.

option

-

disable

 

Option

Description

enable

Enable replacement message.

disable

Disable replacement message.

replacemsg-group

Replacement message group.

string

Maximum length: 35

protocol

Request protocol.

option

-

http

 

Option

Description

http

HTTP.

https

HTTPS.

method

Request method (POST, PUT, GET, PATCH or DELETE).

option

-

post

 

Option

Description

post

POST.

put

PUT.

get

GET.

patch

PATCH.

delete

DELETE.

uri

Request API URI.

var-string

Maximum length: 1023

http-body

Request body (if necessary). Should be serialized json string.

var-string

Maximum length: 4095

port

Protocol port.

integer

Minimum value: 1 Maximum value: 65535

0

headers <header>

Request headers.

Request header.

string

Maximum length: 255

verify-host-cert

Enable/disable verification of the remote host certificate.

option

-

enable

 

Option

Description

enable

Enable verification of the remote host certificate.

disable

Disable verification of the remote host certificate.

script

CLI script.

var-string

Maximum length: 1023

accprofile

Access profile for CLI script action to access FortiGate features.

string

Maximum length: 35

security-tag

NSX security tag.

string

Maximum length: 255

sdn-connector <name>

NSX SDN connector names.

SDN connector name.

string

Maximum length: 79