Fortinet black logo

CLI Reference

config system automation-action

config system automation-action

Action for automation stitches.

config system automation-action

Description: Action for automation stitches.

edit <name>

set description {var-string}

set action-type [email|fortiexplorer-notification|...]

set tls-certificate {string}

set email-to <name1>, <name2>, ...

set email-from {var-string}

set email-subject {var-string}

set minimum-interval {integer}

set aws-api-key {password}

set azure-function-authorization [anonymous|function|...]

set azure-api-key {password}

set alicloud-function-authorization [anonymous|function]

set alicloud-access-key-id {string}

set alicloud-access-key-secret {password}

set message-type [text|json]

set message {string}

set replacement-message [enable|disable]

set replacemsg-group {string}

set protocol [http|https]

set method [post|put|...]

set uri {var-string}

set http-body {var-string}

set port {integer}

set headers <header1>, <header2>, ...

set verify-host-cert [enable|disable]

set script {var-string}

set execute-security-fabric [enable|disable]

set accprofile {string}

set security-tag {string}

set sdn-connector <name1>, <name2>, ...

next

end

config system automation-action

Parameter

Description

Type

Size

Default

description

Description.

var-string

Maximum length: 255

action-type

Action type.

option

-

alert

Option

Description

email

Send notification email.

fortiexplorer-notification

Send push notification to FortiExplorer.

alert

Generate FortiOS dashboard alert.

disable-ssid

Disable interface.

quarantine

Quarantine host.

quarantine-forticlient

Quarantine FortiClient by EMS.

quarantine-nsx

Quarantine NSX instance.

quarantine-fortinac

Quarantine host by FortiNAC.

ban-ip

Ban IP address.

aws-lambda

Send log data to integrated AWS service.

azure-function

Send log data to an Azure function.

google-cloud-function

Send log data to a Google Cloud function.

alicloud-function

Send log data to an AliCloud function.

webhook

Send an HTTP request.

cli-script

Run CLI script.

slack-notification

Send a notification message to a Slack incoming webhook.

microsoft-teams-notification

Send a notification message to a Microsoft Teams incoming webhook.

tls-certificate

Custom TLS certificate for API request.

string

Maximum length: 35

email-to <name>

Email addresses.

Email address.

string

Maximum length: 255

email-from

Email sender name.

var-string

Maximum length: 127

email-subject

Email subject.

var-string

Maximum length: 511

minimum-interval

Limit execution to no more than once in this interval (in seconds).

integer

Minimum value: 0 Maximum value: 2592000

0

aws-api-key

AWS API Gateway API key.

password

Not Specified

azure-function-authorization

Azure function authorization level.

option

-

anonymous

Option

Description

anonymous

Anonymous authorization level (No authorization required).

function

Function authorization level (Function or Host Key required).

admin

Admin authorization level (Master Host Key required).

azure-api-key

Azure function API key.

password

Not Specified

alicloud-function-authorization

AliCloud function authorization type.

option

-

anonymous

Option

Description

anonymous

Anonymous authorization (No authorization required).

function

Function authorization (Authorization required).

alicloud-access-key-id

AliCloud AccessKey ID.

string

Maximum length: 35

alicloud-access-key-secret

AliCloud AccessKey secret.

password

Not Specified

message-type

Message type.

option

-

text

Option

Description

text

Plaintext.

json

Custom JSON.

message

Message content.

string

Maximum length: 4095

%%log%%

replacement-message

Enable/disable replacement message.

option

-

disable

Option

Description

enable

Enable replacement message.

disable

Disable replacement message.

replacemsg-group

Replacement message group.

string

Maximum length: 35

protocol

Request protocol.

option

-

http

Option

Description

http

HTTP.

https

HTTPS.

method

Request method (POST, PUT, GET, PATCH or DELETE).

option

-

post

Option

Description

post

POST.

put

PUT.

get

GET.

patch

PATCH.

delete

DELETE.

uri

Request API URI.

var-string

Maximum length: 1023

http-body

Request body (if necessary). Should be serialized json string.

var-string

Maximum length: 4095

port

Protocol port.

integer

Minimum value: 1 Maximum value: 65535

0

headers <header>

Request headers.

Request header.

string

Maximum length: 255

verify-host-cert

Enable/disable verification of the remote host certificate.

option

-

enable

Option

Description

enable

Enable verification of the remote host certificate.

disable

Disable verification of the remote host certificate.

script

CLI script.

var-string

Maximum length: 1023

execute-security-fabric

Enable/disable execution of CLI script on all or only one FortiGate unit in the Security Fabric.

option

-

disable

Option

Description

enable

CLI script executes on all FortiGate units in the Security Fabric.

disable

CLI script executes only on the FortiGate unit that the stitch is triggered.

accprofile

Access profile for CLI script action to access FortiGate features.

string

Maximum length: 35

security-tag

NSX security tag.

string

Maximum length: 255

sdn-connector <name>

NSX SDN connector names.

SDN connector name.

string

Maximum length: 79

config system automation-action

Action for automation stitches.

config system automation-action

Description: Action for automation stitches.

edit <name>

set description {var-string}

set action-type [email|fortiexplorer-notification|...]

set tls-certificate {string}

set email-to <name1>, <name2>, ...

set email-from {var-string}

set email-subject {var-string}

set minimum-interval {integer}

set aws-api-key {password}

set azure-function-authorization [anonymous|function|...]

set azure-api-key {password}

set alicloud-function-authorization [anonymous|function]

set alicloud-access-key-id {string}

set alicloud-access-key-secret {password}

set message-type [text|json]

set message {string}

set replacement-message [enable|disable]

set replacemsg-group {string}

set protocol [http|https]

set method [post|put|...]

set uri {var-string}

set http-body {var-string}

set port {integer}

set headers <header1>, <header2>, ...

set verify-host-cert [enable|disable]

set script {var-string}

set execute-security-fabric [enable|disable]

set accprofile {string}

set security-tag {string}

set sdn-connector <name1>, <name2>, ...

next

end

config system automation-action

Parameter

Description

Type

Size

Default

description

Description.

var-string

Maximum length: 255

action-type

Action type.

option

-

alert

Option

Description

email

Send notification email.

fortiexplorer-notification

Send push notification to FortiExplorer.

alert

Generate FortiOS dashboard alert.

disable-ssid

Disable interface.

quarantine

Quarantine host.

quarantine-forticlient

Quarantine FortiClient by EMS.

quarantine-nsx

Quarantine NSX instance.

quarantine-fortinac

Quarantine host by FortiNAC.

ban-ip

Ban IP address.

aws-lambda

Send log data to integrated AWS service.

azure-function

Send log data to an Azure function.

google-cloud-function

Send log data to a Google Cloud function.

alicloud-function

Send log data to an AliCloud function.

webhook

Send an HTTP request.

cli-script

Run CLI script.

slack-notification

Send a notification message to a Slack incoming webhook.

microsoft-teams-notification

Send a notification message to a Microsoft Teams incoming webhook.

tls-certificate

Custom TLS certificate for API request.

string

Maximum length: 35

email-to <name>

Email addresses.

Email address.

string

Maximum length: 255

email-from

Email sender name.

var-string

Maximum length: 127

email-subject

Email subject.

var-string

Maximum length: 511

minimum-interval

Limit execution to no more than once in this interval (in seconds).

integer

Minimum value: 0 Maximum value: 2592000

0

aws-api-key

AWS API Gateway API key.

password

Not Specified

azure-function-authorization

Azure function authorization level.

option

-

anonymous

Option

Description

anonymous

Anonymous authorization level (No authorization required).

function

Function authorization level (Function or Host Key required).

admin

Admin authorization level (Master Host Key required).

azure-api-key

Azure function API key.

password

Not Specified

alicloud-function-authorization

AliCloud function authorization type.

option

-

anonymous

Option

Description

anonymous

Anonymous authorization (No authorization required).

function

Function authorization (Authorization required).

alicloud-access-key-id

AliCloud AccessKey ID.

string

Maximum length: 35

alicloud-access-key-secret

AliCloud AccessKey secret.

password

Not Specified

message-type

Message type.

option

-

text

Option

Description

text

Plaintext.

json

Custom JSON.

message

Message content.

string

Maximum length: 4095

%%log%%

replacement-message

Enable/disable replacement message.

option

-

disable

Option

Description

enable

Enable replacement message.

disable

Disable replacement message.

replacemsg-group

Replacement message group.

string

Maximum length: 35

protocol

Request protocol.

option

-

http

Option

Description

http

HTTP.

https

HTTPS.

method

Request method (POST, PUT, GET, PATCH or DELETE).

option

-

post

Option

Description

post

POST.

put

PUT.

get

GET.

patch

PATCH.

delete

DELETE.

uri

Request API URI.

var-string

Maximum length: 1023

http-body

Request body (if necessary). Should be serialized json string.

var-string

Maximum length: 4095

port

Protocol port.

integer

Minimum value: 1 Maximum value: 65535

0

headers <header>

Request headers.

Request header.

string

Maximum length: 255

verify-host-cert

Enable/disable verification of the remote host certificate.

option

-

enable

Option

Description

enable

Enable verification of the remote host certificate.

disable

Disable verification of the remote host certificate.

script

CLI script.

var-string

Maximum length: 1023

execute-security-fabric

Enable/disable execution of CLI script on all or only one FortiGate unit in the Security Fabric.

option

-

disable

Option

Description

enable

CLI script executes on all FortiGate units in the Security Fabric.

disable

CLI script executes only on the FortiGate unit that the stitch is triggered.

accprofile

Access profile for CLI script action to access FortiGate features.

string

Maximum length: 35

security-tag

NSX security tag.

string

Maximum length: 255

sdn-connector <name>

NSX SDN connector names.

SDN connector name.

string

Maximum length: 79