Fortinet black logo

CLI Reference

config dlp fp-doc-source

config dlp fp-doc-source

Note

This command is available for model(s): FortiGate 1000D, FortiGate 101E, FortiGate 1101E, FortiGate 1500DT, FortiGate 1500D, FortiGate 1801F, FortiGate 2000E, FortiGate 201E, FortiGate 201F, FortiGate 2201E, FortiGate 2500E, FortiGate 2600F, FortiGate 2601F, FortiGate 3000D, FortiGate 301E, FortiGate 3100D, FortiGate 3200D, FortiGate 3301E, FortiGate 3401E, FortiGate 3501F, FortiGate 3601E, FortiGate 3700D, FortiGate 3800D, FortiGate 401E, FortiGate 40F 3G4G, FortiGate 40F, FortiGate 4201F, FortiGate 4401F, FortiGate 5001E1, FortiGate 501E, FortiGate 601E, FortiGate 60F, FortiGate 61E, FortiGate 61F, FortiGate 800D, FortiGate 80F Bypass, FortiGate 81E-POE, FortiGate 81E, FortiGate 81F-POE, FortiGate 81F, FortiGate 900D, FortiGate 91E, FortiGate VM64, FortiGateRugged 60F 3G4G, FortiGateRugged 60F, FortiWiFi 40F 3G4G, FortiWiFi 40F, FortiWiFi 60F, FortiWiFi 61E, FortiWiFi 61F, FortiWiFi 80F 2R, FortiWiFi 81F 2R.

It is not available for: FortiGate 100EF, FortiGate 100E, FortiGate 1100E, FortiGate 140E-POE, FortiGate 140E, FortiGate 1800F, FortiGate 200E, FortiGate 200F, FortiGate 300E, FortiGate 3300E, FortiGate 3400E, FortiGate 3500F, FortiGate 3600E, FortiGate 3960E, FortiGate 3980E, FortiGate 400E Bypass, FortiGate 400E, FortiGate 4200F, FortiGate 4400F, FortiGate 5001E, FortiGate 500E, FortiGate 600E, FortiGate 60E DSLJ, FortiGate 60E DSL, FortiGate 60E-POE, FortiGate 60E, FortiGate 80E-POE, FortiGate 80E, FortiGate 80F-POE, FortiGate 80F, FortiGate 90E, FortiWiFi 60E DSLJ, FortiWiFi 60E DSL, FortiWiFi 60E.

Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints.

config dlp fp-doc-source
    Description: Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints.
    edit <name>
        set date {integer}
        set file-path {string}
        set file-pattern {string}
        set keep-modified [enable|disable]
        set password {password}
        set period [none|daily|...]
        set remove-deleted [enable|disable]
        set scan-on-creation [enable|disable]
        set scan-subdirectories [enable|disable]
        set sensitivity {string}
        set server {string}
        set server-type {option}
        set tod-hour {integer}
        set tod-min {integer}
        set username {string}
        set vdom [mgmt|current]
        set weekday [sunday|monday|...]
    next
end

config dlp fp-doc-source

Parameter

Description

Type

Size

Default

date

Day of the month on which to scan the server.

integer

Minimum value: 1 Maximum value: 31

1

file-path

Path on the server to the fingerprint files (max 119 characters).

string

Maximum length: 119

file-pattern

Files matching this pattern on the server are fingerprinted. Optionally use the * and ? wildcards.

string

Maximum length: 35

*

keep-modified

Enable so that when a file is changed on the server the FortiGate keeps the old fingerprint and adds a new fingerprint to the database.

option

-

enable

Option

Description

enable

Keep the old fingerprint and add a new fingerprint when a file is changed on the server.

disable

Replace the old fingerprint with the new fingerprint when a file is changed on the server.

name

Name of the DLP fingerprint database.

string

Maximum length: 35

password

Password required to log into the file server.

password

Not Specified

period

Frequency for which the FortiGate checks the server for new or changed files.

option

-

none

Option

Description

none

Check the server when the FortiGate starts up.

daily

Check the server once a day.

weekly

Check the server once a week.

monthly

Check the server once a month.

remove-deleted

Enable to keep the fingerprint database up to date when a file is deleted from the server.

option

-

enable

Option

Description

enable

Keep the fingerprint database up to date when a file is deleted from the server.

disable

Do not check for deleted files on the server. Saves system resources.

scan-on-creation

Enable to keep the fingerprint database up to date when a file is added or changed on the server.

option

-

enable

Option

Description

enable

Keep the fingerprint database up to date when a file is added or changed on the server.

disable

Do not check for added or changed files on the server. Saves system resources.

scan-subdirectories

Enable/disable scanning subdirectories to find files to create fingerprints from.

option

-

enable

Option

Description

enable

Scan subdirectories.

disable

Do not scan subdirectories.

sensitivity

Select a sensitivity or threat level for matches with this fingerprint database. Add sensitivities using sensitivity.

string

Maximum length: 35

server

IPv4 or IPv6 address of the server.

string

Maximum length: 35

server-type

Protocol used to communicate with the file server. Currently only Samba (SMB) servers are supported.

option

-

samba

Option

Description

samba

SAMBA server.

tod-hour

Hour of the day on which to scan the server.

integer

Minimum value: 0 Maximum value: 23

1

tod-min

Minute of the hour on which to scan the server.

integer

Minimum value: 0 Maximum value: 59

0

username

User name required to log into the file server.

string

Maximum length: 35

vdom

Select the VDOM that can communicate with the file server.

option

-

mgmt

Option

Description

mgmt

Communicate with the file server through the management VDOM.

current

Communicate with the file server through the VDOM containing this DLP fingerprint database configuration.

weekday

Day of the week on which to scan the server.

option

-

sunday

Option

Description

sunday

Sunday

monday

Monday

tuesday

Tuesday

wednesday

Wednesday

thursday

Thursday

friday

Friday

saturday

Saturday

config dlp fp-doc-source

Note

This command is available for model(s): FortiGate 1000D, FortiGate 101E, FortiGate 1101E, FortiGate 1500DT, FortiGate 1500D, FortiGate 1801F, FortiGate 2000E, FortiGate 201E, FortiGate 201F, FortiGate 2201E, FortiGate 2500E, FortiGate 2600F, FortiGate 2601F, FortiGate 3000D, FortiGate 301E, FortiGate 3100D, FortiGate 3200D, FortiGate 3301E, FortiGate 3401E, FortiGate 3501F, FortiGate 3601E, FortiGate 3700D, FortiGate 3800D, FortiGate 401E, FortiGate 40F 3G4G, FortiGate 40F, FortiGate 4201F, FortiGate 4401F, FortiGate 5001E1, FortiGate 501E, FortiGate 601E, FortiGate 60F, FortiGate 61E, FortiGate 61F, FortiGate 800D, FortiGate 80F Bypass, FortiGate 81E-POE, FortiGate 81E, FortiGate 81F-POE, FortiGate 81F, FortiGate 900D, FortiGate 91E, FortiGate VM64, FortiGateRugged 60F 3G4G, FortiGateRugged 60F, FortiWiFi 40F 3G4G, FortiWiFi 40F, FortiWiFi 60F, FortiWiFi 61E, FortiWiFi 61F, FortiWiFi 80F 2R, FortiWiFi 81F 2R.

It is not available for: FortiGate 100EF, FortiGate 100E, FortiGate 1100E, FortiGate 140E-POE, FortiGate 140E, FortiGate 1800F, FortiGate 200E, FortiGate 200F, FortiGate 300E, FortiGate 3300E, FortiGate 3400E, FortiGate 3500F, FortiGate 3600E, FortiGate 3960E, FortiGate 3980E, FortiGate 400E Bypass, FortiGate 400E, FortiGate 4200F, FortiGate 4400F, FortiGate 5001E, FortiGate 500E, FortiGate 600E, FortiGate 60E DSLJ, FortiGate 60E DSL, FortiGate 60E-POE, FortiGate 60E, FortiGate 80E-POE, FortiGate 80E, FortiGate 80F-POE, FortiGate 80F, FortiGate 90E, FortiWiFi 60E DSLJ, FortiWiFi 60E DSL, FortiWiFi 60E.

Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints.

config dlp fp-doc-source
    Description: Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints.
    edit <name>
        set date {integer}
        set file-path {string}
        set file-pattern {string}
        set keep-modified [enable|disable]
        set password {password}
        set period [none|daily|...]
        set remove-deleted [enable|disable]
        set scan-on-creation [enable|disable]
        set scan-subdirectories [enable|disable]
        set sensitivity {string}
        set server {string}
        set server-type {option}
        set tod-hour {integer}
        set tod-min {integer}
        set username {string}
        set vdom [mgmt|current]
        set weekday [sunday|monday|...]
    next
end

config dlp fp-doc-source

Parameter

Description

Type

Size

Default

date

Day of the month on which to scan the server.

integer

Minimum value: 1 Maximum value: 31

1

file-path

Path on the server to the fingerprint files (max 119 characters).

string

Maximum length: 119

file-pattern

Files matching this pattern on the server are fingerprinted. Optionally use the * and ? wildcards.

string

Maximum length: 35

*

keep-modified

Enable so that when a file is changed on the server the FortiGate keeps the old fingerprint and adds a new fingerprint to the database.

option

-

enable

Option

Description

enable

Keep the old fingerprint and add a new fingerprint when a file is changed on the server.

disable

Replace the old fingerprint with the new fingerprint when a file is changed on the server.

name

Name of the DLP fingerprint database.

string

Maximum length: 35

password

Password required to log into the file server.

password

Not Specified

period

Frequency for which the FortiGate checks the server for new or changed files.

option

-

none

Option

Description

none

Check the server when the FortiGate starts up.

daily

Check the server once a day.

weekly

Check the server once a week.

monthly

Check the server once a month.

remove-deleted

Enable to keep the fingerprint database up to date when a file is deleted from the server.

option

-

enable

Option

Description

enable

Keep the fingerprint database up to date when a file is deleted from the server.

disable

Do not check for deleted files on the server. Saves system resources.

scan-on-creation

Enable to keep the fingerprint database up to date when a file is added or changed on the server.

option

-

enable

Option

Description

enable

Keep the fingerprint database up to date when a file is added or changed on the server.

disable

Do not check for added or changed files on the server. Saves system resources.

scan-subdirectories

Enable/disable scanning subdirectories to find files to create fingerprints from.

option

-

enable

Option

Description

enable

Scan subdirectories.

disable

Do not scan subdirectories.

sensitivity

Select a sensitivity or threat level for matches with this fingerprint database. Add sensitivities using sensitivity.

string

Maximum length: 35

server

IPv4 or IPv6 address of the server.

string

Maximum length: 35

server-type

Protocol used to communicate with the file server. Currently only Samba (SMB) servers are supported.

option

-

samba

Option

Description

samba

SAMBA server.

tod-hour

Hour of the day on which to scan the server.

integer

Minimum value: 0 Maximum value: 23

1

tod-min

Minute of the hour on which to scan the server.

integer

Minimum value: 0 Maximum value: 59

0

username

User name required to log into the file server.

string

Maximum length: 35

vdom

Select the VDOM that can communicate with the file server.

option

-

mgmt

Option

Description

mgmt

Communicate with the file server through the management VDOM.

current

Communicate with the file server through the VDOM containing this DLP fingerprint database configuration.

weekday

Day of the week on which to scan the server.

option

-

sunday

Option

Description

sunday

Sunday

monday

Monday

tuesday

Tuesday

wednesday

Wednesday

thursday

Thursday

friday

Friday

saturday

Saturday