Fortinet white logo
Fortinet white logo

Administration Guide

Comparing different configuration files

Comparing different configuration files

You can compare the changes or differences between two versions of a configuration file by using the Diff function.

The Diff function behaves differently under certain circumstances.

For example, when a device is first added to the FortiManager system, the FortiManager system gets the configuration file directly from the FortiGate unit and stores it as is. This configuration file is version/ID 1.

If you make changes to the device configuration in Device Manager and select Commit, the new configuration file is saved as version/ID 2. If you use the Diff icon to view the changes/differences between version/ID 1 and version/ID 2, you will be shown more changes than you have made.

This happens because the items in the file version/ID 1 are ordered as they are on the FortiGate unit. Configurations of version/ID 2 are sequenced differently when they are edited and committed in Device Manager. Therefore, when you compare version/ID 1 and version/ID 2, the Diff function sees every item in the configuration file as changed.

If you take version/ID 2, change an item and commit it, the tag is changed to version/ID 3. If you use Diff with version/ID 2 and version/ID 3, only the changes that you made are shown. This is because version/ID 2 and version/ID 3 have both been sequenced in the same way in Device Manager.

To compare different configuration files:
  1. Go to Device Manager > Device & Groups and select a device group.
  2. In the lower tree menu, select a device. The content pane displays the device dashboard.
  3. In the dashboard, locate the Configuration and Installation Status widget.
  4. In the Total Revisions row, click Revision History.
  5. Select a revision, and click Revision Diff in the toolbar.
  6. Select another version for the diff.
  7. In the Diff Output section, select Show Full File Diff, Show Diff Only, or Capture Diff to a Script.

    Show Full File Diff shows the full configuration file and highlights all configuration differences.

    Show Diff Only shows only configuration differences.

    Capture Diff to a Script downloads the diff to a script.

  8. Click Apply.

    If you selected show diff, the configuration differences are displayed in colored highlights. If you selected capture to a script, the script is saved in your downloads folder.

To revert to another configuration file:
  1. Go to Device Manager > Device & Groups and select a device group.
  2. In the lower tree menu, select a device. The content pane displays the device dashboard.
  3. In the dashboard, locate the Configuration and Installation Status widget.
  4. In the Total Revisions row, click Revision History.
  5. Right-click the revision to which you want to revert, and click Revert.

    The system immediately reverts to the selected revision.

Comparing different configuration files

Comparing different configuration files

You can compare the changes or differences between two versions of a configuration file by using the Diff function.

The Diff function behaves differently under certain circumstances.

For example, when a device is first added to the FortiManager system, the FortiManager system gets the configuration file directly from the FortiGate unit and stores it as is. This configuration file is version/ID 1.

If you make changes to the device configuration in Device Manager and select Commit, the new configuration file is saved as version/ID 2. If you use the Diff icon to view the changes/differences between version/ID 1 and version/ID 2, you will be shown more changes than you have made.

This happens because the items in the file version/ID 1 are ordered as they are on the FortiGate unit. Configurations of version/ID 2 are sequenced differently when they are edited and committed in Device Manager. Therefore, when you compare version/ID 1 and version/ID 2, the Diff function sees every item in the configuration file as changed.

If you take version/ID 2, change an item and commit it, the tag is changed to version/ID 3. If you use Diff with version/ID 2 and version/ID 3, only the changes that you made are shown. This is because version/ID 2 and version/ID 3 have both been sequenced in the same way in Device Manager.

To compare different configuration files:
  1. Go to Device Manager > Device & Groups and select a device group.
  2. In the lower tree menu, select a device. The content pane displays the device dashboard.
  3. In the dashboard, locate the Configuration and Installation Status widget.
  4. In the Total Revisions row, click Revision History.
  5. Select a revision, and click Revision Diff in the toolbar.
  6. Select another version for the diff.
  7. In the Diff Output section, select Show Full File Diff, Show Diff Only, or Capture Diff to a Script.

    Show Full File Diff shows the full configuration file and highlights all configuration differences.

    Show Diff Only shows only configuration differences.

    Capture Diff to a Script downloads the diff to a script.

  8. Click Apply.

    If you selected show diff, the configuration differences are displayed in colored highlights. If you selected capture to a script, the script is saved in your downloads folder.

To revert to another configuration file:
  1. Go to Device Manager > Device & Groups and select a device group.
  2. In the lower tree menu, select a device. The content pane displays the device dashboard.
  3. In the dashboard, locate the Configuration and Installation Status widget.
  4. In the Total Revisions row, click Revision History.
  5. Right-click the revision to which you want to revert, and click Revert.

    The system immediately reverts to the selected revision.