User Guide

Getting started
- Part 1: Add your infrastructure to FortiMonitor
- Part 2: Monitoring
- Part 3: Alert Timelines
- Part 4: Visualization
- Part 5: Team Management
- Part 6: Reports
- Part 7: CounterMeasures
- Supported browsers
Infrastructure Map
Instance Details page
- Assign Alert Timelines
- Create an Instance Group
My Account
- Can I see what changes have been made to my account and by whom?
- Manage email preferences
Dashboards
- Dashboard widgets
- Clone a widget
- Topology Maps
  - Create and save views
Monitoring
- Add monitoring to an existing server
- Tags
- Monitoring locations
  - Specifying confirmation check locations
  - Global monitoring network
    - Checker IP changes
- Advanced monitoring features
  - Compound metrics
  - Force a DNS update after an IP address change
- Monitoring policies
- Monitoring guides
  - MySQL monitoring
  - Redis monitoring
Templates
- Default templates
- Configure a template
- Apply server templates
- Template pattern matching
- Disassociate a template from multiple instances
Cloud monitoring
- AWS
- Azure
  - Azure App Service
- Cisco Meraki
- Kubernetes
  - Kubernetes Details page
Application monitoring
- Get started with Application Monitoring
- Add an Application
Path monitoring
SD-WAN application monitoring
- FortiGate and OnSight configuration for SD-WAN synthetic monitoring
- Set up SD-WAN application monitoring
Security Fabric
- Fabric Tunnel connected to FortiMonitor cloud (FortiOS 7.0 and newer)
- Fabric 7.x OnSight proxy
- Fabric 6.x Integration
- Fabric integration via FortiManager proxy
Network device monitoring
NetFlow monitoring
- Estimator mode
VMware
Network checks
- Network service checks
- Synthetic Monitoring
  - HTTP
  - HTTPS
- Browser synthetic (multistep) check
  - Available multistep commands
- JavaScript synthetic
  - Set up a JavaScript synthetic check environment
- Configure incident alert and response time thresholds
- Limit the number of confirmations for an outage
- Dynamic variables
FortiMonitor Agent
- Install the FortiMonitor Agent
- Add FortiMonitor Agent checks
- FortiMonitor Agent Security
- Windows Agent auto-update
- Add plugins to a blacklist
- Add metrics using Windows Performance Monitor
- Prepare a FortiMonitor Agent for server imaging/cloning
- Rebuild the FortiMonitor Agent metadata
- IP matching
- Start or end Maintenance from the FortiMonitor Linux Agent
- Migrate configuration to FortiMonitor Agent
- Troubleshooting the FortiMonitor Agent
- Automate the Agent installation
  - Use the FortiMonitor Agent manifest file
  - Remove an instance automatically
- Custom metrics and incidents
- Application plugins
Endpoint Agent
- Add a Windows Endpoint FortiMonitor Agent
- Add a MacOS Agent
CounterMeasures
- Linux CounterMeasures
  - Standard Linux CounterMeasure actions
  - Custom Linux CounterMeasure actions
- Windows CounterMeasures
  - Standard Windows CounterMeasure Actions
  - Custom Windows CounterMeasures actions
- OnSight-based CounterMeasures
- CounterMeasures security
- CounterMeasures Slack integration
OnSight vCollector
- One-liner installer
- OnSight virtual image installation
- OnSight AMI installation
- OnSight for Azure installation
- Automate the OnSight deployment
- Monitor a device that has not been discovered with OnSight
- OnSight discovery
- Upgrading the OnSight
- Manage and configure your OnSight vCollector
- OnSight custom metrics
- Additional setup and helpful tips
SNMP
- SNMP traps
- SNMP polling
- Configure SNMP alert thresholds
- SNMP troubleshooting
Alerting
- Alert Timelines
- Email
- SMS
- Integrations
- Limit the number of confirmation checks for an outage
- Set up an On-Call schedule
- Multiple server outages
- Notification for an individual service on a server
- Long-running incidents
Incident Hub
- View incident details
- Incident Solutions
- Create an incident using email
Reports
- Create a report
- Public status pages
- Exporting Metric Reports for long duration time periods
Maintenance Schedules
- Maintenance history
API
- API keys
- View the API library
- Custom incidents using API
- Postman
Users, Groups, and Authentication
- Add users to your account
  - Access control
  - Create a Group
- Single sign-on (SSO)
Multi-tenancy
- Manage subtenants
- Manage a multi-tenant environment
  - Multi-tenant dashboards
- White label options
Mobile app
- Acknowledging incidents and other actions
NCM
- NCM installation and initial configuration
- NCM Supported Devices
- Backup
  - Backup filters
- Search syntax help
- Mass Config Push
  - Device mode table
  - VT100 Control / Command sequences
- Device variables
- NCM Slack configuration
- System login
- Discovery
- Scheduling
- User security and access roles
- Sensitive data stripping
FAQ
- Data Retention and Compliance
Get support

Home FortiMonitor 24.2.0 User Guide

24.2.0

Advanced techniques

SSH Extension

You can store and use SSH passwords with set-secret command in the same way as the OnSight CLI.

$ ./onsight-dev.sh set-secret --user test --password sample-pass

You can view the stored password with list-secret command. The passwords will be displayed as encrypted.

$ ./onsight-dev.sh list-secret

test@any 70612870616e6f70746129f2c1497df1bb80d2eaa2502870616e6f7074612930340074096693c30ace71609d7ed85a2870616e6f70746129efb6bc82ee045729ba26b301d6796f952870616e6f7074612954744468634b50545578556b41324b437257707971

Sample of how to run ssh command with the stored secret in plugin

self.execute_ssh_with_secret_password("command", hostname, "test")

Fabric Extension

If you want to build and test custom plugins which use Fabric Helper functions to access FortiGate, you should use API token authentication in onsight-dev regardless of how you actually integrate them in the production environment.

First, get API token from the FortiGate GUI (System > Administrators > Create REST API Admin).

Add fortiapi-token variable to metadata:

"fortiapi-token": "csHkh94cr0QQf8tb9px5N80w34fh11",

Optionally, you may need to add fortiapi-ip and fortiapi-port to specify IP/Port of the target FortiGate. you may need these when you run onsight-dev from an external network. First, check the connectivity to the target FortiGate.

"fortiapi-ip": "35.232.85.200",

"fortiapi-port": 443,

In your plugins, Fabric Helper functions will work in the same way regardless of integration methods. For example,

self.fortiapi_fortios(instance_id, "/api/v2/monitor/system/resource/usage?resource=mem&interval=1-min"

SNMP Extension

If you want to build and test custom plugins which send SNMP queries, you should add variables to metadata for SNMP access to the target device.

SNMP version 1 or 2c

"snmp-version": "2c",

"snmp-community-string": "public",

SNMP version 3

"snmp-version": "3",

"snmp-user": "sha1-aes256",

"snmp-auth-protocol": "sha1",

"snmp-auth-key": "authkey1",

"snmp-privacy-protocol": "aes-256",

"snmp-privacy-key": "privkey1",

Available auth protocol

None (no authentication)
md5
sha1
sha-224
sha-256
sha-384
sha-512

Available privacy protocol

None (no encryption)
des
aes
aes-192
aes-256
aes-256-c