Fortinet white logo
Fortinet white logo

CLI Reference

config system automation-trigger

config system automation-trigger

Trigger for automation stitches.

config system automation-trigger
    Description: Trigger for automation stitches.
    edit <name>
        set description {var-string}
        set trigger-type [event-based|scheduled]
        set event-type [ioc|event-log|...]
        set vdom <name1>, <name2>, ...
        set license-type [forticare-support|fortiguard-webfilter|...]
        set report-type [posture|coverage|...]
        set logid <id1>, <id2>, ...
        set trigger-frequency [hourly|daily|...]
        set trigger-weekday [sunday|monday|...]
        set trigger-day {integer}
        set trigger-hour {integer}
        set trigger-minute {integer}
        set trigger-datetime {datetime}
        config fields
            Description: Customized trigger field settings.
            edit <id>
                set name {string}
                set value {var-string}
            next
        end
        set faz-event-name {var-string}
        set faz-event-severity {var-string}
        set faz-event-tags {var-string}
        set serial {var-string}
        set fabric-event-name {var-string}
        set fabric-event-severity {var-string}
    next
end

config system automation-trigger

Parameter

Description

Type

Size

Default

name

Name.

string

Maximum length: 35

description

Description.

var-string

Maximum length: 255

trigger-type

Trigger type.

option

-

event-based

Option

Description

event-based

Event based trigger.

scheduled

Scheduled trigger.

event-type

Event type.

option

-

ioc

Option

Description

ioc

Indicator of compromise detected.

event-log

Use log ID as trigger.

reboot

Device reboot.

low-memory

Conserve mode due to low memory.

high-cpu

High CPU usage.

license-near-expiry

License near expiration date.

local-cert-near-expiry

The local certificate near expiration date.

ha-failover

HA failover.

config-change

Configuration change.

security-rating-summary

Security rating summary.

virus-ips-db-updated

Virus and IPS database updated.

faz-event

FortiAnalyzer event.

incoming-webhook

Incoming webhook call.

fabric-event

Fabric connector event.

ips-logs

IPS logs.

anomaly-logs

Anomaly logs.

virus-logs

Virus logs.

ssh-logs

SSH logs.

webfilter-violation

Webfilter violation.

traffic-violation

Traffic violation.

vdom <name>

Virtual domain(s) that this trigger is valid for.

Virtual domain name.

string

Maximum length: 79

license-type

License type.

option

-

forticare-support

Option

Description

forticare-support

FortiCare support license.

fortiguard-webfilter

FortiGuard web filter license.

fortiguard-antispam

FortiGuard antispam license.

fortiguard-antivirus

FortiGuard AntiVirus license.

fortiguard-ips

FortiGuard IPS license.

fortiguard-management

FortiGuard management service license.

forticloud

FortiCloud license.

any

Any license.

report-type

Security Rating report.

option

-

posture

Option

Description

posture

Posture report.

coverage

Coverage report.

optimization

Optimization report

any

Any report.

logid <id>

Log IDs to trigger event.

Log ID.

integer

Minimum value: 1 Maximum value: 65535

trigger-frequency

Scheduled trigger frequency.

option

-

daily

Option

Description

hourly

Run hourly.

daily

Run daily.

weekly

Run weekly.

monthly

Run monthly.

once

Run once at specified date time.

trigger-weekday

Day of week for trigger.

option

-

Option

Description

sunday

Sunday.

monday

Monday.

tuesday

Tuesday.

wednesday

Wednesday.

thursday

Thursday.

friday

Friday.

saturday

Saturday.

trigger-day

Day within a month to trigger.

integer

Minimum value: 1 Maximum value: 31

1

trigger-hour

Hour of the day on which to trigger.

integer

Minimum value: 0 Maximum value: 23

0

trigger-minute

Minute of the hour on which to trigger.

integer

Minimum value: 0 Maximum value: 59

0

trigger-datetime

Trigger date and time (YYYY-MM-DD HH:MM:SS).

datetime

Not Specified

0000-00-00 00:00:00

faz-event-name

FortiAnalyzer event handler name.

var-string

Maximum length: 255

faz-event-severity

FortiAnalyzer event severity.

var-string

Maximum length: 255

faz-event-tags

FortiAnalyzer event tags.

var-string

Maximum length: 255

serial

Fabric connector serial number.

var-string

Maximum length: 255

fabric-event-name

Fabric connector event handler name.

var-string

Maximum length: 255

fabric-event-severity

Fabric connector event severity.

var-string

Maximum length: 255

config fields

Parameter

Description

Type

Size

Default

id

Entry ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

name

Name.

string

Maximum length: 35

value

Value.

var-string

Maximum length: 63

config system automation-trigger

config system automation-trigger

Trigger for automation stitches.

config system automation-trigger
    Description: Trigger for automation stitches.
    edit <name>
        set description {var-string}
        set trigger-type [event-based|scheduled]
        set event-type [ioc|event-log|...]
        set vdom <name1>, <name2>, ...
        set license-type [forticare-support|fortiguard-webfilter|...]
        set report-type [posture|coverage|...]
        set logid <id1>, <id2>, ...
        set trigger-frequency [hourly|daily|...]
        set trigger-weekday [sunday|monday|...]
        set trigger-day {integer}
        set trigger-hour {integer}
        set trigger-minute {integer}
        set trigger-datetime {datetime}
        config fields
            Description: Customized trigger field settings.
            edit <id>
                set name {string}
                set value {var-string}
            next
        end
        set faz-event-name {var-string}
        set faz-event-severity {var-string}
        set faz-event-tags {var-string}
        set serial {var-string}
        set fabric-event-name {var-string}
        set fabric-event-severity {var-string}
    next
end

config system automation-trigger

Parameter

Description

Type

Size

Default

name

Name.

string

Maximum length: 35

description

Description.

var-string

Maximum length: 255

trigger-type

Trigger type.

option

-

event-based

Option

Description

event-based

Event based trigger.

scheduled

Scheduled trigger.

event-type

Event type.

option

-

ioc

Option

Description

ioc

Indicator of compromise detected.

event-log

Use log ID as trigger.

reboot

Device reboot.

low-memory

Conserve mode due to low memory.

high-cpu

High CPU usage.

license-near-expiry

License near expiration date.

local-cert-near-expiry

The local certificate near expiration date.

ha-failover

HA failover.

config-change

Configuration change.

security-rating-summary

Security rating summary.

virus-ips-db-updated

Virus and IPS database updated.

faz-event

FortiAnalyzer event.

incoming-webhook

Incoming webhook call.

fabric-event

Fabric connector event.

ips-logs

IPS logs.

anomaly-logs

Anomaly logs.

virus-logs

Virus logs.

ssh-logs

SSH logs.

webfilter-violation

Webfilter violation.

traffic-violation

Traffic violation.

vdom <name>

Virtual domain(s) that this trigger is valid for.

Virtual domain name.

string

Maximum length: 79

license-type

License type.

option

-

forticare-support

Option

Description

forticare-support

FortiCare support license.

fortiguard-webfilter

FortiGuard web filter license.

fortiguard-antispam

FortiGuard antispam license.

fortiguard-antivirus

FortiGuard AntiVirus license.

fortiguard-ips

FortiGuard IPS license.

fortiguard-management

FortiGuard management service license.

forticloud

FortiCloud license.

any

Any license.

report-type

Security Rating report.

option

-

posture

Option

Description

posture

Posture report.

coverage

Coverage report.

optimization

Optimization report

any

Any report.

logid <id>

Log IDs to trigger event.

Log ID.

integer

Minimum value: 1 Maximum value: 65535

trigger-frequency

Scheduled trigger frequency.

option

-

daily

Option

Description

hourly

Run hourly.

daily

Run daily.

weekly

Run weekly.

monthly

Run monthly.

once

Run once at specified date time.

trigger-weekday

Day of week for trigger.

option

-

Option

Description

sunday

Sunday.

monday

Monday.

tuesday

Tuesday.

wednesday

Wednesday.

thursday

Thursday.

friday

Friday.

saturday

Saturday.

trigger-day

Day within a month to trigger.

integer

Minimum value: 1 Maximum value: 31

1

trigger-hour

Hour of the day on which to trigger.

integer

Minimum value: 0 Maximum value: 23

0

trigger-minute

Minute of the hour on which to trigger.

integer

Minimum value: 0 Maximum value: 59

0

trigger-datetime

Trigger date and time (YYYY-MM-DD HH:MM:SS).

datetime

Not Specified

0000-00-00 00:00:00

faz-event-name

FortiAnalyzer event handler name.

var-string

Maximum length: 255

faz-event-severity

FortiAnalyzer event severity.

var-string

Maximum length: 255

faz-event-tags

FortiAnalyzer event tags.

var-string

Maximum length: 255

serial

Fabric connector serial number.

var-string

Maximum length: 255

fabric-event-name

Fabric connector event handler name.

var-string

Maximum length: 255

fabric-event-severity

Fabric connector event severity.

var-string

Maximum length: 255

config fields

Parameter

Description

Type

Size

Default

id

Entry ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

name

Name.

string

Maximum length: 35

value

Value.

var-string

Maximum length: 63