Fortinet white logo
Fortinet white logo

CLI Reference

config dlp fp-doc-source

config dlp fp-doc-source

Create a DLP fingerprint database by allowing the FortiProxy to access a file server containing files from which to create fingerprints.

config dlp fp-doc-source
    Description: Create a DLP fingerprint database by allowing the FortiProxy to access a file server containing files from which to create fingerprints.
    edit <name>
        set server-type {option}
        set server {string}
        set period [none|daily|...]
        set vdom [mgmt|current]
        set scan-subdirectories [enable|disable]
        set scan-on-creation [enable|disable]
        set remove-deleted [enable|disable]
        set keep-modified [enable|disable]
        set username {string}
        set password {password}
        set file-path {string}
        set file-pattern {string}
        set sensitivity {string}
        set tod-hour {integer}
        set tod-min {integer}
        set weekday [sunday|monday|...]
        set date {integer}
    next
end

config dlp fp-doc-source

Parameter

Description

Type

Size

Default

name

Name of the DLP fingerprint database.

string

Maximum length: 35

server-type

Protocol used to communicate with the file server. Currently only Samba (SMB) servers are supported.

option

-

samba

Option

Description

samba

SAMBA server.

server

IPv4 or IPv6 address of the server.

string

Maximum length: 35

period

Frequency for which the FortiProxy checks the server for new or changed files.

option

-

none

Option

Description

none

Check the server when the FortiGate starts up.

daily

Check the server once a day.

weekly

Check the server once a week.

monthly

Check the server once a month.

vdom

Select the VDOM that can communicate with the file server.

option

-

mgmt

Option

Description

mgmt

Communicate with the file server through the management VDOM.

current

Communicate with the file server through the VDOM containing this DLP fingerprint database configuration.

scan-subdirectories

Enable/disable scanning subdirectories to find files to create fingerprints from.

option

-

enable

Option

Description

enable

Scan subdirectories.

disable

Do not scan subdirectories.

scan-on-creation

Enable to keep the fingerprint database up to date when a file is added or changed on the server.

option

-

enable

Option

Description

enable

Keep the fingerprint database up to date when a file is added or changed on the server.

disable

Do not check for added or changed files on the server. Saves system resources.

remove-deleted

Enable to keep the fingerprint database up to date when a file is deleted from the server.

option

-

enable

Option

Description

enable

Keep the fingerprint database up to date when a file is deleted from the server.

disable

Do not check for deleted files on the server. Saves system resources.

keep-modified

Enable so that when a file is changed on the server the FortiProxy keeps the old fingerprint and adds a new fingerprint to the database.

option

-

enable

Option

Description

enable

Keep the old fingerprint and add a new fingerprint when a file is changed on the server.

disable

Replace the old fingerprint with the new fingerprint when a file is changed on the server.

username

User name required to log into the file server.

string

Maximum length: 35

password

Password required to log into the file server.

password

Not Specified

file-path

Path on the server to the fingerprint files (max 119 characters).

string

Maximum length: 119

file-pattern

Files matching this pattern on the server are fingerprinted. Optionally use the * and ? wildcards.

string

Maximum length: 35

*

sensitivity

Select a sensitivity or threat level for matches with this fingerprint database. Add sensitivities using sensitivity.

string

Maximum length: 35

tod-hour

Hour of the day on which to scan the server.

integer

Minimum value: 0 Maximum value: 23

1

tod-min

Minute of the hour on which to scan the server.

integer

Minimum value: 0 Maximum value: 59

0

weekday

Day of the week on which to scan the server.

option

-

sunday

Option

Description

sunday

Sunday

monday

Monday

tuesday

Tuesday

wednesday

Wednesday

thursday

Thursday

friday

Friday

saturday

Saturday

date

Day of the month on which to scan the server.

integer

Minimum value: 1 Maximum value: 31

1

config dlp fp-doc-source

config dlp fp-doc-source

Create a DLP fingerprint database by allowing the FortiProxy to access a file server containing files from which to create fingerprints.

config dlp fp-doc-source
    Description: Create a DLP fingerprint database by allowing the FortiProxy to access a file server containing files from which to create fingerprints.
    edit <name>
        set server-type {option}
        set server {string}
        set period [none|daily|...]
        set vdom [mgmt|current]
        set scan-subdirectories [enable|disable]
        set scan-on-creation [enable|disable]
        set remove-deleted [enable|disable]
        set keep-modified [enable|disable]
        set username {string}
        set password {password}
        set file-path {string}
        set file-pattern {string}
        set sensitivity {string}
        set tod-hour {integer}
        set tod-min {integer}
        set weekday [sunday|monday|...]
        set date {integer}
    next
end

config dlp fp-doc-source

Parameter

Description

Type

Size

Default

name

Name of the DLP fingerprint database.

string

Maximum length: 35

server-type

Protocol used to communicate with the file server. Currently only Samba (SMB) servers are supported.

option

-

samba

Option

Description

samba

SAMBA server.

server

IPv4 or IPv6 address of the server.

string

Maximum length: 35

period

Frequency for which the FortiProxy checks the server for new or changed files.

option

-

none

Option

Description

none

Check the server when the FortiGate starts up.

daily

Check the server once a day.

weekly

Check the server once a week.

monthly

Check the server once a month.

vdom

Select the VDOM that can communicate with the file server.

option

-

mgmt

Option

Description

mgmt

Communicate with the file server through the management VDOM.

current

Communicate with the file server through the VDOM containing this DLP fingerprint database configuration.

scan-subdirectories

Enable/disable scanning subdirectories to find files to create fingerprints from.

option

-

enable

Option

Description

enable

Scan subdirectories.

disable

Do not scan subdirectories.

scan-on-creation

Enable to keep the fingerprint database up to date when a file is added or changed on the server.

option

-

enable

Option

Description

enable

Keep the fingerprint database up to date when a file is added or changed on the server.

disable

Do not check for added or changed files on the server. Saves system resources.

remove-deleted

Enable to keep the fingerprint database up to date when a file is deleted from the server.

option

-

enable

Option

Description

enable

Keep the fingerprint database up to date when a file is deleted from the server.

disable

Do not check for deleted files on the server. Saves system resources.

keep-modified

Enable so that when a file is changed on the server the FortiProxy keeps the old fingerprint and adds a new fingerprint to the database.

option

-

enable

Option

Description

enable

Keep the old fingerprint and add a new fingerprint when a file is changed on the server.

disable

Replace the old fingerprint with the new fingerprint when a file is changed on the server.

username

User name required to log into the file server.

string

Maximum length: 35

password

Password required to log into the file server.

password

Not Specified

file-path

Path on the server to the fingerprint files (max 119 characters).

string

Maximum length: 119

file-pattern

Files matching this pattern on the server are fingerprinted. Optionally use the * and ? wildcards.

string

Maximum length: 35

*

sensitivity

Select a sensitivity or threat level for matches with this fingerprint database. Add sensitivities using sensitivity.

string

Maximum length: 35

tod-hour

Hour of the day on which to scan the server.

integer

Minimum value: 0 Maximum value: 23

1

tod-min

Minute of the hour on which to scan the server.

integer

Minimum value: 0 Maximum value: 59

0

weekday

Day of the week on which to scan the server.

option

-

sunday

Option

Description

sunday

Sunday

monday

Monday

tuesday

Tuesday

wednesday

Wednesday

thursday

Thursday

friday

Friday

saturday

Saturday

date

Day of the month on which to scan the server.

integer

Minimum value: 1 Maximum value: 31

1