Fortinet black logo

Administration Guide

Configuring automation stitches

Copy Link
Copy Doc ID d887c3dd-ee67-11ec-bb32-fa163e15d75b:653071
Download PDF

Configuring automation stitches

To configure an automation stitch, you specify a trigger and the action that is performed when the trigger occurs and then set the status to enable.

You can specify one of the following triggers:

  • The configuration changed.

  • There was a warm or cold reboot of the switch.

  • The scheduled time occurred.

  • An event was logged.

NOTE: When you specify the log ID, the range of values is 1-65535. If you use the full 10-digit entry, the first four digits are truncated.

You can specify one of the following actions:

  • Run a CLI script.

  • Send an email message.

  • Display an alert in the console.

  • Generate an SNMP trap.

  • Send data to a uniform resource identifier (URI), such as an IP address or URL.

Use the following steps to configure an automation stitch:

  1. config system automation-trigger

    edit <trigger_name>

    set trigger-type {event-based | scheduled}

    set event-type {config-change | event-log | reboot}

    set logid <log_ID>

    set trigger-frequency {daily | hourly | monthly | weekly}

    set trigger-hour <0-23>

    set trigger-minute <0-59>

    set trigger-day <1-31>

    set trigger-weekday <friday | monday | saturday | sunday | thrusday | tuesday | wednesday>

    config fields

    edit <entry_ID>

    set name <string>

    set value <string>

    next

    end

    next

    end

  2. Create an automation action.

    config system automation-action

    edit <name>

    set action-type {alert | cli-script | email | snmp-trap | webhook}

    set accprofile <string>

    set email-body <string>

    set email-from <string>

    set email-subject <string>

    set email-to <email_address>

    set headers <request_headers>

    set http-body <request_body>

    set method {delete | get | patch | post | put}

    set minimum-interval <0-2592000>

    set port <1-65535>

    set protocol {http | https}

    set script <string>

    set snmp-trap {cpu-high | mem-low | syslog-full | test-trap}

    set uri <request_API_URI>

    next

    end

  3. Create the automation stitch.

    config system automation-stitch

    edit <name>

    set status {enable | disable}

    set trigger <trigger_name>

    set action <action_name>

    next

    end

  4. Test the automation stitch.

    diagnose automation test <automation-stitch-name> [<log_ID>]

Examples

The following example shows how to create an automation stitch that will display an alert in the console every hour.

config system automation-trigger

edit testtrigger

set trigger-type scheduled

set trigger-frequency hourly

set trigger-minute 30

next

end

config system automation-action

edit testaction

set action-type alert

set minimum-interval 1200

next

end

config system automation-stitch

edit teststitch

set status enable

set trigger testtrigger

set action testaction

next

end

diagnose automation test teststitch 0

In the following example, the specified log identifier (32002) causes the FortiSwitch unit to send the log message to the server.

config system automation-action

edit "Send log to server"

set action-type webhook

set uri "172.16.200.44"

set http-body "%%log%%"

set port 80

set headers "Header:1st Action"

next

end

config system automation-trigger

edit "badLogin"

set event-type event-log

set logid 32002

next

end

config system automation-stitch

edit "webhookstitch"

set trigger "badLogin"

set action "Send log to server"

next

end

Configuring automation stitches

To configure an automation stitch, you specify a trigger and the action that is performed when the trigger occurs and then set the status to enable.

You can specify one of the following triggers:

  • The configuration changed.

  • There was a warm or cold reboot of the switch.

  • The scheduled time occurred.

  • An event was logged.

NOTE: When you specify the log ID, the range of values is 1-65535. If you use the full 10-digit entry, the first four digits are truncated.

You can specify one of the following actions:

  • Run a CLI script.

  • Send an email message.

  • Display an alert in the console.

  • Generate an SNMP trap.

  • Send data to a uniform resource identifier (URI), such as an IP address or URL.

Use the following steps to configure an automation stitch:

  1. config system automation-trigger

    edit <trigger_name>

    set trigger-type {event-based | scheduled}

    set event-type {config-change | event-log | reboot}

    set logid <log_ID>

    set trigger-frequency {daily | hourly | monthly | weekly}

    set trigger-hour <0-23>

    set trigger-minute <0-59>

    set trigger-day <1-31>

    set trigger-weekday <friday | monday | saturday | sunday | thrusday | tuesday | wednesday>

    config fields

    edit <entry_ID>

    set name <string>

    set value <string>

    next

    end

    next

    end

  2. Create an automation action.

    config system automation-action

    edit <name>

    set action-type {alert | cli-script | email | snmp-trap | webhook}

    set accprofile <string>

    set email-body <string>

    set email-from <string>

    set email-subject <string>

    set email-to <email_address>

    set headers <request_headers>

    set http-body <request_body>

    set method {delete | get | patch | post | put}

    set minimum-interval <0-2592000>

    set port <1-65535>

    set protocol {http | https}

    set script <string>

    set snmp-trap {cpu-high | mem-low | syslog-full | test-trap}

    set uri <request_API_URI>

    next

    end

  3. Create the automation stitch.

    config system automation-stitch

    edit <name>

    set status {enable | disable}

    set trigger <trigger_name>

    set action <action_name>

    next

    end

  4. Test the automation stitch.

    diagnose automation test <automation-stitch-name> [<log_ID>]

Examples

The following example shows how to create an automation stitch that will display an alert in the console every hour.

config system automation-trigger

edit testtrigger

set trigger-type scheduled

set trigger-frequency hourly

set trigger-minute 30

next

end

config system automation-action

edit testaction

set action-type alert

set minimum-interval 1200

next

end

config system automation-stitch

edit teststitch

set status enable

set trigger testtrigger

set action testaction

next

end

diagnose automation test teststitch 0

In the following example, the specified log identifier (32002) causes the FortiSwitch unit to send the log message to the server.

config system automation-action

edit "Send log to server"

set action-type webhook

set uri "172.16.200.44"

set http-body "%%log%%"

set port 80

set headers "Header:1st Action"

next

end

config system automation-trigger

edit "badLogin"

set event-type event-log

set logid 32002

next

end

config system automation-stitch

edit "webhookstitch"

set trigger "badLogin"

set action "Send log to server"

next

end