config system automation-trigger
Description: Trigger for automation stitches.
edit <name>
set trigger-type [event-based|scheduled]
set event-type [ioc|event-log|...]
set license-type [forticare-support|fortiguard-webfilter|...]
set ioc-level [medium|high]
set logid {integer}
set trigger-frequency [hourly|daily|...]
set trigger-weekday [sunday|monday|...]
set trigger-day {integer}
set trigger-hour {integer}
set trigger-minute {integer}
config fields
Description: Customized trigger field settings.
edit <id>
set name {string}
set value {var-string}
next
end
set faz-event-name {var-string}
set faz-event-severity {var-string}
set faz-event-tags {var-string}
next
end
Parameter Name | Description | Type | Size |
---|---|---|---|
trigger-type | Trigger type. event-based: Event based trigger. scheduled: Scheduled trigger. |
option | - |
event-type | Event type. ioc: Indicator of compromise detected. event-log: Use log ID as trigger. reboot: Device reboot. low-memory: Conserve mode due to low memory. high-cpu: High CPU usage. license-near-expiry: License near expiration date. ha-failover: HA failover. config-change: Configuration change. security-rating-summary: Security rating summary. virus-ips-db-updated: Virus and IPS database updated. faz-event: FortiAnalyzer event. |
option | - |
license-type | License type. forticare-support: FortiCare support license. fortiguard-webfilter: FortiGuard web filter license. fortiguard-antispam: FortiGuard antispam license. fortiguard-antivirus: FortiGuard AntiVirus license. fortiguard-ips: FortiGuard IPS license. fortiguard-management: FortiGuard management service license. forticloud: FortiCloud license. |
option | - |
ioc-level | IOC threat level. medium: IOC level medium and high. high: IOC level high only. |
option | - |
logid | Log ID to trigger event. | integer | Minimum value: 1 Maximum value: 65535 |
trigger-frequency | Scheduled trigger frequency (default = daily). hourly: Run hourly. daily: Run daily. weekly: Run weekly. monthly: Run monthly. |
option | - |
trigger-weekday | Day of week for trigger. sunday: Sunday. monday: Monday. tuesday: Tuesday. wednesday: Wednesday. thursday: Thursday. friday: Friday. saturday: Saturday. |
option | - |
trigger-day | Day within a month to trigger. | integer | Minimum value: 1 Maximum value: 31 |
trigger-hour | Hour of the day on which to trigger (0 - 23, default = 1). | integer | Minimum value: 0 Maximum value: 23 |
trigger-minute | Minute of the hour on which to trigger (0 - 59, default = 0). | integer | Minimum value: 0 Maximum value: 59 |
faz-event-name | FortiAnalyzer event handler name. | var-string | Maximum length: 255 |
faz-event-severity | FortiAnalyzer event severity. | var-string | Maximum length: 255 |
faz-event-tags | FortiAnalyzer event tags. | var-string | Maximum length: 255 |
Parameter Name | Description | Type | Size |
---|---|---|---|
name | Name. | string | Maximum length: 35 |
value | Value. | var-string | Maximum length: 63 |
config system automation-trigger
Description: Trigger for automation stitches.
edit <name>
set trigger-type [event-based|scheduled]
set event-type [ioc|event-log|...]
set license-type [forticare-support|fortiguard-webfilter|...]
set ioc-level [medium|high]
set logid {integer}
set trigger-frequency [hourly|daily|...]
set trigger-weekday [sunday|monday|...]
set trigger-day {integer}
set trigger-hour {integer}
set trigger-minute {integer}
config fields
Description: Customized trigger field settings.
edit <id>
set name {string}
set value {var-string}
next
end
set faz-event-name {var-string}
set faz-event-severity {var-string}
set faz-event-tags {var-string}
next
end
Parameter Name | Description | Type | Size |
---|---|---|---|
trigger-type | Trigger type. event-based: Event based trigger. scheduled: Scheduled trigger. |
option | - |
event-type | Event type. ioc: Indicator of compromise detected. event-log: Use log ID as trigger. reboot: Device reboot. low-memory: Conserve mode due to low memory. high-cpu: High CPU usage. license-near-expiry: License near expiration date. ha-failover: HA failover. config-change: Configuration change. security-rating-summary: Security rating summary. virus-ips-db-updated: Virus and IPS database updated. faz-event: FortiAnalyzer event. |
option | - |
license-type | License type. forticare-support: FortiCare support license. fortiguard-webfilter: FortiGuard web filter license. fortiguard-antispam: FortiGuard antispam license. fortiguard-antivirus: FortiGuard AntiVirus license. fortiguard-ips: FortiGuard IPS license. fortiguard-management: FortiGuard management service license. forticloud: FortiCloud license. |
option | - |
ioc-level | IOC threat level. medium: IOC level medium and high. high: IOC level high only. |
option | - |
logid | Log ID to trigger event. | integer | Minimum value: 1 Maximum value: 65535 |
trigger-frequency | Scheduled trigger frequency (default = daily). hourly: Run hourly. daily: Run daily. weekly: Run weekly. monthly: Run monthly. |
option | - |
trigger-weekday | Day of week for trigger. sunday: Sunday. monday: Monday. tuesday: Tuesday. wednesday: Wednesday. thursday: Thursday. friday: Friday. saturday: Saturday. |
option | - |
trigger-day | Day within a month to trigger. | integer | Minimum value: 1 Maximum value: 31 |
trigger-hour | Hour of the day on which to trigger (0 - 23, default = 1). | integer | Minimum value: 0 Maximum value: 23 |
trigger-minute | Minute of the hour on which to trigger (0 - 59, default = 0). | integer | Minimum value: 0 Maximum value: 59 |
faz-event-name | FortiAnalyzer event handler name. | var-string | Maximum length: 255 |
faz-event-severity | FortiAnalyzer event severity. | var-string | Maximum length: 255 |
faz-event-tags | FortiAnalyzer event tags. | var-string | Maximum length: 255 |
Parameter Name | Description | Type | Size |
---|---|---|---|
name | Name. | string | Maximum length: 35 |
value | Value. | var-string | Maximum length: 63 |