Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    6.4.14
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    config system automation-action

    config system automation-action

    Action for automation stitches.

    config system automation-action
    Description: Action for automation stitches.
    edit <name>
        set accprofile {string}
        set action-type [email|ios-notification|...]
        set alicloud-access-key-id {string}
        set alicloud-access-key-secret {password}
        set alicloud-account-id {string}
        set alicloud-function {string}
        set alicloud-function-authorization [anonymous|function]
        set alicloud-function-domain {string}
        set alicloud-region {string}
        set alicloud-service {string}
        set alicloud-version {string}
        set aws-api-id {string}
        set aws-api-key {password}
        set aws-api-path {string}
        set aws-api-stage {string}
        set aws-domain {string}
        set aws-region {string}
        set azure-api-key {password}
        set azure-app {string}
        set azure-domain {string}
        set azure-function {string}
        set azure-function-authorization [anonymous|function|...]
        set delay {integer}
        set email-from {var-string}
        set email-subject {var-string}
        set email-to <name1>, <name2>, ...
        set gcp-function {string}
        set gcp-function-domain {string}
        set gcp-function-region {string}
        set gcp-project {string}
        set headers <header1>, <header2>, ...
        set http-body {var-string}
        set message {string}
        set method [post|put|...]
        set minimum-interval {integer}
        set port {integer}
        set protocol [http|https]
        set required [enable|disable]
        set script {var-string}
        set sdn-connector <name1>, <name2>, ...
        set security-tag {string}
        set tls-certificate {string}
        set uri {var-string}
        set verify-host-cert [enable|disable]
    next
end

    config system automation-action

    Parameter

    Description

    Type

    Size

    Default

    accprofile

    Access profile for CLI script action to access FortiGate features.

    string

    Maximum length: 35

    action-type

    Action type.

    option

    -

    alert

    Option

    Description

    email

    Send notification email.

    ios-notification

    Send push notification to FortiExplorer iOS.

    alert

    Generate FortiOS dashboard alert.

    disable-ssid

    Disable interface.

    quarantine

    Quarantine host.

    quarantine-forticlient

    Quarantine FortiClient by EMS.

    quarantine-nsx

    Quarantine NSX instance.

    quarantine-fortinac

    Quarantine host by FortiNAC.

    ban-ip

    Ban IP address.

    aws-lambda

    Send log data to integrated AWS service.

    azure-function

    Send log data to an Azure function.

    google-cloud-function

    Send log data to a Google Cloud function.

    alicloud-function

    Send log data to an AliCloud function.

    webhook

    Send an HTTP request.

    cli-script

    Run CLI script.

    slack-notification

    Send a notification message to a Slack incoming webhook.

    alicloud-access-key-id

    AliCloud AccessKey ID.

    string

    Maximum length: 35

    alicloud-access-key-secret

    AliCloud AccessKey secret.

    password

    Not Specified

    alicloud-account-id

    AliCloud account ID.

    string

    Maximum length: 63

    alicloud-function

    AliCloud function name.

    string

    Maximum length: 128

    alicloud-function-authorization

    AliCloud function authorization type.

    option

    -

    anonymous

    Option

    Description

    anonymous

    Anonymous authorization (No authorization required).

    function

    Function authorization (Authorization required).

    alicloud-function-domain

    AliCloud function domain.

    string

    Maximum length: 63

    fc.aliyuncs.com

    alicloud-region

    AliCloud region.

    string

    Maximum length: 63

    alicloud-service

    AliCloud service name.

    string

    Maximum length: 128

    alicloud-version

    AliCloud version.

    string

    Maximum length: 63

    aws-api-id

    AWS API Gateway ID.

    string

    Maximum length: 35

    aws-api-key

    AWS API Gateway API key.

    password

    Not Specified

    aws-api-path

    AWS API Gateway path.

    string

    Maximum length: 63

    aws-api-stage

    AWS API Gateway deployment stage name.

    string

    Maximum length: 63

    aws-domain

    AWS domain.

    string

    Maximum length: 63

    amazonaws.com

    aws-region

    AWS region.

    string

    Maximum length: 35

    azure-api-key

    Azure function API key.

    password

    Not Specified

    azure-app

    Azure function application name.

    string

    Maximum length: 63

    azure-domain

    Azure function domain.

    string

    Maximum length: 63

    azurewebsites.net

    azure-function

    Azure function name.

    string

    Maximum length: 63

    azure-function-authorization

    Azure function authorization level.

    option

    -

    anonymous

    Option

    Description

    anonymous

    Anonymous authorization level (No authorization required).

    function

    Function authorization level (Function or Host Key required).

    admin

    Admin authorization level (Master Host Key required).

    delay

    Delay before execution (in seconds).

    integer

    Minimum value: 0 Maximum value: 3600

    0

    email-from

    Email sender name.

    var-string

    Maximum length: 127

    email-subject

    Email subject.

    var-string

    Maximum length: 511

    email-to <name>

    Email addresses.

    Email address.

    string

    Maximum length: 255

    gcp-function

    Google Cloud function name.

    string

    Maximum length: 63

    gcp-function-domain

    Google Cloud function domain.

    string

    Maximum length: 63

    cloudfunctions.net

    gcp-function-region

    Google Cloud function region.

    string

    Maximum length: 63

    gcp-project

    Google Cloud Platform project name.

    string

    Maximum length: 63

    headers <header>

    Request headers.

    Request header.

    string

    Maximum length: 255

    http-body

    Request body (if necessary). Should be serialized json string.

    var-string

    Maximum length: 1023

    message

    Message content.

    string

    Maximum length: 1023

    %%log%%

    method

    Request method (POST, PUT, GET, PATCH or DELETE).

    option

    -

    post

    Option

    Description

    post

    POST.

    put

    PUT.

    get

    GET.

    patch

    PATCH.

    delete

    DELETE.

    minimum-interval

    Limit execution to no more than once in this interval (in seconds).

    integer

    Minimum value: 0 Maximum value: 2592000

    0

    name

    Name.

    string

    Maximum length: 64

    port

    Protocol port.

    integer

    Minimum value: 1 Maximum value: 65535

    0

    protocol

    Request protocol.

    option

    -

    http

    Option

    Description

    http

    HTTP.

    https

    HTTPS.

    required

    Required in action chain.

    option

    -

    disable

    Option

    Description

    enable

    Required in action chain.

    disable

    Not required in action chain.

    script

    CLI script.

    var-string

    Maximum length: 1023

    sdn-connector <name>

    NSX SDN connector names.

    SDN connector name.

    string

    Maximum length: 79

    security-tag

    NSX security tag.

    string

    Maximum length: 255

    tls-certificate

    Custom TLS certificate for API request.

    string

    Maximum length: 35

    uri

    Request API URI.

    var-string

    Maximum length: 1023

    verify-host-cert

    Enable/disable verification of the remote host certificate.

    option

    -

    enable

    Option

    Description

    enable

    Enable verification of the remote host certificate.

    disable

    Disable verification of the remote host certificate.
    Previous
    Next

    config system automation-action

    config system automation-action

    Action for automation stitches.

    config system automation-action
    Description: Action for automation stitches.
    edit <name>
        set accprofile {string}
        set action-type [email|ios-notification|...]
        set alicloud-access-key-id {string}
        set alicloud-access-key-secret {password}
        set alicloud-account-id {string}
        set alicloud-function {string}
        set alicloud-function-authorization [anonymous|function]
        set alicloud-function-domain {string}
        set alicloud-region {string}
        set alicloud-service {string}
        set alicloud-version {string}
        set aws-api-id {string}
        set aws-api-key {password}
        set aws-api-path {string}
        set aws-api-stage {string}
        set aws-domain {string}
        set aws-region {string}
        set azure-api-key {password}
        set azure-app {string}
        set azure-domain {string}
        set azure-function {string}
        set azure-function-authorization [anonymous|function|...]
        set delay {integer}
        set email-from {var-string}
        set email-subject {var-string}
        set email-to <name1>, <name2>, ...
        set gcp-function {string}
        set gcp-function-domain {string}
        set gcp-function-region {string}
        set gcp-project {string}
        set headers <header1>, <header2>, ...
        set http-body {var-string}
        set message {string}
        set method [post|put|...]
        set minimum-interval {integer}
        set port {integer}
        set protocol [http|https]
        set required [enable|disable]
        set script {var-string}
        set sdn-connector <name1>, <name2>, ...
        set security-tag {string}
        set tls-certificate {string}
        set uri {var-string}
        set verify-host-cert [enable|disable]
    next
end

    config system automation-action

    Parameter

    Description

    Type

    Size

    Default

    accprofile

    Access profile for CLI script action to access FortiGate features.

    string

    Maximum length: 35

    action-type

    Action type.

    option

    -

    alert

    Option

    Description

    email

    Send notification email.

    ios-notification

    Send push notification to FortiExplorer iOS.

    alert

    Generate FortiOS dashboard alert.

    disable-ssid

    Disable interface.

    quarantine

    Quarantine host.

    quarantine-forticlient

    Quarantine FortiClient by EMS.

    quarantine-nsx

    Quarantine NSX instance.

    quarantine-fortinac

    Quarantine host by FortiNAC.

    ban-ip

    Ban IP address.

    aws-lambda

    Send log data to integrated AWS service.

    azure-function

    Send log data to an Azure function.

    google-cloud-function

    Send log data to a Google Cloud function.

    alicloud-function

    Send log data to an AliCloud function.

    webhook

    Send an HTTP request.

    cli-script

    Run CLI script.

    slack-notification

    Send a notification message to a Slack incoming webhook.

    alicloud-access-key-id

    AliCloud AccessKey ID.

    string

    Maximum length: 35

    alicloud-access-key-secret

    AliCloud AccessKey secret.

    password

    Not Specified

    alicloud-account-id

    AliCloud account ID.

    string

    Maximum length: 63

    alicloud-function

    AliCloud function name.

    string

    Maximum length: 128

    alicloud-function-authorization

    AliCloud function authorization type.

    option

    -

    anonymous

    Option

    Description

    anonymous

    Anonymous authorization (No authorization required).

    function

    Function authorization (Authorization required).

    alicloud-function-domain

    AliCloud function domain.

    string

    Maximum length: 63

    fc.aliyuncs.com

    alicloud-region

    AliCloud region.

    string

    Maximum length: 63

    alicloud-service

    AliCloud service name.

    string

    Maximum length: 128

    alicloud-version

    AliCloud version.

    string

    Maximum length: 63

    aws-api-id

    AWS API Gateway ID.

    string

    Maximum length: 35

    aws-api-key

    AWS API Gateway API key.

    password

    Not Specified

    aws-api-path

    AWS API Gateway path.

    string

    Maximum length: 63

    aws-api-stage

    AWS API Gateway deployment stage name.

    string

    Maximum length: 63

    aws-domain

    AWS domain.

    string

    Maximum length: 63

    amazonaws.com

    aws-region

    AWS region.

    string

    Maximum length: 35

    azure-api-key

    Azure function API key.

    password

    Not Specified

    azure-app

    Azure function application name.

    string

    Maximum length: 63

    azure-domain

    Azure function domain.

    string

    Maximum length: 63

    azurewebsites.net

    azure-function

    Azure function name.

    string

    Maximum length: 63

    azure-function-authorization

    Azure function authorization level.

    option

    -

    anonymous

    Option

    Description

    anonymous

    Anonymous authorization level (No authorization required).

    function

    Function authorization level (Function or Host Key required).

    admin

    Admin authorization level (Master Host Key required).

    delay

    Delay before execution (in seconds).

    integer

    Minimum value: 0 Maximum value: 3600

    0

    email-from

    Email sender name.

    var-string

    Maximum length: 127

    email-subject

    Email subject.

    var-string

    Maximum length: 511

    email-to <name>

    Email addresses.

    Email address.

    string

    Maximum length: 255

    gcp-function

    Google Cloud function name.

    string

    Maximum length: 63

    gcp-function-domain

    Google Cloud function domain.

    string

    Maximum length: 63

    cloudfunctions.net

    gcp-function-region

    Google Cloud function region.

    string

    Maximum length: 63

    gcp-project

    Google Cloud Platform project name.

    string

    Maximum length: 63

    headers <header>

    Request headers.

    Request header.

    string

    Maximum length: 255

    http-body

    Request body (if necessary). Should be serialized json string.

    var-string

    Maximum length: 1023

    message

    Message content.

    string

    Maximum length: 1023

    %%log%%

    method

    Request method (POST, PUT, GET, PATCH or DELETE).

    option

    -

    post

    Option

    Description

    post

    POST.

    put

    PUT.

    get

    GET.

    patch

    PATCH.

    delete

    DELETE.

    minimum-interval

    Limit execution to no more than once in this interval (in seconds).

    integer

    Minimum value: 0 Maximum value: 2592000

    0

    name

    Name.

    string

    Maximum length: 64

    port

    Protocol port.

    integer

    Minimum value: 1 Maximum value: 65535

    0

    protocol

    Request protocol.

    option

    -

    http

    Option

    Description

    http

    HTTP.

    https

    HTTPS.

    required

    Required in action chain.

    option

    -

    disable

    Option

    Description

    enable

    Required in action chain.

    disable

    Not required in action chain.

    script

    CLI script.

    var-string

    Maximum length: 1023

    sdn-connector <name>

    NSX SDN connector names.

    SDN connector name.

    string

    Maximum length: 79

    security-tag

    NSX security tag.

    string

    Maximum length: 255

    tls-certificate

    Custom TLS certificate for API request.

    string

    Maximum length: 35

    uri

    Request API URI.

    var-string

    Maximum length: 1023

    verify-host-cert

    Enable/disable verification of the remote host certificate.

    option

    -

    enable

    Option

    Description

    enable

    Enable verification of the remote host certificate.

    disable

    Disable verification of the remote host certificate.
    Previous
    Next