Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

system

Use the following commands for system related settings.

system admin-session

Use this command to view and kill log in sessions.

Syntax

diagnose system admin-session kill <sid>

diagnose system admin-session list

diagnose system admin-session status

Variable

Description

kill <sid>

Kill a current session.

  • <sid>: Session ID

list

List log in sessions.

status

Show the current session.

system disk

Use this command to view disk diagnostic information.

This command is only available on hardware-based FortiAnalyzer models.

Syntax

diagnose system disk attributes

diagnose system disk disable

diagnose system disk enable

diagnose system disk health

diagnose system disk info

diagnose system disk errors

Variable

Description

attributes

Show vendor specific SMART attributes.

disable

Disable SMART support.

enable

Enable SMART support.

health

Show the SMART health status.

info

Show the SMART information.

errors

Show the SMART error logs.

system export

Use this command to export logs.

Syntax

diagnose system export crashlog <ftp server> <user> <password> <directory> <filename>

diagnose system export fmwslog {sftp | ftp} <type> <(s)ftp server> <username> <password> <directory> <filename>

diagnose system export raidlog <ftp server> <username> <password> <directory> <filename>

diagnose system export umlog {sftp | ftp} <type> <(s)ftp server> <username> <password> <directory> <filename>

diagnose system export upgradelog <ftp server> <username> <password> <directory> <filename>

Variable

Description

crashlog <ftp server> <user> <password> <directory> <filename>

Export the crash log.

fmwslog {sftp | ftp} <type> <(s)ftp server> <username> <password> <directory> <filename>

Export the web service log files.

The type is the log file prefix and can be: SENT, RECV, or TEST.

raidlog <ftp server> <username> <password> <directory> <filename>

Export the RAID log.

This command is only available on devices that support RAID.

umlog {sftp | ftp} <type> <(s)ftp server> <username> <password> <directory> <filename>

Export the update manager and firmware manager log files.

upgradelog <ftp server> <username> <password> <directory> <filename>

Export the upgrade error log.

system flash

Use this command to diagnose the flash memory.

Syntax

diagnose system flash list

Variable

Description

list

List flash images.

The information displayed includes the image name, version, total size (KB), used (KB), percent used, boot image, and running image.

system fsck

Use this command to check and repair the file system, and to reset the disk mount count.

Syntax

diagnose system fsck harddisk

diagnose system fsck reset-mount-count

Variable

Description

harddisk

Check and repair the file system, then reboot the system.

reset-mount-count

Reset the mount-count of the disk on the next reboot.

system geoip

Use these commands to get geoip information.

FortiAnalyzer uses a MaxMind GeoLite database of mappings between geographic regions and all public IPv4 addresses that are known to originate from them.

Syntax

diagnose system geoip dump

diagnose system geoip info

diagnose system geoip ip <ip>

Variable

Description

dump

Display all geographic IP information.

info

Display a brief geography IP information.

ip <ip>

Find the specified IP address' country.

Example

Find the country of the IP address 4.3.2.1:

FAZVM64 # diagnose system geoip ip 4.3.2.1

4.3.2.1 : US - United States

system geoip-city

Use these commands to get geographic IP information at a city level.

Syntax

diagnose system geoip-city info

diagnose system geoip-city ip <ip>

Variable

Description

info

Display geographic IP information.

ip <ip>

Find the specified IP address' city.

system ntp

Use this command to list NTP server information.

Syntax

diagnose system ntp status

Variable

Description

status

List NTP server information.

system print

Use this command to print server information.

Syntax

diagnose system print certificate

diagnose system print cpuinfo

diagnose system print df

diagnose system print hosts

diagnose system print interface <interface>

diagnose system print loadavg

diagnose system print netstat

diagnose system print partitions

diagnose system print route

diagnose system print rtcache

diagnose system print slabinfo

diagnose system print sockets

diagnose system print uptime

Variable

Description

certificate

Print the IPsec certificate.

cpuinfo

Print the CPU information.

df

Print the file system disk space usage.

hosts

Print the static table lookup for host names.

interface <interface>

Print the specified interface's information.

loadavg

Print the average load of the system.

netstat

Print the network statistics for active Internet connections (servers and established).

partitions

Print the disk partition information.

route

Print the main route list.

rtcache

Print the contents of the routing cache.

slabinfo

Print the slab allocator statistics.

sockets

Print the currently used socket ports.

uptime

Print how long the system has been running.

system process

Use this command to view and kill processes.

Syntax

diagnose system process kill -<signal> <pid>

diagnose system process killall {Scriptmgr | deploymgr | fgfm}

diagnose system process list

Variable

Description

kill -<signal> <pid>

Kill a process:

  • -<signal>: Signal name or number, such as -9 or -KILL
  • <pid>: Process ID

killall {Scriptmgr | deploymgr | fgfm}

Kill all the related processes.

list

List all processes running on the FortiAnalyzer. The information displayed includes the PID, user, VSZ, stat, and command.

system raid

Use this command to view RAID information.

This command is only available on hardware-based FortiAnalyzer models that support RAID.

Syntax

diagnose system raid hwinfo

diagnose system raid status

Variable

Description

hwinfo

Show RAID controller hardware information.

status

Show RAID status.

system route

Use this command to help diagnose routes. The listed information includes the destination IP, gateway IP, netmask, flags, metric, reference, use, and interface for each IPv4 route.

Syntax

diagnose system route list

system route6

Use this command to help diagnose routes. The listed information includes the destination IP, gateway IP, netmask, flags, metric, reference, use, and interface for each IPv6 route.

Syntax

diagnose system route6 list

system server

Use this command to start the FortiAnalyzer server.

Syntax

diagnose system server start

system

Use the following commands for system related settings.

system admin-session

Use this command to view and kill log in sessions.

Syntax

diagnose system admin-session kill <sid>

diagnose system admin-session list

diagnose system admin-session status

Variable

Description

kill <sid>

Kill a current session.

  • <sid>: Session ID

list

List log in sessions.

status

Show the current session.

system disk

Use this command to view disk diagnostic information.

This command is only available on hardware-based FortiAnalyzer models.

Syntax

diagnose system disk attributes

diagnose system disk disable

diagnose system disk enable

diagnose system disk health

diagnose system disk info

diagnose system disk errors

Variable

Description

attributes

Show vendor specific SMART attributes.

disable

Disable SMART support.

enable

Enable SMART support.

health

Show the SMART health status.

info

Show the SMART information.

errors

Show the SMART error logs.

system export

Use this command to export logs.

Syntax

diagnose system export crashlog <ftp server> <user> <password> <directory> <filename>

diagnose system export fmwslog {sftp | ftp} <type> <(s)ftp server> <username> <password> <directory> <filename>

diagnose system export raidlog <ftp server> <username> <password> <directory> <filename>

diagnose system export umlog {sftp | ftp} <type> <(s)ftp server> <username> <password> <directory> <filename>

diagnose system export upgradelog <ftp server> <username> <password> <directory> <filename>

Variable

Description

crashlog <ftp server> <user> <password> <directory> <filename>

Export the crash log.

fmwslog {sftp | ftp} <type> <(s)ftp server> <username> <password> <directory> <filename>

Export the web service log files.

The type is the log file prefix and can be: SENT, RECV, or TEST.

raidlog <ftp server> <username> <password> <directory> <filename>

Export the RAID log.

This command is only available on devices that support RAID.

umlog {sftp | ftp} <type> <(s)ftp server> <username> <password> <directory> <filename>

Export the update manager and firmware manager log files.

upgradelog <ftp server> <username> <password> <directory> <filename>

Export the upgrade error log.

system flash

Use this command to diagnose the flash memory.

Syntax

diagnose system flash list

Variable

Description

list

List flash images.

The information displayed includes the image name, version, total size (KB), used (KB), percent used, boot image, and running image.

system fsck

Use this command to check and repair the file system, and to reset the disk mount count.

Syntax

diagnose system fsck harddisk

diagnose system fsck reset-mount-count

Variable

Description

harddisk

Check and repair the file system, then reboot the system.

reset-mount-count

Reset the mount-count of the disk on the next reboot.

system geoip

Use these commands to get geoip information.

FortiAnalyzer uses a MaxMind GeoLite database of mappings between geographic regions and all public IPv4 addresses that are known to originate from them.

Syntax

diagnose system geoip dump

diagnose system geoip info

diagnose system geoip ip <ip>

Variable

Description

dump

Display all geographic IP information.

info

Display a brief geography IP information.

ip <ip>

Find the specified IP address' country.

Example

Find the country of the IP address 4.3.2.1:

FAZVM64 # diagnose system geoip ip 4.3.2.1

4.3.2.1 : US - United States

system geoip-city

Use these commands to get geographic IP information at a city level.

Syntax

diagnose system geoip-city info

diagnose system geoip-city ip <ip>

Variable

Description

info

Display geographic IP information.

ip <ip>

Find the specified IP address' city.

system ntp

Use this command to list NTP server information.

Syntax

diagnose system ntp status

Variable

Description

status

List NTP server information.

system print

Use this command to print server information.

Syntax

diagnose system print certificate

diagnose system print cpuinfo

diagnose system print df

diagnose system print hosts

diagnose system print interface <interface>

diagnose system print loadavg

diagnose system print netstat

diagnose system print partitions

diagnose system print route

diagnose system print rtcache

diagnose system print slabinfo

diagnose system print sockets

diagnose system print uptime

Variable

Description

certificate

Print the IPsec certificate.

cpuinfo

Print the CPU information.

df

Print the file system disk space usage.

hosts

Print the static table lookup for host names.

interface <interface>

Print the specified interface's information.

loadavg

Print the average load of the system.

netstat

Print the network statistics for active Internet connections (servers and established).

partitions

Print the disk partition information.

route

Print the main route list.

rtcache

Print the contents of the routing cache.

slabinfo

Print the slab allocator statistics.

sockets

Print the currently used socket ports.

uptime

Print how long the system has been running.

system process

Use this command to view and kill processes.

Syntax

diagnose system process kill -<signal> <pid>

diagnose system process killall {Scriptmgr | deploymgr | fgfm}

diagnose system process list

Variable

Description

kill -<signal> <pid>

Kill a process:

  • -<signal>: Signal name or number, such as -9 or -KILL
  • <pid>: Process ID

killall {Scriptmgr | deploymgr | fgfm}

Kill all the related processes.

list

List all processes running on the FortiAnalyzer. The information displayed includes the PID, user, VSZ, stat, and command.

system raid

Use this command to view RAID information.

This command is only available on hardware-based FortiAnalyzer models that support RAID.

Syntax

diagnose system raid hwinfo

diagnose system raid status

Variable

Description

hwinfo

Show RAID controller hardware information.

status

Show RAID status.

system route

Use this command to help diagnose routes. The listed information includes the destination IP, gateway IP, netmask, flags, metric, reference, use, and interface for each IPv4 route.

Syntax

diagnose system route list

system route6

Use this command to help diagnose routes. The listed information includes the destination IP, gateway IP, netmask, flags, metric, reference, use, and interface for each IPv6 route.

Syntax

diagnose system route6 list

system server

Use this command to start the FortiAnalyzer server.

Syntax

diagnose system server start