CLI script action
CLI scripts can be run when an automation stitch is triggered. The scripts can be manually entered, uploaded as a file, or recorded in the CLI console. The output of the script can be sent as an email action.
The maximum size of the CLI script action output is 16K characters. |
In this example, the script sets the idle timeout value to 479 minutes, and sends an email with the script output.
To configure a CLI script automation stitch in the GUI:
- Go to Security Fabric > Automation.
- Click Create New.
- Enter a name for the stitch, and select the FortiGate devices that it will be applied to.
- Select a trigger, such as Security Rating Summary.
- Select CLI Script and Email actions.
-
Configure the CLI script:
- To manually enter the script, type it into the Script field.
- To upload a script file, click Upload and locate the file on your management computer.
- To record the script in the CLI console, click >_Record in CLI console, then enter the CLI commands.
- Configure the email action.
- Click OK.
To configure a CLI script automation stitch in the CLI:
- Create an automation action:
config system automation-action edit "set admintimeout479" set action-type cli-script set minimum-interval 0 set delay 0 set required enable set script "config system global set admintimeout 479 end" next edit "auto-cli-1_email" set action-type email set email-to "jnkssll@fortinet.com" set email-subject "CSF stitch alert" set message "%%results%%" set minimum-interval 0 next end
- Create an automation trigger:
config system automation-trigger edit "auto-cli-1" set trigger-type event-based set event-type security-rating-summary next end
- Create the automation stitch:
config system automation-stitch edit "auto-cli-1" set status enable set trigger "auto-cli-1" set action "set admintimeout479" "auto-cli-1_email" next end
Email sample
The email sent by the action will look similar to the following: