System action
The system action can be used to back up the configuration of the FortiGate, reboot the FortiGate, or shut down the FortiGate.
These actions can occur even if the FortiGate is in conserve mode, and allows the automation stitch to bypass the CLI user confirmation prompts, which the CLI script action does not support.
config system automation-action edit <name> set action-type system-actions set system-action {reboot | shutdown | backup-config} next end
Example
In this example, an automation stitch is created that uses a low-memory
event trigger, a backup-config
action to back up the configuration to the FortiGate's disk (see Configuration backups and reset for more details), and then a reboot
action to reboot the FortiGate. There is a 120-second delay between the two actions.
To configure an automation stitch with system actions in the GUI:
- Configure the trigger:
Go to Security Fabric > Automation, select the Trigger tab, and click Create New.
In the System section, click Conserve Mode.
Enter a name (conserver-mode).
Click OK.
- Configure the back up action:
Go to Security Fabric > Automation, select the Action tab, and click Create New.
In the General section, click System Action and enter the following:
Name
Backup Config Disk
Description
Default automation action configuration for backing up the configuration on disk.
Action
Backup configuration
Click OK.
- Configure the reboot action:
Go to Security Fabric > Automation, select the Action tab, and click Create New.
In the General section, click System Action and enter the following:
Name
Reboot FortiGate Description
Default automation action configuration for rebooting this FortiGate unit.
Action
Reboot
Minimum interval
5 minutes
Click OK.
- Configure the stitch:
Go to Security Fabric > Automation, select the Stitch tab, and click Create New.
Enter the name, system-action-stitch.
Click Add Trigger. Select conserver-mode and click Apply.
Click Add Action. Select Backup Config Disk and click Apply.
Click Add Action. Select Reboot FortiGate and click Apply.
Click Add delay (between the actions). Enter 120 and click OK.
Click OK.
To configure an automation stitch with system actions in the CLI:
-
Configure the trigger:
config system automation-trigger edit "conserver-mode" set event-type low-memory next end
-
Configure the back up and reboot actions:
config system automation-action edit "Backup Config Disk" set description "Default automation action configuration for backing up the configuration on disk." set action-type system-actions set system-action backup-config next edit "Reboot FortiGate" set description "Default automation action configuration for rebooting this FortiGate unit." set action-type system-actions set system-action reboot set minimum-interval 300 next end
-
Configure the stitch:
config system automation-stitch edit "system-action-stitch" set trigger "conserver-mode" config actions edit 1 set action "Backup Config Disk" set required enable next edit 2 set action "Reboot FortiGate" set delay 120 set required enable next end next end
Verification
When the FortiGate enters conserve mode due to low memory, the automation stitch will be triggered and it will back up the configuration to the FortiGate disk, then reboot the FortiGate.
To confirm that the stitch was triggered in the GUI:
- Go to Security Fabric > Automation and select the Stitch tab.
- Verify the Last Triggered column.
To confirm that the stitch was triggered in the CLI:
# diagnose test application autod 3 alert mail log count: 0 stitch: system-action-stitch local hit: 1 relayed to: 0 relayed from: 0 last trigger:Thu Jun 23 11:31:25 2022 last relay: actions: Backup Config Disk: done: 1 relayed to: 0 relayed from: 0 last trigger:Thu Jun 23 11:31:25 2022 last relay: Reboot FortiGate: done: 0 relayed to: 0 relayed from: 0 last trigger:Thu Jun 23 11:31:25 2022 last relay: logid to stitch mapping: id:22011 local hit: 1 relayed hits: 0 system-action-stitch log category to stitch mapping:
To locate the backed up configuration in the GUI:
- Click on the user name in the upper right-hand corner of the screen and select Configuration > Revisions.
- Click the + in the table to expand and view more details.
To locate the backed up configuration in the CLI:
# execute revision list config Last Firmware Version: V0.0.0-build000-REL0 1 2022-04-01 09:27:26 daemon_admin V7.2.0-build1157-REL0 Automatic backup (upgrade) 2 2022-06-20 13:41:02 daemon_admin V7.2.1-build1254-REL0 Automatic backup (upgrade) 3 2022-06-23 11:31:25 daemon_admin V7.2.1-build1254-REL0 Autod backup config by stitch: system-action-stitch