Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 8.0.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    CLI Reference

    8.0.0
    8.0.0
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.11
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.13
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.19
    7.0.18
    7.0.17
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.16
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.17
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    config dlp settings

    config dlp settings

    Configure settings for DLP.

    config dlp settings
    Description: Configure settings for DLP.
    set cache-mem-percent {integer}
    set chunk-size {integer}
    set config-builder-timeout {integer}
    set db-mode [stop-adding|remove-modified-then-oldest|...]
    config ocr
        Description: Configure settings for optical character recognition (OCR) conversion.
        set confidence {integer}
        set filetype-ignore-list <name1>, <name2>, ...
        set max-file-size {integer}
        set scan [enable|disable]
    end
    set size {integer}
    set storage-device {string}
end

    config dlp settings

    Parameter

    Description

    Type

    Size

    Default

    cache-mem-percent *

    Maximum percentage of available memory allocated to caching DLP fingerprints (1 - 15).

    integer

    Minimum value: 1 Maximum value: 15

    2

    chunk-size *

    Maximum fingerprint chunk size. Caution, changing this setting will flush the entire database.

    integer

    Minimum value: 100 Maximum value: 100000

    2800

    config-builder-timeout

    Maximum time allowed for building a single DLP profile (default 60 seconds).

    integer

    Minimum value: 10 Maximum value: 100000

    60

    db-mode *

    Behavior when the maximum size is reached in the DLP fingerprint database.

    option

    -

    stop-adding

    Option

    Description

    stop-adding

    Stop adding entries.

    remove-modified-then-oldest

    Remove modified chunks first, then oldest file entries.

    remove-oldest

    Remove the oldest files first.

    size *

    Maximum total size of files within the DLP fingerprint database (MB).

    integer

    Minimum value: 16 Maximum value: 4294967295

    16

    storage-device *

    Storage device name.

    string

    Maximum length: 35

    * This parameter may not exist in some models.

    config ocr

    Parameter

    Description

    Type

    Size

    Default

    confidence

    Minimum confidence threshold for the OCR converted content to be scanned (0 - 100, default = 80).

    integer

    Minimum value: 0 Maximum value: 100

    80

    filetype-ignore-list <name>

    List of file types to be exempt from OCR scanning.

    File type name.

    string

    Maximum length: 39

    max-file-size

    Maximum file size for an image to be a candidate for OCR conversion in kilobytes (0 - 1644544, 0 = unlimited).

    integer

    Minimum value: 0 Maximum value: 1644544 **

    0

    scan

    Enable/disable OCR conversion of images for DLP content scanning.

    option

    -

    enable

    Option

    Description

    enable

    Enable OCR conversion during DLP scan.

    disable

    Disable OCR conversion during DLP scan.

    ** Values may differ between models.

    Previous
    Next

    config dlp settings

    config dlp settings

    Configure settings for DLP.

    config dlp settings
    Description: Configure settings for DLP.
    set cache-mem-percent {integer}
    set chunk-size {integer}
    set config-builder-timeout {integer}
    set db-mode [stop-adding|remove-modified-then-oldest|...]
    config ocr
        Description: Configure settings for optical character recognition (OCR) conversion.
        set confidence {integer}
        set filetype-ignore-list <name1>, <name2>, ...
        set max-file-size {integer}
        set scan [enable|disable]
    end
    set size {integer}
    set storage-device {string}
end

    config dlp settings

    Parameter

    Description

    Type

    Size

    Default

    cache-mem-percent *

    Maximum percentage of available memory allocated to caching DLP fingerprints (1 - 15).

    integer

    Minimum value: 1 Maximum value: 15

    2

    chunk-size *

    Maximum fingerprint chunk size. Caution, changing this setting will flush the entire database.

    integer

    Minimum value: 100 Maximum value: 100000

    2800

    config-builder-timeout

    Maximum time allowed for building a single DLP profile (default 60 seconds).

    integer

    Minimum value: 10 Maximum value: 100000

    60

    db-mode *

    Behavior when the maximum size is reached in the DLP fingerprint database.

    option

    -

    stop-adding

    Option

    Description

    stop-adding

    Stop adding entries.

    remove-modified-then-oldest

    Remove modified chunks first, then oldest file entries.

    remove-oldest

    Remove the oldest files first.

    size *

    Maximum total size of files within the DLP fingerprint database (MB).

    integer

    Minimum value: 16 Maximum value: 4294967295

    16

    storage-device *

    Storage device name.

    string

    Maximum length: 35

    * This parameter may not exist in some models.

    config ocr

    Parameter

    Description

    Type

    Size

    Default

    confidence

    Minimum confidence threshold for the OCR converted content to be scanned (0 - 100, default = 80).

    integer

    Minimum value: 0 Maximum value: 100

    80

    filetype-ignore-list <name>

    List of file types to be exempt from OCR scanning.

    File type name.

    string

    Maximum length: 39

    max-file-size

    Maximum file size for an image to be a candidate for OCR conversion in kilobytes (0 - 1644544, 0 = unlimited).

    integer

    Minimum value: 0 Maximum value: 1644544 **

    0

    scan

    Enable/disable OCR conversion of images for DLP content scanning.

    option

    -

    enable

    Option

    Description

    enable

    Enable OCR conversion during DLP scan.

    disable

    Disable OCR conversion during DLP scan.

    ** Values may differ between models.

    Previous
    Next