Fortinet black logo

Administration Guide

Home FortiManager 7.4.2 Administration Guide
7.4.2
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.7
5.2.6
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
5.0.2
4.3.8
4.3.7
4.3.6
4.3.5
4.3.4
4.3.3
4.3.2
4.3.1
4.3.0
4.2.9
4.2.8
4.2.7
4.2.6
4.2.5
4.2.4
4.2.3
4.2.2
4.2.1
4.2.0
4.1.0
4.0.3
4.0.2
4.0.1
4.0.0

ADOM-level metadata variables

ADOM-level metadata variables

ADOM-level metadata variables can be used as variables in scripts, templates, firewall address objects, IP pools, VIPs, FortiAP SSIDs, and FortiSwitch VLAN configurations.

Typing $ into an object's field where metadata variables are supported will display the available metadata variables for selection. Fields that support metadata variables are identified with a magnifying glass icon.

You can configure ADOM-level metadata variables in Policy & Objects > Advanced > Metadata Variables. Metadata variables are only available in the ADOMs in which they were created.

Metadata variables can also be created in the Global Database ADOM. When creating ADOM-level metadata variables in the Global Database, you can configure per-ADOM mapping to assign specific values to all devices within an ADOM.

Using the More option in the toolbar, you can clone, group, import, and export metadata variables, as well as see where they are being used.

Note

You must enable the visibility of this feature in Policy & Objects before it can be configured. To toggle feature visibility, go to Policy & Objects > Tools > Feature Visibility, and add or remove a checkmark for the corresponding feature.
To create an ADOM-level metadata variable:

  1. Go to Policy & Objects > Advanced > Metadata Variables.

  2. Click Create New.
    The Create New Metadata Variables window opens.

  3. Enter the following information:

    Name Enter a name for the metadata variable.
    Description Optionally, enter a description.
    Default Value Set the default value for the variable. The default value is used whenever a per-device mapping is unavailable.

    Per-ADOM Mapping

    This setting is only available in the Global Database ADOM.

    Toggle ON to enable per-ADOM mapping. When enabled, click Create New to map an ADOM to a Value. This value will be applied to all devices in the selected ADOM.
    Per-Device Mapping

    This setting is not available in the Global Database ADOM.

    Toggle ON to enable per-device mapping. When enabled, you can configure specific value for each device by clicking Create New beneath Per-Device Mapping and specifying the Mapped Device and Value.

    Revision

    Enter a change note.

  4. Click OK to save the metadata variable.
    You can now use the ADOM's configured variable(s) in provisioning templates created in Device Manager.
    To configure metadata variable device assignment from the Device Manager, right-click on a managed device in the table and click Edit Variable Mapping.

To export metadata variables:

  1. Go to Policy & Objects > Advanced > Metadata Variables.

  2. Select More in the toolbar, and click Export as JSON or Export as CSV.
    The metadata variables will be exported based on the format selected.

To import metadata variables :

  1. Go to Policy & Objects > Advanced > Metadata Variables.

  2. Select More from the toolbar and click Import from JSON or Import from CSV.

  3. Browse to your exported file, or drag-and-drop it into the file selector, and click Import.

  4. Select the metadata variables and per-device mapping values to be included in the import, and click Next to complete the import process.

To use a metadata variable in dynamic objects:

  1. Go to Policy & Objects.

  2. Create or edit a Firewall Address, IP Pool, or Virtual IP object.

  3. Add the metadata into a text field using the following format: $<metadata_variable_name> .

    Note

    When $ is typed into a supported text field, available metadata variables are displayed for selection. You can click the add button to create a new metadata variable.


    For example, when creating a firewall address, you can use a metadata variable in the IP/Netmask field.

Previous
Next

ADOM-level metadata variables

ADOM-level metadata variables can be used as variables in scripts, templates, firewall address objects, IP pools, VIPs, FortiAP SSIDs, and FortiSwitch VLAN configurations.

Typing $ into an object's field where metadata variables are supported will display the available metadata variables for selection. Fields that support metadata variables are identified with a magnifying glass icon.

You can configure ADOM-level metadata variables in Policy & Objects > Advanced > Metadata Variables. Metadata variables are only available in the ADOMs in which they were created.

Metadata variables can also be created in the Global Database ADOM. When creating ADOM-level metadata variables in the Global Database, you can configure per-ADOM mapping to assign specific values to all devices within an ADOM.

Using the More option in the toolbar, you can clone, group, import, and export metadata variables, as well as see where they are being used.

Note

You must enable the visibility of this feature in Policy & Objects before it can be configured. To toggle feature visibility, go to Policy & Objects > Tools > Feature Visibility, and add or remove a checkmark for the corresponding feature.
To create an ADOM-level metadata variable:

  1. Go to Policy & Objects > Advanced > Metadata Variables.

  2. Click Create New.
    The Create New Metadata Variables window opens.

  3. Enter the following information:

    Name Enter a name for the metadata variable.
    Description Optionally, enter a description.
    Default Value Set the default value for the variable. The default value is used whenever a per-device mapping is unavailable.

    Per-ADOM Mapping

    This setting is only available in the Global Database ADOM.

    Toggle ON to enable per-ADOM mapping. When enabled, click Create New to map an ADOM to a Value. This value will be applied to all devices in the selected ADOM.
    Per-Device Mapping

    This setting is not available in the Global Database ADOM.

    Toggle ON to enable per-device mapping. When enabled, you can configure specific value for each device by clicking Create New beneath Per-Device Mapping and specifying the Mapped Device and Value.

    Revision

    Enter a change note.

  4. Click OK to save the metadata variable.
    You can now use the ADOM's configured variable(s) in provisioning templates created in Device Manager.
    To configure metadata variable device assignment from the Device Manager, right-click on a managed device in the table and click Edit Variable Mapping.

To export metadata variables:

  1. Go to Policy & Objects > Advanced > Metadata Variables.

  2. Select More in the toolbar, and click Export as JSON or Export as CSV.
    The metadata variables will be exported based on the format selected.

To import metadata variables :

  1. Go to Policy & Objects > Advanced > Metadata Variables.

  2. Select More from the toolbar and click Import from JSON or Import from CSV.

  3. Browse to your exported file, or drag-and-drop it into the file selector, and click Import.

  4. Select the metadata variables and per-device mapping values to be included in the import, and click Next to complete the import process.

To use a metadata variable in dynamic objects:

  1. Go to Policy & Objects.

  2. Create or edit a Firewall Address, IP Pool, or Virtual IP object.

  3. Add the metadata into a text field using the following format: $<metadata_variable_name> .

    Note

    When $ is typed into a supported text field, available metadata variables are displayed for selection. You can click the add button to create a new metadata variable.


    For example, when creating a firewall address, you can use a metadata variable in the IP/Netmask field.

Previous
Next