Fortinet white logo
Fortinet white logo

CLI Reference

config system automation-trigger

config system automation-trigger

Trigger for automation stitches.

config system automation-trigger
    Description: Trigger for automation stitches.
    edit <name>
        set description {var-string}
        set trigger-type [event-based|scheduled]
        set event-type [ioc|event-log|...]
        set license-type [forticare-support|fortiguard-webfilter|...]
        set ioc-level [medium|high]
        set report-type [posture|coverage|...]
        set logid <id1>, <id2>, ...
        set trigger-frequency [hourly|daily|...]
        set trigger-weekday [sunday|monday|...]
        set trigger-day {integer}
        set trigger-hour {integer}
        set trigger-minute {integer}
        config fields
            Description: Customized trigger field settings.
            edit <id>
                set name {string}
                set value {var-string}
            next
        end
        set faz-event-name {var-string}
        set faz-event-severity {var-string}
        set faz-event-tags {var-string}
        set serial {var-string}
        set fabric-event-name {var-string}
        set fabric-event-severity {var-string}
    next
end

config system automation-trigger

Parameter

Description

Type

Size

Default

description

Description.

var-string

Maximum length: 255

trigger-type

Trigger type.

option

-

event-based

Option

Description

event-based

Event based trigger.

scheduled

Scheduled trigger.

event-type

Event type.

option

-

ioc

Option

Description

ioc

Indicator of compromise detected.

event-log

Use log ID as trigger.

reboot

Device reboot.

low-memory

Conserve mode due to low memory.

high-cpu

High CPU usage.

license-near-expiry

License near expiration date.

ha-failover

HA failover.

config-change

Configuration change.

security-rating-summary

Security rating summary.

virus-ips-db-updated

Virus and IPS database updated.

faz-event

FortiAnalyzer event.

incoming-webhook

Incoming webhook call.

fabric-event

Fabric connector event.

license-type

License type.

option

-

forticare-support

Option

Description

forticare-support

FortiCare support license.

fortiguard-webfilter

FortiGuard web filter license.

fortiguard-antispam

FortiGuard antispam license.

fortiguard-antivirus

FortiGuard AntiVirus license.

fortiguard-ips

FortiGuard IPS license.

fortiguard-management

FortiGuard management service license.

forticloud

FortiCloud license.

any

Any license.

ioc-level

IOC threat level.

option

-

high

Option

Description

medium

IOC level medium and high.

high

IOC level high only.

report-type

Security Rating report.

option

-

posture

Option

Description

posture

Posture report.

coverage

Coverage report.

optimization

Optimization report

any

Any report.

logid <id>

Log IDs to trigger event.

Log ID.

integer

Minimum value: 1 Maximum value: 65535

trigger-frequency

Scheduled trigger frequency .

option

-

daily

Option

Description

hourly

Run hourly.

daily

Run daily.

weekly

Run weekly.

monthly

Run monthly.

trigger-weekday

Day of week for trigger.

option

-

Option

Description

sunday

Sunday.

monday

Monday.

tuesday

Tuesday.

wednesday

Wednesday.

thursday

Thursday.

friday

Friday.

saturday

Saturday.

trigger-day

Day within a month to trigger.

integer

Minimum value: 1 Maximum value: 31

1

trigger-hour

Hour of the day on which to trigger .

integer

Minimum value: 0 Maximum value: 23

0

trigger-minute

Minute of the hour on which to trigger .

integer

Minimum value: 0 Maximum value: 59

0

faz-event-name

FortiAnalyzer event handler name.

var-string

Maximum length: 255

faz-event-severity

FortiAnalyzer event severity.

var-string

Maximum length: 255

faz-event-tags

FortiAnalyzer event tags.

var-string

Maximum length: 255

serial

Fabric connector serial number.

var-string

Maximum length: 255

fabric-event-name

Fabric connector event handler name.

var-string

Maximum length: 255

fabric-event-severity

Fabric connector event severity.

var-string

Maximum length: 255

config fields

Parameter

Description

Type

Size

Default

name

Name.

string

Maximum length: 35

value

Value.

var-string

Maximum length: 63

config system automation-trigger

config system automation-trigger

Trigger for automation stitches.

config system automation-trigger
    Description: Trigger for automation stitches.
    edit <name>
        set description {var-string}
        set trigger-type [event-based|scheduled]
        set event-type [ioc|event-log|...]
        set license-type [forticare-support|fortiguard-webfilter|...]
        set ioc-level [medium|high]
        set report-type [posture|coverage|...]
        set logid <id1>, <id2>, ...
        set trigger-frequency [hourly|daily|...]
        set trigger-weekday [sunday|monday|...]
        set trigger-day {integer}
        set trigger-hour {integer}
        set trigger-minute {integer}
        config fields
            Description: Customized trigger field settings.
            edit <id>
                set name {string}
                set value {var-string}
            next
        end
        set faz-event-name {var-string}
        set faz-event-severity {var-string}
        set faz-event-tags {var-string}
        set serial {var-string}
        set fabric-event-name {var-string}
        set fabric-event-severity {var-string}
    next
end

config system automation-trigger

Parameter

Description

Type

Size

Default

description

Description.

var-string

Maximum length: 255

trigger-type

Trigger type.

option

-

event-based

Option

Description

event-based

Event based trigger.

scheduled

Scheduled trigger.

event-type

Event type.

option

-

ioc

Option

Description

ioc

Indicator of compromise detected.

event-log

Use log ID as trigger.

reboot

Device reboot.

low-memory

Conserve mode due to low memory.

high-cpu

High CPU usage.

license-near-expiry

License near expiration date.

ha-failover

HA failover.

config-change

Configuration change.

security-rating-summary

Security rating summary.

virus-ips-db-updated

Virus and IPS database updated.

faz-event

FortiAnalyzer event.

incoming-webhook

Incoming webhook call.

fabric-event

Fabric connector event.

license-type

License type.

option

-

forticare-support

Option

Description

forticare-support

FortiCare support license.

fortiguard-webfilter

FortiGuard web filter license.

fortiguard-antispam

FortiGuard antispam license.

fortiguard-antivirus

FortiGuard AntiVirus license.

fortiguard-ips

FortiGuard IPS license.

fortiguard-management

FortiGuard management service license.

forticloud

FortiCloud license.

any

Any license.

ioc-level

IOC threat level.

option

-

high

Option

Description

medium

IOC level medium and high.

high

IOC level high only.

report-type

Security Rating report.

option

-

posture

Option

Description

posture

Posture report.

coverage

Coverage report.

optimization

Optimization report

any

Any report.

logid <id>

Log IDs to trigger event.

Log ID.

integer

Minimum value: 1 Maximum value: 65535

trigger-frequency

Scheduled trigger frequency .

option

-

daily

Option

Description

hourly

Run hourly.

daily

Run daily.

weekly

Run weekly.

monthly

Run monthly.

trigger-weekday

Day of week for trigger.

option

-

Option

Description

sunday

Sunday.

monday

Monday.

tuesday

Tuesday.

wednesday

Wednesday.

thursday

Thursday.

friday

Friday.

saturday

Saturday.

trigger-day

Day within a month to trigger.

integer

Minimum value: 1 Maximum value: 31

1

trigger-hour

Hour of the day on which to trigger .

integer

Minimum value: 0 Maximum value: 23

0

trigger-minute

Minute of the hour on which to trigger .

integer

Minimum value: 0 Maximum value: 59

0

faz-event-name

FortiAnalyzer event handler name.

var-string

Maximum length: 255

faz-event-severity

FortiAnalyzer event severity.

var-string

Maximum length: 255

faz-event-tags

FortiAnalyzer event tags.

var-string

Maximum length: 255

serial

Fabric connector serial number.

var-string

Maximum length: 255

fabric-event-name

Fabric connector event handler name.

var-string

Maximum length: 255

fabric-event-severity

Fabric connector event severity.

var-string

Maximum length: 255

config fields

Parameter

Description

Type

Size

Default

name

Name.

string

Maximum length: 35

value

Value.

var-string

Maximum length: 63