diagnose endpoint
Endpoint compliance diagnostics.
This topic includes the following commands:
- diagnose endpoint avatar
- diagnose endpoint avatar allow-nodisk
- diagnose endpoint avatar delete-archived
- diagnose endpoint avatar find
- diagnose endpoint avatar find fingerprint
- diagnose endpoint avatar find link
- diagnose endpoint avatar list
- diagnose endpoint avatar list active
- diagnose endpoint avatar list archived
- diagnose endpoint avatar list fingerprint
- diagnose endpoint avatar purge-all
- diagnose endpoint avatar purge-archived
- diagnose endpoint debug-zone
- diagnose endpoint debug-zone dump
- diagnose endpoint debug-zone set-lls-quota
- diagnose endpoint ec-shared
- diagnose endpoint ec-shared find
- diagnose endpoint ec-shared list
- diagnose endpoint fctems
- diagnose endpoint fctems api-status
- diagnose endpoint fctems api-status clear
- diagnose endpoint fctems get-pub-addr
- diagnose endpoint fctems json
- diagnose endpoint fctems json deep-inspect-cert-sync
- diagnose endpoint fctems json gateway-mac-request
- diagnose endpoint fctems queue-complete-calls
- diagnose endpoint fctems test-authorization
- diagnose endpoint fctems test-connectivity
- diagnose endpoint filter
- diagnose endpoint filter avatar-fingerprint
- diagnose endpoint filter clear
- diagnose endpoint filter ems-sn
- diagnose endpoint filter ftcl-uid
- diagnose endpoint filter list
- diagnose endpoint filter show-large-data
- diagnose endpoint lls-comm
- diagnose endpoint lls-comm connect
- diagnose endpoint lls-comm disconnect
- diagnose endpoint lls-comm recv
- diagnose endpoint lls-comm send
- diagnose endpoint lls-comm send echo
- diagnose endpoint lls-comm send echo echo
- diagnose endpoint lls-comm send general
- diagnose endpoint lls-comm send general get-index
- diagnose endpoint lls-comm send general register
- diagnose endpoint lls-comm send general unregister
- diagnose endpoint lls-comm send ping
- diagnose endpoint lls-comm send ping set-interval
- diagnose endpoint lls-comm send ztna
- diagnose endpoint lls-comm send ztna find-ip-vdom
- diagnose endpoint lls-comm send ztna find-uid
- diagnose endpoint lls-comm send ztna message-format
- diagnose endpoint lls-comm send ztna subscribe-all
- diagnose endpoint lls-comm send ztna unsubscribe-all
- diagnose endpoint lls-comm send ztna unsubscribe-uid
- diagnose endpoint lls-comm status
- diagnose endpoint record
- diagnose endpoint record delete
- diagnose endpoint record list
- diagnose endpoint record summary
- diagnose endpoint record update-by-json
- diagnose endpoint tags
- diagnose endpoint tags remove-by-id
- diagnose endpoint tags remove-by-name
- diagnose endpoint tags remove-by-name-legacy
- diagnose endpoint tags remove-by-sn
- diagnose endpoint tags test-common-tag-update
- diagnose endpoint tags test-update
diagnose endpoint avatar
FortiClient avatar.
diagnose endpoint avatar
diagnose endpoint avatar allow-nodisk
Allow no disk for avatar
diagnose endpoint avatar allow-nodisk [enable|disable]
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
[enable|disable] |
Allow saving avatars on non-harddisk storage. |
string |
|
diagnose endpoint avatar delete-archived
Delete an archived avatar
diagnose endpoint avatar delete-archived <ftcl-uid> <user-name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ftcl-uid> |
FortiClient UID |
string |
|
|
<user-name> |
User name |
string |
|
diagnose endpoint avatar find
Find avatar location
diagnose endpoint avatar find
diagnose endpoint avatar find fingerprint
Find avatar fingerprint location
diagnose endpoint avatar find fingerprint <fingerprint>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<fingerprint> |
Avatar fingerprint |
string |
|
diagnose endpoint avatar find link
Find avatar link location
diagnose endpoint avatar find link <ftcl-uid> <user-name>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ftcl-uid> |
FortiClient UID |
string |
|
|
<user-name> |
User name |
string |
|
diagnose endpoint avatar list
Display avatars
diagnose endpoint avatar list
diagnose endpoint avatar list active
Display active avatars
diagnose endpoint avatar list active <number>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<number> |
Number of files to display per page. |
string |
|
diagnose endpoint avatar list archived
Display archived avatars
diagnose endpoint avatar list archived <number>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<number> |
Number of files to display per page. |
string |
|
diagnose endpoint avatar list fingerprint
Display fingerprint avatars
diagnose endpoint avatar list fingerprint <number>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<number> |
Number of files to display per page. |
string |
|
diagnose endpoint avatar purge-all
Purge ALL avatars
diagnose endpoint avatar purge-all
diagnose endpoint avatar purge-archived
Purge all archived avatars
diagnose endpoint avatar purge-archived
diagnose endpoint debug-zone
Debug Zone.
diagnose endpoint debug-zone
diagnose endpoint debug-zone dump
Dump all debug zone info.
diagnose endpoint debug-zone dump
diagnose endpoint debug-zone set-lls-quota
Set send quota for each socket
diagnose endpoint debug-zone set-lls-quota <quota>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<quota> |
Quota in bytes |
string |
|
diagnose endpoint ec-shared
FortiClient shared record.
diagnose endpoint ec-shared
diagnose endpoint ec-shared find
Find shared record.
diagnose endpoint ec-shared find <ipv4-address> <ENTER|vfid>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ipv4-address> |
Endpoint IPv4 address. |
string |
|
|
<ENTER|vfid> |
VDOM ID of the client. |
string |
|
diagnose endpoint ec-shared list
List shared records.
diagnose endpoint ec-shared list <number>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<number> |
Number of records to display per page. |
string |
|
diagnose endpoint fctems
FortiClient EMS.
diagnose endpoint fctems
diagnose endpoint fctems api-status
Tools to diagnose EMS API status.
diagnose endpoint fctems api-status
diagnose endpoint fctems api-status clear
Clear EMS API status.
diagnose endpoint fctems api-status clear <fctems>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<fctems> |
FortiClient EMS table entry name in CMDB. |
string |
|
diagnose endpoint fctems get-pub-addr
Get FortiClient EMS public address.
diagnose endpoint fctems get-pub-addr <fctems>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<fctems> |
FortiClient EMS table entry id in CMDB. |
string |
|
diagnose endpoint fctems json
FortiClient EMS REST-API JSON test.
diagnose endpoint fctems json
diagnose endpoint fctems json deep-inspect-cert-sync
Print deep inspection certificate sync json.
diagnose endpoint fctems json deep-inspect-cert-sync
diagnose endpoint fctems json gateway-mac-request
Print gateway-info json.
diagnose endpoint fctems json gateway-mac-request
diagnose endpoint fctems queue-complete-calls
Add complete (un)quarantine call(s) to FCEMSD queue.
diagnose endpoint fctems queue-complete-calls <call>[,<call>[,...]]
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<call>[,<call>[,...]] |
Comma separated list of calls. Run without the argument for more help. |
string |
|
diagnose endpoint fctems test-authorization
Authorization test for FortiClient EMS.
diagnose endpoint fctems test-authorization <fctems>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<fctems> |
FortiClient EMS table entry id in CMDB. |
string |
|
diagnose endpoint fctems test-connectivity
Connectivity test for FortiClient EMS.
diagnose endpoint fctems test-connectivity <fctems>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<fctems> |
FortiClient EMS table entry id in CMDB. |
string |
|
diagnose endpoint filter
Debug filter for fcnacd.
diagnose endpoint filter
diagnose endpoint filter avatar-fingerprint
Avatar fingerprint to filter by.
diagnose endpoint filter avatar-fingerprint <avatar-fingerprint>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<avatar-fingerprint> |
Avatar fingerprint. |
string |
|
diagnose endpoint filter clear
Erase the current filter.
diagnose endpoint filter clear
diagnose endpoint filter ems-sn
FortiClient EMS serial-number to filter by.
diagnose endpoint filter ems-sn <ems-sn>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ems-sn> |
EMS serial-number. |
string |
|
diagnose endpoint filter ftcl-uid
FortiClient UID to filter by.
diagnose endpoint filter ftcl-uid <ftcl-uid>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ftcl-uid> |
FortiClient UID. |
string |
|
diagnose endpoint filter list
Display the current filter.
diagnose endpoint filter list
diagnose endpoint filter show-large-data
Show large data.
diagnose endpoint filter show-large-data [yes/no]
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
[yes/no] |
Yes or no. |
string |
|
diagnose endpoint lls-comm
Long-Lived Socket Communication.
diagnose endpoint lls-comm
diagnose endpoint lls-comm connect
Connect.
diagnose endpoint lls-comm connect
diagnose endpoint lls-comm disconnect
Disconnect.
diagnose endpoint lls-comm disconnect
diagnose endpoint lls-comm recv
Receive Messages.
diagnose endpoint lls-comm recv <repeat>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<repeat> |
Repeat number of receives |
string |
|
diagnose endpoint lls-comm send
Send Message.
diagnose endpoint lls-comm send
diagnose endpoint lls-comm send echo
Echo long-lived socket channel
diagnose endpoint lls-comm send echo
diagnose endpoint lls-comm send echo echo
Echo
diagnose endpoint lls-comm send echo echo <msg>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<msg> |
Message to echo |
string |
|
diagnose endpoint lls-comm send general
General long-lived socket channel
diagnose endpoint lls-comm send general
diagnose endpoint lls-comm send general get-index
Get Long-lived socket channel index.
diagnose endpoint lls-comm send general get-index
diagnose endpoint lls-comm send general register
Register to Long-lived Socket channel(s)
diagnose endpoint lls-comm send general register <channel-mask>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<channel-mask> |
Channel Mask in decimal, octal or hexadecimal |
string |
|
diagnose endpoint lls-comm send general unregister
Unregister from Long-lived Socket channel(s)
diagnose endpoint lls-comm send general unregister <channel-mask>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<channel-mask> |
Channel Mask in decimal, octal or hexadecimal |
string |
|
diagnose endpoint lls-comm send ping
Ping long-lived socket channel
diagnose endpoint lls-comm send ping
diagnose endpoint lls-comm send ping set-interval
Set interval
diagnose endpoint lls-comm send ping set-interval <interval>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<interval> |
Period in units of 1/100 seconds |
string |
|
diagnose endpoint lls-comm send ztna
ZTNA long-lived socket channel
diagnose endpoint lls-comm send ztna
diagnose endpoint lls-comm send ztna find-ip-vdom
Find by IP and VDOM
diagnose endpoint lls-comm send ztna find-ip-vdom <ip> <vdom>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ip> |
IPv4 or IPv6 address of client |
string |
|
|
<vdom> |
VDOM name |
string |
|
diagnose endpoint lls-comm send ztna find-uid
Find by FortiClient UID and EMS SN
diagnose endpoint lls-comm send ztna find-uid <ftct-uid> <emssn> <ems-tenant-id>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ftct-uid> |
Client UID |
string |
|
|
<emssn> |
EMS Serial Number |
string |
|
|
<ems-tenant-id> |
EMS Tenant ID |
string |
|
diagnose endpoint lls-comm send ztna message-format
Select if wad header is sent
diagnose endpoint lls-comm send ztna message-format <index>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<index> |
0: standard 1: wad informer |
string |
|
diagnose endpoint lls-comm send ztna subscribe-all
Subscribe to all FortiClients on selected LLS bits
diagnose endpoint lls-comm send ztna subscribe-all <mask>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<mask> |
Bit mask |
string |
|
diagnose endpoint lls-comm send ztna unsubscribe-all
Unsubscribe to all FortiClients on issuing LLS
diagnose endpoint lls-comm send ztna unsubscribe-all
diagnose endpoint lls-comm send ztna unsubscribe-uid
Unsubscribe from FortiClient UID
diagnose endpoint lls-comm send ztna unsubscribe-uid <ftct-uid> <emssn> <ems-tenant-id>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ftct-uid> |
Client UID |
string |
|
|
<emssn> |
EMS Serial Number |
string |
|
|
<ems-tenant-id> |
EMS_Tenant ID |
string |
|
diagnose endpoint lls-comm status
Status.
diagnose endpoint lls-comm status
diagnose endpoint record
Endpoint records.
diagnose endpoint record
diagnose endpoint record delete
Delete endpoint records.
diagnose endpoint record delete <ipv4-address>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ipv4-address> |
Source IPv4 address. |
string |
|
diagnose endpoint record list
List endpoint records.
diagnose endpoint record list <ipv4-address> <mac-address> <forticlient-uid>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<ipv4-address> |
Source IPv4 address ("any" for all IP addresses). |
string |
|
|
<mac-address> |
Source MAC address ("any" for all MAC addresses). |
string |
|
|
<forticlient-uid> |
FortiClient UID ("any" for all UID's). |
string |
|
diagnose endpoint record summary
List summary of endpoint records.
diagnose endpoint record summary
diagnose endpoint record update-by-json
Add endpoint record by JSON.
diagnose endpoint record update-by-json <uid> <ems-sn> <ems-tenant-id> <json>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<uid> |
FortiClient UID. |
string |
|
|
<ems-sn> |
FortiClient EMS serial number. |
string |
|
|
<ems-tenant-id> |
FortiClient EMS tenant ID. |
string |
|
|
<json> |
JSON string. |
string |
|
diagnose endpoint tags
Tags.
diagnose endpoint tags
diagnose endpoint tags remove-by-id
Remove Dynamic address tags by EMS ID.
diagnose endpoint tags remove-by-id <EMS-ID>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<EMS-ID> |
EMS ID. |
string |
|
diagnose endpoint tags remove-by-name
Remove specific tag by EMS ID and name.
diagnose endpoint tags remove-by-name <TAG-Name> <EMS-ID>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<TAG-Name> |
Tag name. |
string |
|
|
<EMS-ID> |
EMS ID. |
string |
|
diagnose endpoint tags remove-by-name-legacy
Remove specific tag by Serial Number and name (LEGACY).
diagnose endpoint tags remove-by-name-legacy <TAG-Name> <SN>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<TAG-Name> |
Tag name. |
string |
|
|
<SN> |
Serial Number. |
string |
|
diagnose endpoint tags remove-by-sn
Remove Dynamic address tags by Serial Number (LEGACY).
diagnose endpoint tags remove-by-sn <SN>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<SN> |
Serial Number. |
string |
|
diagnose endpoint tags test-common-tag-update
Test update tags for FortiClient EMS
diagnose endpoint tags test-common-tag-update <TAG-INFO-JSON>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<TAG-INFO-JSON> |
JSON string for commands. |
string |
|
diagnose endpoint tags test-update
Test update tags.
diagnose endpoint tags test-update <EMS-SN> <TAG-INFO-JSON> <TAG-MEMBERS-JSON>
|
Parameter |
Description |
Type |
Size |
|---|---|---|---|
|
<EMS-SN> |
FortiClient EMS Serial Number. |
string |
|
|
<TAG-INFO-JSON> |
JSON string for tag_info. |
string |
|
|
<TAG-MEMBERS-JSON> |
JSON string for tag_members. |
string |
|