Fortinet black logo

Administration Guide

Home FortiWeb 7.4.1 Administration Guide
7.4.1
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.10
7.0.9
7.0.8
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.2
6.4.1
6.4.0
6.3.23
6.3.19
6.3.18
6.3.17
6.3.16
6.3.15
6.3.14
6.3.13
6.3.11
6.3.10
6.3.9
6.3.7
6.3.6
6.3.5
6.3.4
6.3.3
6.3.2
6.3.1
6.3.0
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.1.2
6.1.1
5.7.0
5.6.1
5.6.0
5.6.0

Automation

Automation

Automation stitches pair a trigger with one or more response actions to allow FortiWeb to automatically respond with the action(s) once the trigger condition is met.

From the Security Fabric > Automation page, you can create an automation stitch by selecting a Trigger event type and the corresponding Action that you would like to automate.

FortiWeb supports three event types and one response actions for automation.

  • Triggers: Reboot, Low memory, HA, Event log

  • Actions: CLI Script.

To create an automation using stitches, you need to follow these steps:

  1. Create a Trigger: Define the event that will initiate the automation. See Creating a trigger.
  2. Set up an Action Resource: Specify the action you want the system to perform when the trigger is activated. This could be sending an email or running a CLI script. See Creating an action.
  3. Create an Action: Combine the previously defined action resource with additional details, if necessary, to fully describe what the automation should do when triggered. See Creating an action.
  4. Stitch Everything Together: Integrate the trigger and action you've created into a stitch. This step effectively binds the trigger event with the specified action. See Creating a stitch.
Creating a trigger

Certain events can trigger the system to take corresponding actions. You can define the trigger events or use the pre-defined triggers including low memory, HA failover, and reboot.

  1. Go to Security Fabric > Automation.
  2. Select the Trigger tab.
  3. Click Create New to display the configuration editor.
  4. Select the trigger type. FortiWeb supports four types of triggers:
    • System: Reboot, Low memory, HA.

    • Miscellaneous: FortiWeb Event log.

    System
    RebootThe system reboots.
    Low memoryAvailable memory is less than 100 MB.
    HAHA fail-over occurs.
    Miscellaneous
    FortiWeb Event LogThe system prints certain even logs.
  5. If you have selected one of the system triggers, enter a name and description for the trigger.
  6. If you have selected FortiWeb Event Log, enter a name and description for the trigger. Then configure the following options to define the event log.
    • Click the Add icon beside the Event field, then select the type of the event log.
    • Click the Add icon beside the Field filters, then enter the field name and value to narrow down to specific event logs.
      The available field names are Action, Date/Time, Level, Message, User Interface, Log ID, MSG ID, Status, Sub Type, and User.
      To find the appropriate values for the specified field, you can try add a filter in Log&Report > Log Access > Event with the desired log field name and then check its values.


  7. Click OK.
Creating an action
  1. Go to Security Fabric > Automation.
  2. Select the Action resources tab.
  3. Click Create New under either Email or CLI Script.

    4. For the Email action, perform the following steps:

    1. Enter a name for the action resource.
    2. Enter the subject of the email to be sent.
    3. Enter the email body. Simple string and two parameters are supported:
      1. %%log%%: All fields from the log event triggering this stitch.
      2. %%results%%:The complete result from previous action, such as CLI script.
    4. Select the email policy. For more information, see "Configuring email settings" in Alert email.
    5. Click OK.

    For the CLI Script action, perform the following steps:

    1. Enter a name for the action resource.
    2. Enter the CLI scripts to be run. You can enter multiple CLI commands.
    3. Click OK.
  4. Select the Action tab.
  5. Click Create New.
  6. Enter a name for the action.
  7. Enter a description for the action.
  8. Select the type of actions resource you want to add in this action.
  9. Select the action resource you have created in the tabAction Resources.
  10. Click OK.
Creating a stitch

Integrate the trigger and action you've created into a stitch.

  1. Go to Security Fabric > Automation.
  2. Select the Stitch tab.
  3. Click Create New.
  4. Enter a name for the stitch.
  5. Select whether to enable or disable this stitch.
  6. Enter a description for the stitch.
  7. Click Add Trigger, select the trigger you have created in the Trigger tab, or the pre-defined triggers, then click Apply.
  8. Click Add Action, select the action to take when the trigger event occurs, then click Apply. You can add multiple actions for a stitch.
  9. Click OK.

Previous
Next

Automation

Automation stitches pair a trigger with one or more response actions to allow FortiWeb to automatically respond with the action(s) once the trigger condition is met.

From the Security Fabric > Automation page, you can create an automation stitch by selecting a Trigger event type and the corresponding Action that you would like to automate.

FortiWeb supports three event types and one response actions for automation.

  • Triggers: Reboot, Low memory, HA, Event log

  • Actions: CLI Script.

To create an automation using stitches, you need to follow these steps:

  1. Create a Trigger: Define the event that will initiate the automation. See Creating a trigger.
  2. Set up an Action Resource: Specify the action you want the system to perform when the trigger is activated. This could be sending an email or running a CLI script. See Creating an action.
  3. Create an Action: Combine the previously defined action resource with additional details, if necessary, to fully describe what the automation should do when triggered. See Creating an action.
  4. Stitch Everything Together: Integrate the trigger and action you've created into a stitch. This step effectively binds the trigger event with the specified action. See Creating a stitch.
Creating a trigger

Certain events can trigger the system to take corresponding actions. You can define the trigger events or use the pre-defined triggers including low memory, HA failover, and reboot.

  1. Go to Security Fabric > Automation.
  2. Select the Trigger tab.
  3. Click Create New to display the configuration editor.
  4. Select the trigger type. FortiWeb supports four types of triggers:
    • System: Reboot, Low memory, HA.

    • Miscellaneous: FortiWeb Event log.

    System
    RebootThe system reboots.
    Low memoryAvailable memory is less than 100 MB.
    HAHA fail-over occurs.
    Miscellaneous
    FortiWeb Event LogThe system prints certain even logs.
  5. If you have selected one of the system triggers, enter a name and description for the trigger.
  6. If you have selected FortiWeb Event Log, enter a name and description for the trigger. Then configure the following options to define the event log.
    • Click the Add icon beside the Event field, then select the type of the event log.
    • Click the Add icon beside the Field filters, then enter the field name and value to narrow down to specific event logs.
      The available field names are Action, Date/Time, Level, Message, User Interface, Log ID, MSG ID, Status, Sub Type, and User.
      To find the appropriate values for the specified field, you can try add a filter in Log&Report > Log Access > Event with the desired log field name and then check its values.


  7. Click OK.
Creating an action
  1. Go to Security Fabric > Automation.
  2. Select the Action resources tab.
  3. Click Create New under either Email or CLI Script.

    4. For the Email action, perform the following steps:

    1. Enter a name for the action resource.
    2. Enter the subject of the email to be sent.
    3. Enter the email body. Simple string and two parameters are supported:
      1. %%log%%: All fields from the log event triggering this stitch.
      2. %%results%%:The complete result from previous action, such as CLI script.
    4. Select the email policy. For more information, see "Configuring email settings" in Alert email.
    5. Click OK.

    For the CLI Script action, perform the following steps:

    1. Enter a name for the action resource.
    2. Enter the CLI scripts to be run. You can enter multiple CLI commands.
    3. Click OK.
  4. Select the Action tab.
  5. Click Create New.
  6. Enter a name for the action.
  7. Enter a description for the action.
  8. Select the type of actions resource you want to add in this action.
  9. Select the action resource you have created in the tabAction Resources.
  10. Click OK.
Creating a stitch

Integrate the trigger and action you've created into a stitch.

  1. Go to Security Fabric > Automation.
  2. Select the Stitch tab.
  3. Click Create New.
  4. Enter a name for the stitch.
  5. Select whether to enable or disable this stitch.
  6. Enter a description for the stitch.
  7. Click Add Trigger, select the trigger you have created in the Trigger tab, or the pre-defined triggers, then click Apply.
  8. Click Add Action, select the action to take when the trigger event occurs, then click Apply. You can add multiple actions for a stitch.
  9. Click OK.

Previous
Next