I have a recurring occurance at 02:30 (2:30 AM) every night, where DNS name resolutions fail.
I'd like to run the following CLI commands on our FortiGate 60D at 02:20, so I'll have some data to debug the DNS issue:
dia debug reset
dia de flow filter port 53
dia de consol time en
dia de flow show fun en
dia de flow trace start 100000000
dia de en
I was thinking of using crontab to execute a CLI script, or a list of CLI commands, something like:
ssh <my_fortigate_ip> "dia debug reset ; dia de flow filter port 53 ; dia de consol time en ; dia de flow show fun en ; dia de flow trace start 100000000 ; dia de en"
- Can more than one CLI commands be entered on a CLI shell line? What is the separator between CLI commands?
- Can an ssh key exchange (or equivalent) be performed so I could log in to the FortiGate from a certain machine, without being prompted for a password?
- Is there another way to collect data non-interactively on a FortiGate between certain times?
Best Answer
The 60D is a bit tricky since it doesn't log much locally. I never understood why it can't log to a local USB stick. I'd recommend setting up a syslog server.
No, I don't think FortiOS supports that. You'll need to send line breaks in between.
Yes. You can set a local admin password by running
See https://kb.fortinet.com/kb/documentLink.do?externalID=11985 for details.
I'd simply run a packet capture with a filter set so that it doesn't run out before that problem happens.
You can run a packet capture from the GUI or in CLI
See https://kb.fortinet.com/kb/documentLink.do?externalId=11186 for details.
You could also schedule a script but I haven't actually done that yet.