Technical Tip: Creating automation stitches in FortiOS v7.0 and v7.2

Description

This article describes how to configure FortiGate to automatically respond to various trigger events. This article is for FortiOS v7.0 and v7.2, the automation workflow was redesigned to be more efficient and clearer for the user.

Scope

FortiGate.

Solution

Automation stitches, actions, and triggers have separate dialogs and are no longer part of the main automation stitch dialog, like in previous FortiOS versions (v6.2, v6.4).

1. When creating a stitch, selecting 'Add Trigger' or 'Add Action' displays a list of available triggers and actions, and also the option to create new ones
   
   

2. Once the stitch is configured, a process diagram of the trigger, actions, and delays is displayed.

• Select 'Link monitor status' if the link monitor is configured.
  
• Select 'Routing information changed' if SD WAN is configured with a performance SLA.
• Select 'Interface status changed' if the physical status of the uplink should be monitored.

 

Not all the triggers can be edited if they are based on some singular FortiOS event, e.g., reboot or failover.

The trigger can also be configured as a recurring schedule (hourly, daily, etc) for a specific action:

 

 

Other possible triggers:

 

 

To configure an action or update an existing one:

 

Another popular activity is running a CLI script - for example, it can be used to restart a process if automation gets triggered by 'High CPU' or 'Conserve Mode' triggers. To configure it, choose 'Create New' on the Action page and find 'CLI Script':

 

The commands can be either specified manually or recorded in the console widget.

• Local Certificate Expiry: specify the certificate name to execute.
• Separate triggers based on Event logs, such as Virus Logs, SSH logs, IPS Logs, Webfilter violations, etc.
• Schedule-based trigger allows to configure a one-time action, not only a recurrent.