Skip to main content
ebilcari
Staff
ebilcari
Staff
February 26, 2025

Technical Tip: Use a custom script to send personalized output to a Syslog server

  • February 26, 2025
  • 0 replies
  • 478 views

Description

 

This article describes how to create and use Custom Script in FortiNAC and how to send customizable information to a Syslog server.
In this example, a simple use case is shown that checks the licenses. The script can be customized for different verification mechanisms.

 

Scope

 

FortiNAC.

 

Solution

 

The scripts in FortiNAC are located in the '/home/cm/scripts' directory and can be reached after entering the shell.

 

fnac74p # execute enter-shell
fnac74p:~$ cd /home/cm/scripts
fnac74p:~$ touch CheckAndSendSyslog.sh
fnac74p:~$ chmod +x CheckAndSendSyslog.sh
fnac74p:~$ vi -N CheckAndSendSyslog.sh

 

The content of the script can be pasted into the editor and then saved (:wq). This is an example of a Bash script:

 

########################  CheckAndSendSyslog.sh ##################
# Check the license count and send a syslog to an external server
##################################################################
 
#!/bin/bash
 
## Set Base Directory and define settings
BASEDIR="/home/cm/scripts/"
FullInfo="$BASEDIR/FullInfo.txt"
Warning=500
Critical=100
Server=10.1.1.10
Port=6514
 
###############################################################
## Find the license information and save the ouptput in a file
 
RunClient DumpLicenseCount -count -concurrent > "$FullInfo"
 
###############################################################
## Parse data to find license usage
 
# Extract used and max values correctly
used=$(grep "Concurrent Licenses Used  =" "$FullInfo" | awk -F'=' '{print $2}' | awk -F',' '{print $1}' | tr -d ' ')
max=$(grep "Concurrent Licenses Used  =" "$FullInfo" | awk -F'Max =' '{print $2}' | tr -d ' ')
 
# Ensure variables are numbers
used=$((used))
max=$((max))
 
# Calculate difference
difference=$((max - used))
 
# Determine status
if (( difference < Critical )); then
    status="CRITICAL: Very few licenses left!"
elif (( difference < Warning )); then
    status="WARNING: Running low on licenses!"
else
    status="OK: License count is sufficient."
fi
 
# Print results
echo "License Status: Used: $used, Available: $difference, $status"
 
# Send a messages to the syslog server
echo "License Status: Used: $used, Available: $difference, $status" | nc $Server $Port
 
# Clean up
rm -f "$FullInfo"

 

The script can be configured to run as a scheduled task or as a response to an Event Mappings:

 

Schedule-task.PNG

 

Syslog content sent to the Syslog server depending on the license usage should appear as follows:

 

2025-02-26 12:50:34 Local7.Debug 10.1.2.71 License Status: Used: 5, Available: 99995, OK: License count is sufficient.

 

Note:

A license notification is already built-in FortiNAC, Logs -> Events & Alarms -> Management -> Event Thresholds. It creates an internal event when the license usage reaches 75% and 95%. This example demonstrates the flexibility of the scripts and the customizable information that can be sent to a syslog server.

 

The same type of script can also be triggered through an Event to Alarm Mapping to customize the event content and send it to a syslog server, as follows: 

alarmtosyslog.PNG

 

Related articles:

      Terms & ConditionsAccessibility statement