Generate a list of matching FortiGate policies

Forum|Forum|1 year ago
April 29, 2025
1 reply
1289 views

I like to generate a weekly report that includes any active FortiGate-Policy filtered by some keywords in their name.

I'm able to query them from $log-traffic, but obviously this gets only the policies with traffic.

Is there a table that includes the configured policies regardless of them having traffic or not?

FortiAnalyzer

Best answer by funkylicious

as you already noticed, in FAZ you would have logs and info about the firewall policies that have either logging all sessions or security profiles matches.

you could do a diff between the policy id/name from FAZ that are being noticed there and the ones actually configured on the FGT.

in the GUI you would also enable the column Hit Count and see the ones with no match/0 hits or Last Used to see when they were last used/matched.

funkylicious

SuperUser

show firewall policy | grep TEXT ? you could do a -A X lines to print the next X lines

"jack of all trades, master of none"

AndiGAuthor

New Member

Hi Funkylicious

Thanks for your suggestion. Grep would kind of work, yes...

But I'm looking for an automated solution, prefferably using FortiAnalyzer and being able to use its SQL capabilities for advanced filtering.

funkyliciousAnswer

SuperUser

as you already noticed, in FAZ you would have logs and info about the firewall policies that have either logging all sessions or security profiles matches.

you could do a diff between the policy id/name from FAZ that are being noticed there and the ones actually configured on the FGT.

in the GUI you would also enable the column Hit Count and see the ones with no match/0 hits or Last Used to see when they were last used/matched.

"jack of all trades, master of none"

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded