Skip to main content
FlashOver
FlashOver
New Member
November 22, 2013
Question

grep the grep command on CLI ?

  • November 22, 2013
  • 4 replies
  • 30739 views
Can I grep and grep output the get more detailed information. For example, I like to see only the policy number where wan1 is used for example When I do: show firewall policy | grep -B 2 wan1 I get three lines per policy.... but I like to grep the grep output like that. show firewall policy | grep -B 2 wan1 | grep edit is that possible? And if not - where to request that as improvement?

    4 replies

    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    November 23, 2013
    No, chaining is not possible in the CLI. I suspect it' s not a true shell, just parsed input. A feature request for a full shell (ksh or bash...) would find quite a lot of support I guess, with more than a meagre ' grep' .
    emnoc
    emnoc
    New Member
    November 23, 2013
    is that possible? And if not - where to request that as improvement?
    Contact your regional sales team and SE. if your a customer and have an account with fortinet they will push a request. I' ve asked for the same thing a full shell like what you have on a juniper SRX for example. I' m really surprise fortinet has not made that a function.
    fropert_FTNT
    Staff
    fropert_FTNT
    Staff
    November 23, 2013
    Hello, Since 5.0.4 (if I remember correctly) grep -f will do grep per configuration section context and pinpoint the grepped word (wan1 in this forum post case) with arrows " <----" . Regards, Francois
    emnoc
    emnoc
    New Member
    February 3, 2018

    for the OP I would try a different approach

     

    diag sys checkused system.interface.name wan1

     

    That will list the  policy_id# by interface wan,but no you  can't pipe grep output into another grep.

    journeyman
    journeyman
    New Member
    September 4, 2020

    I would very much like to be able to grep -f | grep -f in the cli, and have previously submitted a feature request.

    Can anyone advise if this has been added to more recent versions of FortiOS or planned? In production we run 6.0.x and it's not there.

    Does anyone have visibility of existing feature requests and their chances of implementation? Can we see them and upvote?

    emnoc
    emnoc
    New Member
    November 21, 2020

    Yeah the easy way to do this would be 

     

    show firewall policy | grep -f wan1

     

    Ken Felix

    Terms & ConditionsAccessibility statement