Technical Note : Using Tera Term sniffer with a FortiGate to save output to different files every <N> seconds

cwan · ‎11-24-2011

Description

This document explains how to use Tera Term to run a script for sniffing the traffic on a FortiGate and to save the output to different text files automatically.

Scope

FortiGate.

Solution

TTLEditor & Tera Term must be installed to run this script. TTLEditor is distributed as part of the Tera Term installation package.

An example of the script to be used is given below:

connect 'x.x.x.x /2 /ssh /auth=password /user=admin /passwd='
; replace x.x.x.x with Fortigate IP address
; replace admin with administrator account
; Enter the password for the account

changedir 'c:\'
; please change the directory where you want to store the log file

:INIT
count=1
:MAIN
getdate logfile "log-sniff-%Y%m%d-%H%M%S.txt"
; output will be saved to logfile with timestamp

logopen logfile 0 1 0 0 1
pause 3
sendln 'exec date'
pause 2
sendln 'exec time'
pause 2
goto sniffer

:sniffer
sendln "diag sniffer packet any 'host 67.8.193.130' 6"
pause 600
send #3 
pause 2
logclose
; wait for 10 minutes before generating new log file

call looping
goto MAIN
return

:looping
if count > 9500000 then
end
else
count=count+1
return 
endif

Technical Note : Using Tera Term sniffer with a FortiGate to save output to different files every <N> seconds

You are leaving our website