Description
This document explains how to use Tera Term to run a script for sniffing the traffic on a FortiGate and to save the output to different text files automatically.
Scope
FortiGate.
Solution
TTLEditor & Tera Term must be installed to run this script. TTLEditor is distributed as part of the Tera Term installation package.
An example of the script to be used is given below:
|
connect 'x.x.x.x /2 /ssh /auth=password /user=admin /passwd='
; replace x.x.x.x with Fortigate IP address
; replace admin with administrator account
; Enter the password for the account
changedir 'c:\'
; please change the directory where you want to store the log file
:INIT
count=1
:MAIN
getdate logfile "log-sniff-%Y%m%d-%H%M%S.txt"
; output will be saved to logfile with timestamp
logopen logfile 0 1 0 0 1
pause 3
sendln 'exec date'
pause 2
sendln 'exec time'
pause 2
goto sniffer
:sniffer
sendln "diag sniffer packet any 'host 67.8.193.130' 6"
pause 600
send #3
pause 2
logclose
; wait for 10 minutes before generating new log file
call looping
goto MAIN
return
:looping
if count > 9500000 then
end
else
count=count+1
return
endif |
