FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
jiyong
Staff
Staff
Article Id 274599
Description

 

This article describes how to indicate the date in the file name in relation to FortiGate's automatic backup.

 

Scope

 

FortiGate v7.0, v7.2, v7.4.

 

Solution

 

Step 1: Configure the automation trigger (see Automation stitches).


Settings to trigger the stitch daily at 2 AM local time:

 

config system automation-trigger
    edit "backup_test"
        set trigger-type scheduled
        set trigger-hour 02
        set trigger-minute 00
    next
end

 

Step 2: Configure automation-action.


Settings to perform backup using ‘CLI script’:

 

config system automation-action
    edit "date_backup_test"
        set action-type cli-script
        set script "execute backup config sftp %%date%%_FGT_backup.conf 10.0.3.225 my-ftp-user qwe123"
        set accprofile "super_admin"
    next
end

 

The command given in the script can be modified for different file transfer methods. For FTP, note that port number and username are optional depending on the FTP site:


execute backup config ftp <backup_filename> <ftp_server>[<:ftp_port>] [<user_name>] [<password>] [<backup_password>]

 

TFTP:


execute backup config tftp <backup_filename> <tftp_servers> [<backup_password>]

 

SFTP:


execute backup config sftp <backup_filename> <sftp_server>[<:sftp_port>] <user> <password> [<backup_password>]

 

If VDOM is enabled, add a 'config global' line to the script:

 

config system automation-action
    edit "date_backup_test"
        set action-type cli-script
        set script "config global

            execute backup config sftp %%date%%.conf 10.0.3.225 my-sftp-user qwe123

            end"
        set accprofile "super_admin"
    next
end

 

Although the command is run in the global VDOM, the file transfer itself will be attempted using the management VDOM's interfaces and routing. Refer to FortiOS v7.6.3 Administration Guide for more information on management VDOM.

 

Step 3: Configure automation-stitch.
Combine the settings from steps 1 and 2 to create a single automation configuration.

 

config system automation-stitch
    edit "backup_test"
        set status enable
        set trigger "backup_test"
            config actions
                edit 1
                    set action "date_backup_test"
                    set required enable
                next
            end
    next
end

 

Step 4: Result.
If the file name of the script set in step 2 includes '%%date%%', this is converted to the current date in 'YYYY-MM-DD' format at the time the automation stitch runs.

 

For example 1:


set script "execute backup config sftp %%date%%.conf 10.0.3.225 my-sftp-user qwe123"

 

2023-09-19.conf
2023-09-20.conf

 

For example 2:


set script "execute backup config ftp FGT_%%date%%_backup.conf 10.0.3.225 my-ftp-user qwe123"

 

FGT_2023-09-19_backup.conf
FGT_2023-09-20_backup.conf

 

Caution:
Verify the result after configuring the automation stitch.

'%%date%%', '%%time%%', and other automation variables are a feature of the automation stitch, not the CLI command itself. They are not supported when running the 'execute backup' command manually from the CLI.

If the command is run manually from CLI, '%%date%%' will appear in the filename on the remote server. Alternatively, the backup job may fail if the remote server does not allow the '%' character in filenames.

 

1.PNG

 

If the backup was triggered by the automation action script, the date will be generated correctly and appear in the filename on remote server.

 

2.PNG

 

Related documents:
Technical Tip: Automated configuration backups with variable names based on the date
Configuration ba...

Technical Tip: Directing FortiGate TFTP Backup Traffic Using a Specific Source IP Address

Technical Tip: How to send automated backups of the configuration from a FortiGate with an automatio...