| Description | The article describes how to test an automation stitch configured for event log. |
| Scope |
FortiGate. |
| Solution |
When an automation-stich is configured for event log, in GUI the test is grey and not able to be used.
For example for a stich that check the interface status, there is:
config system automation-trigger
In order to test this stich we use the CLI command:
diagnose automation test[stich]
After the automation trigger name CLI prompts for:
"arg please input args"
There, it is necessary to add the log. In this case the test should be done as:
diagnose automation test interface "date=2022-05-24 time=12:29:26 eventtime=1653388166478984429 tz=\"+0200\" logid=\"0100020099\" type=\"event\" subtype=\"system\" level=\"warning\" vd=\"root\" logdesc=\"Interface status changed\" action=\"interface-stat-change\" status=\"UP\" msg=\"Link monitor: Interface dmz was turned up\" "
Results:
automation test is done. stitch:interface Note: If 'field filter' is configured in automation trigger, make sure the filter matches 'log field name', as the stitch will otherwise not be triggered. For more information, refer to FortiOS event log trigger - FortiGate 7.6.3 administration guide. |
