FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description Automation stitches can be created to run a CLI script and send an email message when CPU exceeds specified thresholds.
This article describes how to creates these automation stitches.
Solution To define CPU and memory usage thresholds:
# config system global set cpu-use-threshold <percent> end
Where: 'cpu-use-threshold'
Threshold at which CPU usage is reported, in percent of total possible CPU utilization (default = 90).
Configure the automation stitches.
To create an automation stitch for high CPU usage:
Create an automation action to run a CLI script:
# config system automation-action edit "high_cpu_debug" set action-type cli-script set required enable set script "diagnose debug cli 8 # diagnose debug console timestamp enable # diagnose debug enable # diagnose debug crashlog read # get system performance status # get system session status # diagnose sys session full-stat # diagnose firewall iprope state # diagnose sys flash list # diagnose hardware sysinfo memory # diagnose hardware sysinfo slab # diagnose hardware sysinfo shm # diagnose hardware deviceinfo disk # get system arp # diagnose ip arp list # diagnose ip address list # get router info routing-table all # get router info kernel # diagnose ip rtache list # diagnose sys top-summary # diagnose sys top 9 99" next end
Create an automation action to send an email:
# config system automation-action edit "auto_high_cpu_email" set action-type email set email-to "person@fortinet.com" set email-subject "CSF stitch alert: high_cpu" set email-body "%%results%%" next end
Create an automation trigger:
# config system automation-trigger edit "auto_high_cpu" set event-type high-cpu next end
Create an automation stitch:
# config system automation-stitch edit "auto_high_cpu" set trigger "auto_high_cpu" set action "high_cpu_debug" "auto_high_cpu_email" next end
Once the CPU reaches the threshold, an email will be received.
