Description
Automation stitches can be created to run a CLI script and send an email message when CPU exceeds specified thresholds.
This article describes how to create these automation stitches.
Scope
FortiGate.
Solution
To define CPU and memory usage thresholds:
config system global
set cpu-use-threshold <percent>
end
In the above, 'cpu-use-threshold' is the threshold at which CPU usage is reported, in percentage of total possible CPU utilization (default = 90).
Configure the automation stitches.
To create an automation stitch for high CPU usage:
Create an automation action to run a CLI script:
config system automation-action
edit "high_cpu_debug"
set action-type cli-script
set required enable
set script "diagnose debug cli 8
diagnose debug console timestamp enable
diagnose debug enable
diagnose debug crashlog read
get system performance status
get system session status
diagnose sys session full-stat
diagnose firewall iprope state
diagnose sys flash list
diagnose hardware sysinfo memory
diagnose hardware sysinfo slab
diagnose hardware sysinfo shm
diagnose hardware deviceinfo disk
get system arp
diagnose ip arp list
diagnose ip address list
get router info routing-table all
get router info kernel
diagnose sys top 9 99 3
next
end
Create an automation action to send an email:
config system automation-action
edit "auto_high_cpu_email"
set action-type email
set email-to "person@fortinet.com"
set email-subject "CSF stitch alert: high_cpu"
set email-body "%%results%%"
next
end
Create an automation trigger:
config system automation-trigger
edit "auto_high_cpu"
set event-type high-cpu
next
end
Create an automation stitch:
config system automation-stitch
edit "auto_high_cpu"
set trigger "auto_high_cpu"
set action "high_cpu_debug" "auto_high_cpu_email"
next
end
Once the CPU reaches the threshold, an email will be received.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.