Security Fabric disables the privileges of configuring the Automation stitch directly from Downstream FortiGates, as shown in the picture below.

Solution:

It is possible to configure the Automation stitch for Downstream FortiGates directly from the Root FortiGate, as shown in the picture:

Even after configuring the automation stitch mentioned above, the user would still not be able to see it configured on the GUI of Downstream FortiGate.

Note:

Beware of the utilization and use case for the option 'Execute on Security Fabric'. More information is available in Technical Tip: Looping Automation Stitch in Security Fabric Setup.

Run the command below to check how many devices are connected to the security fabric: Viewing a summary of all connected FortiGates in a Security Fabric 

diagnose system csf global

It is possible to confirm the Automation stitch info by running the command below on the Downstream FortiGate:

diagnose test application autod 2

It is possible to see the Stitch 'Test' in the CLI of the Downstream FortiGate and the number of times the stitch was triggered. In this case, the Local hit is shown as 4, meaning that the Automation stitch was triggered 4 times.

To see the output of the triggered stitch, it is possible to run the autod debugs on the Downstream FortiGate as shown below:

diagnose debug application autod -1

diagnose debug enable

If the debug output does not show any output, then check the configuration on the Root FortiGate and make sure to select the right Downstream FortiGate.