Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ssriswadpong
Staff & Editor
Staff & Editor

Created on ‎03-13-2023 11:37 PM Edited on ‎01-21-2026 02:13 AM By Community Manager

Article Id 248991

Technical Tip: How to run auto-script and send the output to FTP/TFTP server

Description

This article describes how to run an auto-script and send the output to the FTP/TFTP server.
Scope FortiGate.
Solution

In this example, the auto-script will be run when FortiGate enters conserve mode. This will be useful when troubleshooting the conserve mode issue.

 

  1. Create the auto-script:


config system auto-script
    edit "Collect logs"
        set script "
            get system status
            get system performance status
            get system session status

            diagnose sys top-mem 100
            diagnose sys top 1 99 10
            diagnose hardware sysinfo memory
            diagnose hardware sysinfo slab
            diagnose hardware sysinfo shm

                          "

    next
end

 

Important Note:
The auto-script output is stored in the RAM, so use with caution as improper use of the auto-script may trigger a conserve mode, especially if running multiple scripts with a maximum of 10MB (set output-size).

 

Note:
For more information on auto-script configuration, testing, and verification, check Technical Tip: Automated scripts (auto-script). Execution, testing and verification explained with e....

 

  1. Create automation-action. In this example, the FTP server IP address is 10.207.2.82, the username is 'admin', and the password is 'password'. The FTP server can be changed to a TFTP server, and a username and password are not required for TFTP.

     

config system automation-action
    edit "Send to FTP server"
        set action-type cli-script
        set script "execute auto-script backup ftp \"Collect logs\" 10.207.2.82:21 admin password"
        set accprofile "super_admin"
    next
    edit "Run collect logs"
        set action-type cli-script
        set script "execute auto-script start \"Collect logs\""
        set accprofile "super_admin"
    next
end

 

  1. Create an automation-trigger for conserve mode.

     

 

config system automation-trigger
    edit "Conserve Mode"
        set event-type low-memory
    next
end

 

Note that the trigger can be every month, hour, daily, weekly, or once.

 

trigger.png

 

config system automation-trigger
    edit "Daily"
        set trigger-type scheduled
        set trigger-frequency Daily
    next
end

 

Create automation-stitch.


In this example, a delay of 15 seconds is added for waiting for the output of the auto-script.


config system automation-stitch
    edit "Run auto-script"
        set trigger "Conserve Mode"
            config actions
                edit 1
                    set action "Run collect logs"
                    set required enable
                next
                edit 2
                    set action "Send to FTP server"
                    set delay 15
                    set required enable
                next
            end
    next
end

 

These can be configured in WebGUI under Security Fabric -> Automation:


ssriswadpong_2-1678730568653.png


When the FortiGate enters the conserve mode, the auto-script will be run, and the output will be sent to the FTP server.


ssriswadpong_0-1678730451553.png


Sample of the output file:

 

ssriswadpong_1-1678730511978.png
4733
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.