Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
agodbole
Staff
Staff

Created on ‎11-13-2025 11:57 AM Edited on ‎12-01-2025 09:51 PM By Community Manager

Article Id 418975

Technical Tip: How to send CLI script action output to email for a custom automation stitch

Description

 

This article describes how to create a custom automation stitch that runs a CLI script and sends its output to email when the automation stitch is triggered.

 

Scope

 

FortiGate V7.0, v7.2, v7.4, v7.6.

 

Solution

 

The trigger condition used for this case is when the FortiGuard web filtering service is unavailable.

  1. Create a Trigger: From the FortiGate GUI, navigate to the following page:

 

How to Create a Trigger.jpg

 

Webfilter unreachable.jpg

 

  1. Create an Action: Here, create two actions: a. CLI Script, b. Email notification to send the CLI output to email. 
    From the FortiGate GUI, navigate to:
    1. Create a CLI script:

Create Automation Action.jpg

 

Create CLI action.jpg

 

    1. Create an email notification to send CLI script output to email. Add %%results%% in the Body section to send the previous action output to email.

 

Add email address.jpg

 

  1. Create a stitch.

Select the Action and Trigger created previously, and select the email notification action after the CLI script Action.

 

Create Stitch_1.jpg

 

Once completed, the FortiGate will send the CLI output to the email address in the Email Notification section.

 

CLI Reference:

 

config system automation-trigger

    edit "Webfilter Unreachable"

        set event-type event-log

        set logid 20119

    next

end

 

config system automation-action

    edit "Webfilter Unreachable_Action"

        set action-type cli-script

        set script "diagnose debug rating

diagnose sniffer packet any \"host 173.243.141.16 or host 173.243.140.16\" 6 50 l"

        set accprofile "super_admin"

    next

end

 

config system automation-action

    edit "Email Notification_Webfilter"

        set action-type email

        set email-to "test@example.com"

        set email-subject "%%log%%"

        set message "%%results%%"

    next

end

 

config system automation-stitch

    edit "Webfilter Un reachable"

        set trigger "Webfilter Unreachable"

        config actions

            edit 1

                set action "Webfilter Unreachable_Action"

                set required enable

            next

            edit 2

                set action "Email Notification_Webfilter"

                set required enable

            next

        end

    next

end

 

To test an automation stitch:

On the FortiGate GUI, go to Security Fabric -> Automation, 'right-click' on the dedicated automation stitch, select Test Automation Stitch. Testing an automation stitch from the CLI is performed using the command: diagnose automation test <stitch-name> <log>.

 

Related articles:
Technical Tip: Creating automation stitches
Technical Tip: Automation stitch for conserve mode

250
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.