Created on
‎05-29-2024
09:26 PM
Edited on
‎05-29-2024
09:28 PM
By
Anthony_E
Description | This article describes how to use switch-info and custom commands on FortiGate to pull useful diagnostic CLI outputs from all managed FortiSwitches in one step. |
Scope | FortiGate, FortiSwitches. |
Solution |
When there are multiple FortiSwitches managed in the FortiGate, during troubleshooting (or monitoring) there could be scenarios where we might need to collect certain diagnostic CLI outputs from all the FortiSwitches in one go, instead of connecting to each FortiSwitch and collecting the CLI outputs. For example, CLI commands to pull the PSU status, fan status, port status, LLDP status, etc on all the FortiSwitches.
For these scenarios 'diagnose switch-controller switch-info' and 'custom-commands' can be used to run the request one time on the FortiGate to pull the required CLI outputs from all the FortiSwitches in the Fabric.
Part 1: switch-info.
Here are a few examples of possible diagnostic CLI outputs that can be gathered using the 'diagnose switch-controller switch-info' command.
diagnose switch-controller switch-info <one-of-available-options>
Examples:
FortiGate # diagnose switch-controller switch-info modules summary
FortiGate # diagnose switch-controller switch-info poe summary
FortiGate # diagnose switch-controller switch-info lldp neighbors-summary
Similarly, there are many other most commonly used CLI outputs with this syntax that can be explored as shown below (note that the switch-info option does not contain all the FortiSwitch CLI commands, for the commands not in this list, it is possible to use the custom-command option discussed in the next section):
FortiGate # diagnose switch-controller switch-info ?
Part 2: custom-command.
For additional diagnostic FortiSwitch CLI commands that are not already available with 'diagnose switch-controller switch-info ?' discussed in the previous section, it is possible to use the custom commands as shown below.
config switch-controller custom-command
Note: FortiGate v7.0 and later is needed for custom-command to show the outputs of all the FortiSwitches in one go. In the older versions, custom-command will require the serial number of FortiSwitch as an argument, one at a time.
Examples:
In the example below with the custom-command option on the FortiGate, we can retrieve the fan and PCB sensor statuses of all the FortiSwitches, then use this output to analyze if any of the FortiSwitches have fan or sensors in Alarm or Bad status, and take remedial actions as necessary.
Fortigate # config switch-controller custom-command
In the example below with the custom-command option on the FortiGate, it is possible to retrieve the PSU statuses of all the FortiSwitches, then use this output to analyze if any of the FortiSwitches have one or both PSUs in Bad state, and take remedial actions as necessary.
Fortigate # config switch-controller custom-command
Note: Before running any diagnostic FortiSwitch CLI command with a custom-command option on the FortiGate, be cautious to verify the syntax of that FortiSwitch CLI and run it directly on a FortiSwitch, and only after confirming it - build the custom command configuration on the FortiGate.
Related documents: Executing custom FortiSwitch scripts Technical Tip: FortiSwitch FAN failure |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.