Description
This article describes how to create the script and how to execute it automatically.
Scope
FortiManager.
Solution
- Configure the following CLI settings.
FMG # config system admin setting
(setting) set show_schedule_script enable
(setting) set show_automatic_script enable
(setting) set show_tcl_script enable
(setting) end
- Navigate from Device manager -> scripts -> CLI/TCL script and select 'Create new'.
- Create a TCL script as shown in the screenshot, using the following script text.
#!
set systemTime [clock seconds]
proc do_cmd {cmd} {
puts [exec "$cmd\n" "# " 15]
}
set num_config 1
do_cmd "config vdom"
do_cmd "edit root"
for {set i 1} {$i <= $num_config} {incr i} {
set config [format "cfg%04d" $i]
puts "The time is: [clock format $systemTime -format %H:%M:%S]"
puts "Backup_config: $systemTime config"
do_cmd "exe backup config ftp $systemTime <FTP_IP> guest '' "
}
do_cmd "end"
set systemTime [clock seconds]
proc get_sys_status aname {
upvar $aname a
puts [exec "#This is an example Tcl script to get the system status of the FortiGate\n" "# " 15 ]
set input [exec "get system status\n" "# " 15 ]
# puts $input
set linelist [split $input \n]
# puts $linelist
foreach line $linelist {
if {![regexp {([^:]+):(.*)} $line dummy key value]} continue
switch -regexp -- $key {
Version {
regexp {FortiGate-([^ ]+) ([^,]+),build([\d]+),.*} $value dummy a(platform) a(version) a(build)
}
Serial-Number {
set a(serial-number) [string trim $value]
}
Hostname {
set a(hostname) [string trim $value]
} }
}
}
get_sys_status status
puts "This machine is a $status(platform) platform."
puts "It is running version $status(version) of FortiOS."
puts "The firmware is build# $status(build)."
puts "S/N: $status(serial-number)"
puts "This machine is called $status(hostname)"
puts "Backup_config: $systemTime config"
proc do_cmd {cmd} {
puts [exec "$cmd\n" "# " 15]
}
set num_config 1
for {set i 1} {$i <= $num_config} {incr i} {
set config [format "cfg%04d" $i]
puts "The time is: [clock format $systemTime -format %H:%M:%S]"
do_cmd "exe backup config ftp $status(hostname)$systemTime a.b.c.d admin password"
}
do_cmd "end"This is the result of the script when running.
This machine is a 60E-POE platform.
It is running version v6.4.2 of FortiOS.
The firmware is build# 1723.
S/N: FG60EPTK1-----7
This machine is called Freebox-FortiGate-60E-POE
Backup_config: 1600764484 config
The time is: 1600764484
exe backup config ftp Freebox-FortiGate-60E-POE1600-----4 a.b.c.d admin password
Please wait...
- Select the script name created, choose Schedule Script, and choose the specific time to execute.
On FortiGate:
diag de app fgfm 255
diag de console tim en
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
If you see the following error msg when running TCL script, that usually indicates password issue. Please refer to the article below for solution.
Script $NameoftheScript executed on $NameoftheDevice failed. Reason: Run script fail