Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
gllgeorgiev92
New Contributor

Created on ‎04-09-2024 01:04 AM

Forti backups to Azure blob

Hi guys, i am trying to configure our Fortigates to send scheduled backups to Azure blob storage, but with no success.
I've set up a blob containers and a webhook on Forti side, but keep recieving this error when triggering the automation:
auto_curl_perform()-107: Curl perform error:22 - HTTP response code said error.
__action_webhook_status()-150: Failed to perform curl for url:https://....... ( URL to my containers)

Here is my webhook action:
---------------------------------------------------------------------------------------------------
config system automation-action
edit "HTTP-to-azure"
set action-type webhook
set protocol https
set method put
set uri "<HIDDEN>.blob.core.windows.net/<HIDDEN>"
set http-body "%%results%%"
set port 443
config http-headers
edit 4
set key "Content-Type"
set value "text/plain"
next
end
set verify-host-cert disable
next
end

----------------------------------------------------------------------------------------------

I am pretty sure that my Azure configuration is working, because from Azure explorer app , when connecting to blob container using the same link as on the Forti side, i can upload and see files.

Labels:
1949
0 Kudos
8 REPLIES 8
ozkanaltas
Valued Contributor III

Created on ‎04-09-2024 01:14 AM

Hello @gllgeorgiev92 ,

 

You can use Sftp backup instead of webhook. I think, this way more easier.  

 

You can read these articles, Azure blob storage sftp support and how to configure automated backup on FortiGate. 

 

https://learn.microsoft.com/en-us/azure/storage/blobs/secure-file-transfer-protocol-support

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-send-automated-backups-of-the-confi...

 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
1943
gllgeorgiev92
New Contributor

Created on ‎04-09-2024 01:36 AM

Thank you @ozkanaltas , i  am aware of the SFTP backup solution, but it is the more cost expensive way ( SFTP is charged on hour basis)

1937
0 Kudos
ozkanaltas
Valued Contributor III
In response to gllgeorgiev92

Created on ‎04-09-2024 01:43 AM Edited on ‎04-09-2024 01:45 AM

Hello @gllgeorgiev92 ,

 

I understand your concern. 

 

I found one article similar to your error. I think this is related to the http-body side. 

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Curl-perform-error-22-with-Microsoft-Teams...

 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
1932
gllgeorgiev92
New Contributor

Created on ‎04-09-2024 02:49 AM

Thank you, i saw this article and double check it - seems like we don't have this double back slash issue:

 

set http-body "%%results%%"

1905
0 Kudos
dbhavsar
Staff
Staff

Created on ‎04-09-2024 05:55 AM

Hi @gllgeorgiev92 ,

 

can you run these debugs and share output:
diagnose test application autod 1
diag deb console timestamp enable
di deb en

diagnose automation test <automation-stitch-name>

 

DNB
1881
0 Kudos
gllgeorgiev92
New Contributor

Created on ‎04-09-2024 07:11 AM

The stitch is created with Local Cert Expired Notification as a trigger ( just to be able to Test it manually), but the action is as my first post's configuration. This is the result:

2024-04-09 17:08:15 auto_generate_generic_curl_request()-548: Generic automation CURL request Host header: <my hidden storage>.blob.core.windows.net
2024-04-09 17:08:15 auto_generate_generic_curl_request()-551: Adding 2 user defined headers
2024-04-09 17:08:18 auto_curl_perform()-107: Curl perform error:22 - HTTP response code said error.
2024-04-09 17:08:18 __action_webhook_status()-150: Failed to perform curl for url:https://<my hidden storage>.blob.core.windows.net/forti2?sp=racwdli&st=2024-04-09T08:16:14Z&se=2024-04-25T16:16:14Z&spr=https&sv=2022-11-02&sr=c&sig=GLcj5yrfhKCAvFhjvM51PluRqgg54nAOAgDc61HiNY30%3D.
2024-04-09 17:08:18 __run_action()-298: Error when running service for stitch:Test-to-azure action:HTTP-to-azure.

1873
0 Kudos
gllgeorgiev92
New Contributor

Created on ‎04-09-2024 08:11 AM

 I managed to upload it with this settings:

onfig system automation-action
edit "HTTP-to-azure"
set action-type webhook
set minimum-interval 20
set protocol https
set method put
set uri "<hidden>.blob.core.windows.net/<hidden>/fortibackup66?sp=racwdli&st=2024-04-09T14:34:50Z&se=2024-04-09T22:34:50Z&spr=https&sv=2022-11-02&sr=c&sig=111111111111vOgcEMFzBgZ1XFtLo%2BM3MLlpdc%3D"
set http-body "%%results%%"
set port 443
config http-headers
edit 4
set key "Content-Type"
set value "text/plain"
next
edit 3
set key "x-ms-version"
set value "2020-10-02"
next
edit 5
set key "x-ms-blob-type"
set value "BlockBlob"


but obviously the fortigate is not allowing to upload files bigger than 16kb... which is not enough for full-config

1868
0 Kudos
satishkumarganta
New Contributor
In response to gllgeorgiev92

Created on ‎11-28-2024 10:55 PM

is there a solution to increase the file size larger than 16kb

703
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.