Hi guys, i am trying to configure our Fortigates to send scheduled backups to Azure blob storage, but with no success.
I've set up a blob containers and a webhook on Forti side, but keep recieving this error when triggering the automation:
auto_curl_perform()-107: Curl perform error:22 - HTTP response code said error.
__action_webhook_status()-150: Failed to perform curl for url:https://....... ( URL to my containers)
Here is my webhook action:
---------------------------------------------------------------------------------------------------
config system automation-action
edit "HTTP-to-azure"
set action-type webhook
set protocol https
set method put
set uri "<HIDDEN>.blob.core.windows.net/<HIDDEN>"
set http-body "%%results%%"
set port 443
config http-headers
edit 4
set key "Content-Type"
set value "text/plain"
next
end
set verify-host-cert disable
next
end
----------------------------------------------------------------------------------------------
I am pretty sure that my Azure configuration is working, because from Azure explorer app , when connecting to blob container using the same link as on the Forti side, i can upload and see files.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @gllgeorgiev92 ,
You can use Sftp backup instead of webhook. I think, this way more easier.
You can read these articles, Azure blob storage sftp support and how to configure automated backup on FortiGate.
https://learn.microsoft.com/en-us/azure/storage/blobs/secure-file-transfer-protocol-support
Thank you @ozkanaltas , i am aware of the SFTP backup solution, but it is the more cost expensive way ( SFTP is charged on hour basis)
Created on 04-09-2024 01:43 AM Edited on 04-09-2024 01:45 AM
Hello @gllgeorgiev92 ,
I understand your concern.
I found one article similar to your error. I think this is related to the http-body side.
Thank you, i saw this article and double check it - seems like we don't have this double back slash issue:
set http-body "%%results%%"
Hi @gllgeorgiev92 ,
can you run these debugs and share output:
diagnose test application autod 1
diag deb console timestamp enable
di deb en
diagnose automation test <automation-stitch-name>
The stitch is created with Local Cert Expired Notification as a trigger ( just to be able to Test it manually), but the action is as my first post's configuration. This is the result:
2024-04-09 17:08:15 auto_generate_generic_curl_request()-548: Generic automation CURL request Host header: <my hidden storage>.blob.core.windows.net
2024-04-09 17:08:15 auto_generate_generic_curl_request()-551: Adding 2 user defined headers
2024-04-09 17:08:18 auto_curl_perform()-107: Curl perform error:22 - HTTP response code said error.
2024-04-09 17:08:18 __action_webhook_status()-150: Failed to perform curl for url:https://<my hidden storage>.blob.core.windows.net/forti2?sp=racwdli&st=2024-04-09T08:16:14Z&se=2024-04-25T16:16:14Z&spr=https&sv=2022-11-02&sr=c&sig=GLcj5yrfhKCAvFhjvM51PluRqgg54nAOAgDc61HiNY30%3D.
2024-04-09 17:08:18 __run_action()-298: Error when running service for stitch:Test-to-azure action:HTTP-to-azure.
I managed to upload it with this settings:
onfig system automation-action
edit "HTTP-to-azure"
set action-type webhook
set minimum-interval 20
set protocol https
set method put
set uri "<hidden>.blob.core.windows.net/<hidden>/fortibackup66?sp=racwdli&st=2024-04-09T14:34:50Z&se=2024-04-09T22:34:50Z&spr=https&sv=2022-11-02&sr=c&sig=111111111111vOgcEMFzBgZ1XFtLo%2BM3MLlpdc%3D"
set http-body "%%results%%"
set port 443
config http-headers
edit 4
set key "Content-Type"
set value "text/plain"
next
edit 3
set key "x-ms-version"
set value "2020-10-02"
next
edit 5
set key "x-ms-blob-type"
set value "BlockBlob"
but obviously the fortigate is not allowing to upload files bigger than 16kb... which is not enough for full-config
is there a solution to increase the file size larger than 16kb
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1679 | |
1085 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.