Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rezafathi
Contributor II

Created on ‎01-16-2024 04:26 AM

Scheduled Automation

Hi

 

I want to disable and enable fortigate port3 every friday on 09:00 AM. I configured the below snitch, trigger and action but it does not run. what is the problem?

 

config system automation-trigger
    edit "Disable_LTE"
        set trigger-type scheduled
        set trigger-frequency weekly
        set trigger-weekday friday
        set trigger-hour 9
    next
end

 

config system automation-stitch
    edit "Up_Down_LTE"
        set trigger "Disable_LTE"
        config actions
            edit 1
                set action "Disable_LTE_Interface"
                set required enable
            next
            edit 2
                set action "Enable_LTE_Interface"
                set delay 10
                set required enable
            next
        end
    next
end
config system automation-action
    edit "Disable_LTE_Interface"
        set action-type cli-script
        set script "config system interface
edit port3
set status down"
        set accprofile "super_admin"
    next
end
config system automation-action
    edit "Enable_LTE_Interface"
        set action-type cli-script
        set script "config system interface
edit port3
set status up"
        set accprofile "super_admin"
    next
end
Reza F.
Reza F.
Labels:
452
0 Kudos
1 Solution
pminarik
Staff
Staff
In response to rezafathi

Created on ‎01-16-2024 07:07 AM Edited on ‎01-16-2024 07:09 AM

In that case you will most likely also need to prepent the command to enter global config (where interfaces can be edited):

config global
config system interface
...

 

Anyway, try running the CLI debug while triggering the stitch. That may tell you what's wrong.

 

diag debug cli 7
diag debug enable
#=>#run the stitch no
[ corrections always welcome ]

View solution in original post

408
0 Kudos
5 REPLIES 5
AEK
SuperUser
SuperUser

Created on ‎01-16-2024 04:43 AM

Hi Reza

If you have multi vdom then I think you have to start the script by config global.

AEK
AEK
436
pminarik
Staff
Staff

Created on ‎01-16-2024 04:43 AM Edited on ‎01-16-2024 04:44 AM 

set script "config system interface
edit port3
set status down"

 

The CLI snippet is missing a new line with "end" to finish editing and save the change, in both cases.

[ corrections always welcome ]
435
0 Kudos
rezafathi
Contributor II
In response to pminarik

Created on ‎01-16-2024 07:05 AM

Thanks. I have multiple vdoms. I used "end" for both up and down actions but they won't run. I also used config global but again no success.

Reza F.
Reza F.
411
0 Kudos
pminarik
Staff
Staff
In response to rezafathi

Created on ‎01-16-2024 07:07 AM Edited on ‎01-16-2024 07:09 AM

In that case you will most likely also need to prepent the command to enter global config (where interfaces can be edited):

config global
config system interface
...

 

Anyway, try running the CLI debug while triggering the stitch. That may tell you what's wrong.

 

diag debug cli 7
diag debug enable
#=>#run the stitch no
[ corrections always welcome ]
409
0 Kudos
funkylicious
SuperUser
SuperUser

Created on ‎01-16-2024 08:38 AM

Also, make sure that you run this automation script action under a super_admin profile .

geek
geek
390
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.