Description
This article describes how to run a monitor script remotely again FortiGate for troubleshooting info collection.
This is useful to collect info for some intermittent issue which occurs randomly such as CPU or memory spike.
Useful links:
https://ttssh2.osdn.jp/manual/en/macro/command/index.html
Solution
Attached the monitoring script(Monitoring_Script_example.ttl) in this KB.
There are many SSH tools which can be used, but in this example Teraterm will be used to run the monitoring script.
Here the steps to use the monitoring script with Teraterm:
1) Install the TeraTerm latest version in the monitoring PC.
Follow below link to download:
https://download.cnet.com/Tera-Term/3000-2094_4-75766675.html
2) Open script with notepad and change x.x.x.x to FortiGate IP and put correct username (password will prompt when script run).
username = 'admin'
hostname = 'x.x.x.x'
3) Change the directory where log files will be saved, by default this is saved to 'C:\Logs\'.
Create 'Logs' folder, and have permission to access it.
changedir 'c:\Logs'
4) Run the script (Monitoring_Script.TTL file attached) by selecting the file and open with ttpmacro.exe.
5) If the script get logout automatically, adjust the login timeout period following this command:
# config system global
set admin-ssh-grace-time <number_of_seconds> <<max 3600 seconds
end
6) The parameters or command in the script can be adjusted.
Example:
Pause: means time in seconds to wait before execute next command.
Sendln ‘ ’: send in the command to be executed in the FortiOS.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.