FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Jackie_T
Staff
Staff

Description


This article describes how to run a monitor script remotely again FortiGate for troubleshooting info collection.
This is useful to collect info for some intermittent issue which occurs randomly such as CPU or memory spike.

Useful links:
https://ttssh2.osdn.jp/manual/en/macro/command/index.html

Solution


Attached the monitoring script(Monitoring_Script_example.ttl) in this KB.
There are many SSH tools which can be used, but in this example Teraterm will be used to run the monitoring script.
Here the steps to use the monitoring script with Teraterm:

1) Install the TeraTerm latest version in the monitoring PC.

Follow below link to download:

https://download.cnet.com/Tera-Term/3000-2094_4-75766675.html

2) Open script with notepad and change x.x.x.x to FortiGate IP and put correct username (password will prompt when script run).

      username = 'admin'
      hostname = 'x.x.x.x'


3) Change the directory where log files will be saved, by default  this is saved to 'C:\Logs\'.
Create 'Logs' folder, and have permission to access it.

     changedir 'c:\Logs'

4) Run the script (Monitoring_Script.TTL file attached) by selecting the file and open with ttpmacro.exe.

5) If the script get logout automatically, adjust the login timeout period following this command:

# config system global
    set admin-ssh-grace-time <number_of_seconds> <<max 3600 seconds
end

6) The parameters or command in the script can be adjusted.

Example:
Pause: means time in seconds to wait before execute next command.
Sendln ‘ ’: send in the command to be executed in the FortiOS.