- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Check Available Firmware Updates From CLI/SSH
Hello, Like the title.
Is it possible to check Available or pending Firmware updates within the CLI via SSH?
If not how can I request such a feature?
eg:
FG-60E # get system status
Version: FortiGate-60E...
Security Level: 1
Firmware Signature: certified
Firmware Upgrade Available: Version 7.4.1
Kind regards,
B
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @bdv ,
If you require this feature, this has to be addresses through a NFR.
A new Feature Requests need to be worked with the Systems Engineer (SE) that covers your territory.
http://www.fortinet.com/aboutus/locations.html
Alternatively it can be done through Regional Sales Partner Channel
http://www.fortinet.com/partners/reseller_locator/locator.html
They can take in your request and submit it to development, but this does not guarantee that the new feature will be implemented, it will depend on the demand or need for the feature.
If you have found a solution, please like and accept it to make it easily accessible for others.
Created on ‎09-29-2023 06:39 PM Edited on ‎09-29-2023 06:39 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There isn't a command that will give you a simple "update available: yes/no" output, but there is a command that will show you a list of images available for download via FortiGuard + individual valid update steps. It roughly matches what you will see offered to you when you use the GUI to download firmware upgrades/downgrades for you:
diag test app forticldd 14
The first part will show you the available images:
# diag test app forticldd 14
There are total 80 images, last update: 80748 secs ago
Image-07004000FIMG0012004001: version:7-4-1b2463-F, release_num=4, build_time=2309020144, type=upgrade
Image-07004000FIMG0012004000: version:7-4-0b2360-F, release_num=4, build_time=2305121006, type=upgrade
Image-07002000FIMG0012002005: version:7-2-5b1517-F, release_num=2, build_time=2306100555, type=upgrade
Image-07002000FIMG0012002003: version:7-2-3b1262-F, release_num=2, build_time=2211122004, type=downgrade
Image-07002000FIMG0012002002: version:7-2-2b1255-F, release_num=2, build_time=2210052007, type=downgrade
There is possible edge-case where an update might be already available for manual download but not yet available though FortiGuard, but most of the time this output should match the real availability of recent new firmware versions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you! This is much closer to the solution I was looking for.
I'll consider putting forward a feature request.
B
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi there,
I've tried running the command which works to receive the version numbers, however when I try to grep the command in order to produce a modified output, grep does not filter the output but still displays the entire command's output. Please see attachment.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @lpg300 ,
I believe it is filtering the output as it is showing only the lines which contain word "downgrade".
What do you expect to see ?
If you have found a solution, please like and accept it to make it easily accessible for others.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @dbu,
I screenshotted just the first few lines as it displays the entire output, I've changed the grep text. See attached.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No need to grep. Kindly note that "diag test forticldd 14" (as posted by @pminarik) does list possible downgrades, but then list upgrades as "Upgrade matrix" .. Similarly to diagnose fdsm posted by @carlosaleman .
Sample from FortiOS 7.2.4:
... cut ...
2023-10-13 08:28:57 Image-05004000FIMG0019104009: version:5-4-9b1202-, release_num=0, build_time=1805152027, type=downgrade
2023-10-13 08:28:57 Image-05004000FIMG0019104008: version:5-4-8b1183-, release_num=0, build_time=1801190557, type=downgrade
2023-10-13 08:28:57 Image-05004000FIMG0019104007: version:5-4-7b1167-, release_num=0, build_time=1712120207, type=downgrade
2023-10-13 08:28:57
Upgrade matrix:
v7.4.0.b2360 -> v7.4.1.b2463 (id:07004000FIMG0019104001)
v7.2.6.b1575 -> v7.4.1.b2463 (id:07004000FIMG0019104001)
v7.2.5.b1517 -> v7.4.1.b2463 (id:07004000FIMG0019104001)
v7.2.5.b1517 -> v7.4.0.b2360 (id:07004000FIMG0019104000)
v7.2.5.b1517 -> v7.2.6.b1575 (id:07002000FIMG0019102006)
... cut ...
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The answer is simple but not very satisfactory: Some commands just don't support filtering by grep.
