Download PLink
1. First create a working folder in your root drive. In the illustration below I have named my folder "putty".
2. Then inside the putty folder we will create the following folder structure to store our info.
Devices / Logs / Scripts. Also save your plink.exe file in this root folder.
3. Open your "devices" folder and create a new txt file. Add the interface IPs you will be connecting to via SSH in a single column.
4. Open the "scripts" folder and create a new txt with your commands.
This can be any command that you would be able to run in an SSH session on the Fortigate.
Refer to this post for CLI scripting help.
In this case I have used
get system status | grep Serial-Number
5. Go back to your root folder "putty" and create a new txt file. Save it as "script_FGT.cmd".
In this txt file we will be calling the script to run on your devices list and create a log in our logs folder.
Replace username with your account username and password with the account password.
for /f %%i in (c:\putty\devices\devices.txt) do c:\putty\plink.exe username@%%i -pw password -m c:\putty\scripts\grepserial.txt >> c:\putty\logs\_LOG.txt
6. Finally, open a command prompt and run script_FGT.cmd.
Resources:
http://simple-webdesign.blogspot.com/2011/12/automate-cisco-ssh-connections-with.html [original post]
http://docs.fortinet.com/fgt/techdocs/fortigate-cli.pdf [FortiOS 4.0 CLI ref.]
Please post any questions in the comments section below.
1 comment:
It seems most of this works great. However, the logging doesn't appear to be outputting correctly. My log is usually filled full of "Device# Device# Device(setting) # Device# Device# Device (Setting) # Device#"
so it appears it is trying to log the output, but something isn't quite right. I use this setup to reset the fortianalyzer connections on multiple devices at once. Having a log would be very nice.
Post a Comment