Log service expiration nearing for Fortinet

Vendor

Fortinet

Description

Indeni will alert when Fortinet log service is about to expire.

Remediation Steps

Renew any log services that need to be renewed.

1. Login via ssh to the Fortinet firewall and execute the FortiOS "get system fortiguard-service status" and "diag autoupdate versions" commands to list current update package versions and license expiry status.

2. Login via https to the Fortinet firewall and go to the menu System > Dashboard > Status to locate the License Information widget. All subscribed services should have a green checkmark, indicating that connections are successful. A gray X indicates that the FortiGate unit cannot connect to the FortiGuard network, or that the FortiGate unit is not registered. A red X indicates that the FortiGate unit was able to connect but that a subscription has expired or has not been activated.

3. Login via https to the Fortinet firewall to view the FortiGuard connection status by going to System > Config > FortiGuard menu.

4. Purchase additional licenses if needed.

5. Consider enabling the alert email setting to the Fortinet firewall in order to receive an alert email prior to FortiGuard license expiration (notification date range: 1 - 100 days). The current alert email status can be provided with the next command: "get alertemail setting". More details can be found at: https://docs.fortinet.com/uploaded/files/2798/fortigate-cli-ref-54.pdf

6. For more information about licensing review the next online article "Setting up FortiGuard services" : http://cookbook.fortinet.com/setting-fortiguard-services-54/

7. If the problem persists, contact Fortinet Technical support at https://support.fortinet.com/ for further assistance.

How does this work?

This script logs in to the Fortigate via SSH and retrieves the remote log service name by using the FortiOS command "get system fortiguard-log-service status". In addition, this FortiOS command returns information about the status of the FortiGuard/FortiCloud Log & Analysis Service including license and disk information.

Why is this important?

This script logs in to the Fortigate via SSH and retrieves the remote log service name by using the FortiOS command "get system fortiguard-log-service status". In addition, this FortiOS command returns information about the status of the FortiGuard/FortiCloud Log & Analysis Service including license and disk information.

Without Indeni how would you find this?

This information can be provided via logging.


View Source Code