Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update to fortinet_get_system_status template. #1554

Merged
merged 5 commits into from
Feb 8, 2024
Merged

Update to fortinet_get_system_status template. #1554

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
9ea2fff
Update to fortinet_get_system_status template.
zickster Oct 27, 2023
21ff91d
Merge branch 'networktocode:master' into master
zickster Oct 27, 2023
856b6ac
Fixed Lint Issue
zickster Nov 13, 2023
62104df
Merge branch 'master' of https://github.com/zickster/ntc-templates
zickster Nov 13, 2023
96ce947
Fixed Yamllint issue
zickster Nov 14, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions ntc_templates/templates/fortinet_get_system_status.textfsm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,20 +9,28 @@
# CLUSTER MODE: AP
# VDOMS : ENABLED
#
# 2023-10-25: Update for 7.4 by Sebastian
# 2022-11-27: Update for 7.0 by Klaus
#
Value Required HOSTNAME (\S+)
Value VERSION (.*)
Value SECURITYLEVEL (.*)
Value SIGNATURE (.*)
Value VIRUS_DB (.*)
Value EXTENDED_DB (.*)
Value EXTREME_DB (.*)
Value IPS_DB (.*)
Value IPS_ETDB (.*)
Value APP_DB (.*)
Value FMWP_DB (.*)
Value INDUSTRIAL_DB (.*)
Value SERIAL_NUMBER (\S+)
Value IPS_MALICIOUS_URL_DATABASE (.*)
Value IOT_DETECT (.*)
Value OT_DETECT_DB (.*)
Value OT_PATCH_DB (.*)
Value OT_THREAT_DB (.*)
Value IPS_ENGINE (.*)
Value BOTNET_DB (.*)
Value BIOS_VERSION (\S+)
Value SYSTEM_PART_NUMBER (\S+)
Expand All @@ -46,6 +54,7 @@ Value LAST_REBOOT_REASON (.+)

Start
^Version:\s+${VERSION}
^Security Level:\s+${SECURITYLEVEL}
^Firmware Signature:\s+${SIGNATURE}
^Virus-DB:\s+${VIRUS_DB}
^Extended\s+DB:\s+${EXTENDED_DB}
Expand All @@ -54,9 +63,15 @@ Start
^IPS-DB:\s+${IPS_DB}
^IPS-ETDB:\s+${IPS_ETDB}
^APP-DB:\s+${APP_DB}
^FMWP-DB:\s+${APP_DB}
^INDUSTRIAL-DB:\s+${INDUSTRIAL_DB}
^Serial-Number:\s+${SERIAL_NUMBER}
^IPS\s+Malicious\s+URL\s+Database:\s+${IPS_MALICIOUS_URL_DATABASE}
^IoT-Detect:\s+${APP_DB}
^OT-Detect-DB:\s+${APP_DB}
^OT-Patch-DB:\s+${APP_DB}
^OT-Threat-DB:\s+${APP_DB}
^IPS-Engine:\s+${APP_DB}
^Botnet\s+DB:\s+${BOTNET_DB}
^BIOS\s+version:\s+${BIOS_VERSION}
^System\s+Part-Number:\s+${SYSTEM_PART_NUMBER}
Expand Down
33 changes: 33 additions & 0 deletions tests/fortinet/get_system_status/fortinet_get_system_status_7.4.raw
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
Version: FortiGate-60E-POE v7.4.1,build2463,230830 (GA.F)
Security Level: 1
Firmware Signature: certified
Virus-DB: 1.00000(2018-04-09 18:07)
Extended DB: 1.00000(2018-04-09 18:07)
AV AI/ML Model: 0.00000(2001-01-01 00:00)
IPS-DB: 6.00741(2015-12-01 02:30)
IPS-ETDB: 0.00000(2001-01-01 00:00)
APP-DB: 25.00666(2023-10-26 00:30)
FMWP-DB: 23.00107(2023-10-25 16:54)
IPS Malicious URL Database: 1.00001(2015-01-01 01:01)
IoT-Detect: 0.00000(2022-08-17 17:31)
OT-Detect-DB: 0.00000(2001-01-01 00:00)
OT-Patch-DB: 0.00000(2001-01-01 00:00)
OT-Threat-DB: 6.00741(2015-12-01 02:30)
IPS-Engine: 7.00509(2023-08-10 23:09)
Serial-Number: FG60EPTK19010019
BIOS version: 05000015
System Part-Number: P21035-02
Log hard disk: Not available
Hostname: PSS0-FWH-1-1
Private Encryption: Disable
Operation Mode: NAT
Current virtual domain: root
Max number of virtual domains: 10
Virtual domains status: 1 in NAT mode, 0 in TP mode
Virtual domain configuration: disable
FIPS-CC mode: disable
Current HA mode: standalone
Branch point: 2463
Release Version Information: GA
System time: Thu Oct 26 17:35:21 2023
Last reboot reason: warm reboot
41 changes: 41 additions & 0 deletions tests/fortinet/get_system_status/fortinet_get_system_status_7.4.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
---
parsed_sample:
- hostname: "fw1"
version: "FortiGate-60E-POE v7.4.1,build2463,230830 (GA.F)"
security_level: "1"
signature: "certified"
virus_db: "90.02571(2022-05-23 20:26)"
extended_db: "90.02571(2022-05-23 20:26)"
extreme_db: ""
ips_db: "22.00446(2022-11-24 01:49)"
ips_etdb: "0.00000(2001-01-01 00:00)"
app_db: "22.00444(2022-11-22 02:49)"
fmwp_db: "23.00107(2023-10-25 16:54)"
iot_detect: "0.00000(2022-08-17 17:31)"
ot_detect_db: "0.00000(2001-01-01 00:00)"
ot_patch_db: "0.00000(2001-01-01 00:00)"
ot_threat_db: "6.00741(2015-12-01 02:30)"
ips_engine: "7.00509(2023-08-10 23:09)"
industrial_db: "6.00741(2015-12-01 02:30)"
serial_number: "FGT60xxxxxxxxxxx"
ips_malicious_url_database: "4.00542(2022-11-26 11:33)"
botnet_db: ""
bios_version: "05000009"
system_part_number: "P24286-03"
log_hard_disk: "Not"
private_encryption: "Disable"
operation_mode: "NAT"
current_virtual_domain: "root"
max_number_of_virtual_domains: "10"
virtual_domains_status: "1 in NAT mode, 0 in TP mode"
virtual_domain_configuration: "disable"
fips_cc_mode: "disable"
current_ha_mode: "standalone"
cluster_uptime: ""
cluster_state_change_time: ""
branch_point: "0367"
release_version_information: "GA"
fortios_x86_64: ""
system_time: "Sun Nov 27 00:26:34 2022"
last_reboot_reason: "warm reboot"
av_ai_ml_model: "2.05720(2022-05-23 11:45)"