Description | This article describes how to perform an automatic backup of a FortiGate using cronjob on a Linux host. |
Scope | FortiGate. |
Solution |
In this example, it starts with the expect script which will be used to login into FortiGate and take the full-configuration :
#!/usr/bin/expect -f
# define remote Fortigate device and ssh port with username set host "192.168.1.99" set port "22" set user "admin_ro"
spawn ssh "-p $port" "$user\@$host" #comment the line bellow if the device has no vdoms expect " $ " { send "config global\r" } expect " $ " { send "show full-configuration\r" } ###Exit from device expect " $ " { send "exit\r" }
To execute the script once or manually, run the following:
admin_ro@backup_station:~ $ /home/admin_ro/bin/FG_backup.sh >> /home/admin_ro/FG_backups/backupFG-"`date +"%H-%M-%d-%m-%Y"`"
There are 2 options: to run the script /home/admin_ro/bin/FG_backup.sh >> /home/admin_ro/FG_backups/backupFG-"`date +"%H-%M-%d-%m-%Y"`" ‘ directly from crontab or to create a bash which will contain the command above. The difference between running the script directly on the crontab and creating a containing the command that, with Bash script, more flexibility is available and more functionality can be added later.
In this example, crontab will have the following:
14 11 * * * /home/admin_ro/FG_backups/cron_script.sh 14 and 11 refer to the minutes and hour respectively, so the script will be executed every day at 11:14. Where cron_script.sh contains the following :
#!/bin/bash
/home/admin_ro/bin/FG_backup.sh >> /home/admin_ro/FG_backups/backupFG-"`date +"%H-%M-%d-%m-%Y"`"
Every file will have a unique name, such as backupFG-12-36-07-04-2023.
Keep in mind the following:
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.