This article explains how to configure the Automation stitch for Downstream FortiGates while being the part of Security fabric and how to confirm if the configured automation stitch is working as expected or not.
Scope
All.
Solution
Security Fabric disables the privileges of configuring the Automation stitch directly from Downstream Fortigates as shown in the picture below.
Solution:
It is possible to configure the Automation stitch for Downstream Fortigates directly from the Root FortiGate as shown in the picture:
Even after configuring the automation stitch mentioned above, the user would still not be able to see it configured on the GUI of Downstream FortiGate.
One can confirm the Automation stitch info by running the command below on Downstream FortiGate:
di test application autod 2
It is possible to see the Stitch ‘Test’ in the CLI of the Downstream FortiGate and the number of times the stitch was triggered. In this case, the Local hit is shown as 4 meaning that the Automation stitch was triggered 4 times.
To see the output of the Triggered stitch, it is possible to run the autod debugs on Downstream FortiGate as shown below:
If the debug output does not show any output then check the configuration on the Root FortiGate and make sure to select the right Downstream FortiGate.