Skip to Content

How to Manually Reload an External Threat Feed

By: Author Alex Lim

Posted on

Categories Troubleshooting

This article describes how to manually reload external threat feeds for troubleshooting or test purposes.

Scope

FortiGate.

Solution

When working with external threat feeds, manually reloading the contents of the feed may be required for the following reasons:

  1. To immediately update the feed with the newest information.
  2. For troubleshooting purposes when dealing with issues related to HTTP authentication or similar.

To accomplish this, the following CLI command can be used:

diag test app forticron 8

For verification of the reload, navigate to Security Fabric > External Connectors and refer to this element on the FortiGate GUI:

For verification of the reload, navigate to Security Fabric, External Connectors and refer to this element on the FortiGate GUI.

After running the ‘diag test app forticron 8’ command:

Other diagnostics commands that may be useful include the following:

Start the Forticron application debug:

diag debug reset
diag debug app forticron -1
diag debug enable

Dump external threat feed object values:

diag test app forticron 7

Check threat feed object cache:

diag test app miglogd 50