How can we help?

How do I monitor a FortiSwitch in FortiLink mode

Follow

Auvik can gather details for your FortiSwitches that are running in FortiLink mode and cannot be reached by the Auvik collector from your FortiGate. To monitor a FortiSwitch in FortiLink mode, you’ll need to add FortiOS REST API credentials to allow Auvik to gather the data from the FortiGate. This functionality is supported for FortiOS versions 6.0.0 and newer.

Datapoints Auvik will pull through the Fortilink API for Switches include:

  • Model
  • Hostname
  • IP address
  • Serial number
  • OS version
  • Up/Down status
  • Uptime
  • MAC forwarding table
  • Peer interface
  • VLAN
  • Interface Name
  • Interface Type
  • MAC address
  • Interface Status
  • Interface Speed
  • In/out octets
  • In/out unicast
  • In/out broadcast
  • In/out multicast
  • In/out errors
  • In/out discards

As well, Auvik can also pull LLDP data through the Firewall CLI if the login is enabled.

To use the FortiOS REST API credentials, you’ll need to do the following:

How to generate an API token

Create an admin profile

    1. Log into the FortiGate UI.
    2. Navigate to System > Admin Profiles.
    3. Click Create New.
    4. Enter a name (as desired).
    5. Set the access permissions as follows (see screenshot below for details):
      1. Firewall to Custom > Address to Read
      2. Network to Custom > Configuration and Router to Read
      3. System to Custom > Configuration to Read
      4. WiFi & Switch to Read
    6. Click OK.

image1.png

 

Create a REST API admin

    1. Log into FortiGate.
    2. Navigate to System > Administrators.
    3. Click Create New > REST API Admin.
    4. Enter a username (as desired).
    5. Select the admin profile from above.
    6. Disable the PKI Group.
    7. CORS Allow Origin is not required if the Auvik collector is on the local network.
    8. Set the trusted hosts to A.B.C.D/0 where A.B.C.D is the IP address of the Auvik collector.
    9. Click OK.
    10. Copy the API token. It cannot be retrieved later.
    11. Click Close.

Reference:

https://fndn.fortinet.net/index.php?/fortiapi/1-fortios/92/ 

How to add API credentials

Screenshot 2024-05-10 at 10.15.33 AM.png

  1. Click Discovery in the side navigation bar
  2. Click the Manage Credentials tab
  3. Click the Device API Credentials tab
  4. Hover over the Add Device API Credentials button and choose Fortinet
  5. In Auvik, fill in the following detail:
    • Name - a name or description for use in Auvik only
    • Device - the device name that the API key is for
    • API Key (from above)
    • Port - the port that the API/HTTP service is running
  6. Click Test Connection to confirm your settings are accurate
  7. Click Save
Was this article helpful?
10 out of 19 found this helpful
Have more questions? Submit a request