Skip to main content
Question

Request for all firewalls, verifying NTP, DNS, and FortiGuard configurations.

  • October 15, 2024
  • 9 replies
  • 115 views
  • Translate

Forum|alt.badge.img

Hi Team,

 

Can you help to get all the details verifying NTP/DNS and Fortiguard configuratioins ?

9 replies

Forum|alt.badge.img
  • Employee
  • 24 replies
  • October 15, 2024

Hi Varun,

have you tried the Config search NQE?

You can find it under:

NQE → Library → Forward Library → Devices → “Config Search”

In the NQE click the “Parameters” button

then in the options fill in your config patters you are looking for and click “save”

 

Once save execute the NQE

Please provide feedback if that solved your question.

Vladi

Translate

RobertWelch
Employee
Forum|alt.badge.img
  • Employee
  • 14 replies
  • October 15, 2024

@VarunS  - A custom CLI is apparently needed since “show system dns” nor “show system ntp” are standard command Collected during the Snapshot.  See the FN Documentation for the CLI commands gathered per device.  Do you know how to do this?  There are quite a few examples in the Community.   Here is one example for A10 Load Balancers:
 

Feel free to reply if you’d like us to mock something up for you.

Translate

Forum|alt.badge.img
  • Author
  • 12 replies
  • October 16, 2024

@RobertWelch @Vladi B 

Not fruitful, I need this output in table form so that others can use it as per their requirement.

Translate

Forum|alt.badge.img
  • Employee
  • 24 replies
  • October 16, 2024

@VarunS Can you be more specific what the output format you are looking for?

Also a sample of the commands you are looking for would be helpful.

Translate

Forum|alt.badge.img
  • Author
  • 12 replies
  • October 16, 2024

@Vladi B - I have pasted the query privately assuming that pasting whole query here is not a good idea.  Can you please help on that query ?

 

Translate

Forum|alt.badge.img
  • Employee
  • 24 replies
  • October 16, 2024

Hi Varun,

As discussed, for Fortinet you have to run external commands to collect the DNS condiguration. The reasons is that those settings are not part of the Fortinet config.

Here an example how to create parsed for Cisco IOS and ASA devices:

 

//Here is the definition for the config patterns for DNS server configuration for IOS and ASA devices

ciscodnspattern=
```
ip name-server {dnsservers:string*}
```;
ciscoasapattern=
```
dns server-group
 name-server {dnsservers:string*}
```;

//Here is the query

foreach device in network.devices

//following section is used to apply different config patterns depending on device OS type
let ospattern = if device.platform.os == OS.IOS then ciscodnspattern
                else if device.platform.os == OS.IOS_XE then ciscodnspattern
                else if device.platform.os == OS.IOS_XR then ciscodnspattern
                else if device.platform.os == OS.ASA then ciscoasapattern
                else ciscodnspattern

let matchData = blockMatches(device.files.config, ospattern)//parses the config against OS specific pattern

foreach line in matchData

select{ 
    device_Name: device.name,
    device_type: device.platform.deviceType,
    device_OS: device.platform.os,
    test: (foreach test in line.data select test.dnsservers )
}

I hope this helps.

For the NTP section, just you can run the same NQE with adapted config pattern for NTP

 

hope it helps

Vladi

Translate

Forum|alt.badge.img+2

i am using the below query to get the information ,

 

//Here is the definition for the config patterns for DNS server configuration for IOS and ASA devices

 

ciscontppattern=

```

ntp server {ntpservers:string*}

 

```;

 

//Here is the query

 

foreach device in network.devices


 

//following section is used to apply different config patterns depending on device OS type

let vendorpattern = if device.platform.vendor == Vendor.CISCO then ciscontppattern

                    else ciscontppattern

 

let matchData = blockMatches(device.files.config, vendorpattern)//parses the config against OS specific pattern


 

foreach line in matchData

let platform = device.platform

 

select{

    device_Name: device.name,

    device_type: device.platform.deviceType,

    Vendor: device.platform.vendor,

    NTP_Server: (foreach test in line.data select test.ntpservers )

}
============================================================================================================================================================================================================================================

but the output for NTP Server colum contain more infomation ,i need just IP Details.

 

when i try to use the match.data.ntpserver , i am getting errror , can you please have a look on this ?

Translate

Forum|alt.badge.img+2

@Vladi B  your assistance is required

Translate

Forum|alt.badge.img
  • Employee
  • 24 replies
  • October 28, 2024

Rohit,

Cisco uses one line per NTP Servers.

You can use this query and pattern.

ciscontppattern=
```
ntp server {ntpservers:string}
```;

foreach device in network.devices

let matchData = blockMatches(device.files.config, ciscontppattern)

foreach line in matchData
let platform = device.platform

select{
    device_Name: device.name,
    device_type: device.platform.deviceType,
    Vendor: device.platform.vendor,
    NTP_Server: line.data.ntpservers 
}

 

Translate

Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings