Documentation

Log extends FortiOSAPI

FortiOS API Log

Tags
link

Fortinet developer ressource center.

Table of Contents

$config  : Config
$session_key  : string
$transaction  : int|null
$config  : Config
$session_key  : string
$transaction  : mixed
__construct()  : mixed
Constructor takes care of checking and registering firewall's data and login to the API
__destruct()  : mixed
Destructor takes care of logout.
abortTransaction()  : bool
Abort a transaction (rollback operations).
addSearchAbort()  : stdClass
Abort a running log search session.
commitTransaction()  : bool
Commit a transaction (apply operations).
getAllDiskVirusArchive()  : stdClass
Return a description of the quarantined virus file.
getAllFortianalyzerVirusArchive()  : stdClass
Return a description of the quarantined virus file.
getAllForticloudVirusArchive()  : stdClass
Return a description of the quarantined virus file.
getAllMemoryVirusArchive()  : stdClass
Return a description of the quarantined virus file.
getDisk()  : stdClass
Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
getDiskArchive()  : stdClass
Return a list of archived items for the desired type. :type can be app-ctrl or ips
getDiskArchiveDownload()  : stdClass
Download an archived file.
getDiskEvent()  : stdClass
Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
getDiskEventRaw()  : stdClass
Log data for the given log type in raw format.
getDiskRaw()  : stdClass
Log data for the given log type in raw format.
getDiskTraffic()  : stdClass
Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
getDiskTrafficRaw()  : stdClass
Log data for the given log type in raw format.
getFortianalyzer()  : stdClass
Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
getFortianalyzerArchive()  : stdClass
Return a list of archived items for the desired type. :type can be app-ctrl or ips
getFortianalyzerArchiveDownload()  : stdClass
Download an archived file.
getFortianalyzerEvent()  : stdClass
Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
getFortianalyzerEventRaw()  : stdClass
Log data for the given log type in raw format.
getFortianalyzerRaw()  : stdClass
Log data for the given log type in raw format.
getFortianalyzerTraffic()  : stdClass
Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
getFortianalyzerTrafficRaw()  : stdClass
Log data for the given log type in raw format.
getForticloud()  : stdClass
Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
getForticloudArchive()  : stdClass
Return a list of archived items for the desired type. :type can be app-ctrl or ips
getForticloudArchiveDownload()  : stdClass
Download an archived file.
getForticloudEvent()  : stdClass
Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
getForticloudEventRaw()  : stdClass
Log data for the given log type in raw format.
getForticloudRaw()  : stdClass
Log data for the given log type in raw format.
getForticloudTraffic()  : stdClass
Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
getForticloudTrafficRaw()  : stdClass
Log data for the given log type in raw format.
getMemory()  : stdClass
Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
getMemoryArchive()  : stdClass
Return a list of archived items for the desired type. :type can be app-ctrl or ips
getMemoryArchiveDownload()  : stdClass
Download an archived file.
getMemoryEvent()  : stdClass
Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
getMemoryEventRaw()  : stdClass
Log data for the given log type in raw format.
getMemoryRaw()  : stdClass
Log data for the given log type in raw format.
getMemoryTraffic()  : stdClass
Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.
getMemoryTrafficRaw()  : stdClass
Log data for the given log type in raw format.
listTransactions()  : bool
List all transactions.
startTransaction()  : bool
Start a transaction (Warning : Fortinet says all tables are not supported but do not indicate which one exactly).
curlRequest()  : stdClass
Method to request the firewall's API.
httpBuildCustomQuery()  : string
Function used to build a query with params but following fortigate satndards.
login()  : bool
Login in the firewall.
logout()  : Return
Logout from the firewall.

Properties

$session_key

public string $session_key

Authentication token kept in cache.

$transaction

public int|null $transaction

Ongoning transaction ID. WARNING : When going through the method prepareRequestData(), all upper case letter in function parameter name will be replaced by '-' and ;brought down to lower case. If you modify or add new endpoints replace all '-' in parameter name by the next letter in uppercase.

Methods

__construct()

Constructor takes care of checking and registering firewall's data and login to the API

public __construct(Config $config) : mixed
Parameters
$config : Config

Object containing all necessary configuration.

Return values
mixed

__destruct()

Destructor takes care of logout.

public __destruct() : mixed
Return values
mixed

abortTransaction()

Abort a transaction (rollback operations).

public abortTransaction([string|null $vdom = null ]) : bool
Parameters
$vdom : string|null = null

Specify the Virtual Domain from which results are returned or changes are applied to. If this parameter is not provided, the management VDOM will be used. If the admin does not have access to the VDOM, a permission error will be returned.

Return values
bool

Return TRUE on success and FALSE on failure.

addSearchAbort()

Abort a running log search session.

public addSearchAbort( $session_id) : stdClass
Parameters
$session_id :

Provide the session ID for the request

Tags
route

POST /search/abort/{session_id}

Return values
stdClass

Return the firewall's response as an object.

commitTransaction()

Commit a transaction (apply operations).

public commitTransaction([string|null $vdom = null ]) : bool
Parameters
$vdom : string|null = null

Specify the Virtual Domain from which results are returned or changes are applied to. If this parameter is not provided, the management VDOM will be used. If the admin does not have access to the VDOM, a permission error will be returned.

Return values
bool

Return TRUE on success and FALSE on failure.

getAllDiskVirusArchive()

Return a description of the quarantined virus file.

public getAllDiskVirusArchive([ $mkey = null ]) : stdClass
Parameters
$mkey : = null

checksum column from the virus log.

Tags
route

GET /disk/virus/archive

Return values
stdClass

Return the firewall's response as an object.

getAllFortianalyzerVirusArchive()

Return a description of the quarantined virus file.

public getAllFortianalyzerVirusArchive([ $mkey = null ]) : stdClass
Parameters
$mkey : = null

checksum column from the virus log.

Tags
route

GET /fortianalyzer/virus/archive

Return values
stdClass

Return the firewall's response as an object.

getAllForticloudVirusArchive()

Return a description of the quarantined virus file.

public getAllForticloudVirusArchive([ $mkey = null ]) : stdClass
Parameters
$mkey : = null

checksum column from the virus log.

Tags
route

GET /forticloud/virus/archive

Return values
stdClass

Return the firewall's response as an object.

getAllMemoryVirusArchive()

Return a description of the quarantined virus file.

public getAllMemoryVirusArchive([ $mkey = null ]) : stdClass
Parameters
$mkey : = null

checksum column from the virus log.

Tags
route

GET /memory/virus/archive

Return values
stdClass

Return the firewall's response as an object.

getDisk()

Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.

public getDisk( $type[,  $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ][,  $extra = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$extra : = null

Flag(s) for extra data to be included [reverse_lookup|country_id].

Tags
route

GET /disk/{type}

Return values
stdClass

Return the firewall's response as an object.

getDiskArchive()

Return a list of archived items for the desired type. :type can be app-ctrl or ips

public getDiskArchive( $type[,  $mkey = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$mkey : = null

Archive identifier.

Tags
route

GET /disk/{type}/archive

Return values
stdClass

Return the firewall's response as an object.

getDiskArchiveDownload()

Download an archived file.

public getDiskArchiveDownload( $type[,  $mkey = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$mkey : = null

Archive identifier.

Tags
route

GET /disk/{type}/archive-download

Return values
stdClass

Return the firewall's response as an object.

getDiskEvent()

Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.

public getDiskEvent([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ][,  $extra = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$extra : = null

Flag(s) for extra data to be included [reverse_lookup|country_id].

$subtype :

Select the subtype for the Event log category

Tags
route

GET /disk/event/{subtype}

Return values
stdClass

Return the firewall's response as an object.

getDiskEventRaw()

Log data for the given log type in raw format.

public getDiskEventRaw([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$subtype :

Select the subtype for the Event log category

Tags
route

GET /disk/event/{subtype}/raw

Return values
stdClass

Return the firewall's response as an object.

getDiskRaw()

Log data for the given log type in raw format.

public getDiskRaw( $type[,  $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

Tags
route

GET /disk/{type}/raw

Return values
stdClass

Return the firewall's response as an object.

getDiskTraffic()

Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.

public getDiskTraffic([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ][,  $extra = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$extra : = null

Flag(s) for extra data to be included [reverse_lookup|country_id].

$subtype :

Select the subtype for the Traffic log category

Tags
route

GET /disk/traffic/{subtype}

Return values
stdClass

Return the firewall's response as an object.

getDiskTrafficRaw()

Log data for the given log type in raw format.

public getDiskTrafficRaw([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$subtype :

Select the subtype for the Traffic log category

Tags
route

GET /disk/traffic/{subtype}/raw

Return values
stdClass

Return the firewall's response as an object.

getFortianalyzer()

Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.

public getFortianalyzer( $type[,  $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ][,  $extra = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$extra : = null

Flag(s) for extra data to be included [reverse_lookup|country_id].

Tags
route

GET /fortianalyzer/{type}

Return values
stdClass

Return the firewall's response as an object.

getFortianalyzerArchive()

Return a list of archived items for the desired type. :type can be app-ctrl or ips

public getFortianalyzerArchive( $type[,  $mkey = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$mkey : = null

Archive identifier.

Tags
route

GET /fortianalyzer/{type}/archive

Return values
stdClass

Return the firewall's response as an object.

getFortianalyzerArchiveDownload()

Download an archived file.

public getFortianalyzerArchiveDownload( $type[,  $mkey = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$mkey : = null

Archive identifier.

Tags
route

GET /fortianalyzer/{type}/archive-download

Return values
stdClass

Return the firewall's response as an object.

getFortianalyzerEvent()

Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.

public getFortianalyzerEvent([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ][,  $extra = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$extra : = null

Flag(s) for extra data to be included [reverse_lookup|country_id].

$subtype :

Select the subtype for the Event log category

Tags
route

GET /fortianalyzer/event/{subtype}

Return values
stdClass

Return the firewall's response as an object.

getFortianalyzerEventRaw()

Log data for the given log type in raw format.

public getFortianalyzerEventRaw([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$subtype :

Select the subtype for the Event log category

Tags
route

GET /fortianalyzer/event/{subtype}/raw

Return values
stdClass

Return the firewall's response as an object.

getFortianalyzerRaw()

Log data for the given log type in raw format.

public getFortianalyzerRaw( $type[,  $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

Tags
route

GET /fortianalyzer/{type}/raw

Return values
stdClass

Return the firewall's response as an object.

getFortianalyzerTraffic()

Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.

public getFortianalyzerTraffic([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ][,  $extra = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$extra : = null

Flag(s) for extra data to be included [reverse_lookup|country_id].

$subtype :

Select the subtype for the Traffic log category

Tags
route

GET /fortianalyzer/traffic/{subtype}

Return values
stdClass

Return the firewall's response as an object.

getFortianalyzerTrafficRaw()

Log data for the given log type in raw format.

public getFortianalyzerTrafficRaw([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$subtype :

Select the subtype for the Traffic log category

Tags
route

GET /fortianalyzer/traffic/{subtype}/raw

Return values
stdClass

Return the firewall's response as an object.

getForticloud()

Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.

public getForticloud( $type[,  $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ][,  $extra = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$extra : = null

Flag(s) for extra data to be included [reverse_lookup|country_id].

Tags
route

GET /forticloud/{type}

Return values
stdClass

Return the firewall's response as an object.

getForticloudArchive()

Return a list of archived items for the desired type. :type can be app-ctrl or ips

public getForticloudArchive( $type[,  $mkey = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$mkey : = null

Archive identifier.

Tags
route

GET /forticloud/{type}/archive

Return values
stdClass

Return the firewall's response as an object.

getForticloudArchiveDownload()

Download an archived file.

public getForticloudArchiveDownload( $type[,  $mkey = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$mkey : = null

Archive identifier.

Tags
route

GET /forticloud/{type}/archive-download

Return values
stdClass

Return the firewall's response as an object.

getForticloudEvent()

Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.

public getForticloudEvent([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ][,  $extra = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$extra : = null

Flag(s) for extra data to be included [reverse_lookup|country_id].

$subtype :

Select the subtype for the Event log category

Tags
route

GET /forticloud/event/{subtype}

Return values
stdClass

Return the firewall's response as an object.

getForticloudEventRaw()

Log data for the given log type in raw format.

public getForticloudEventRaw([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$subtype :

Select the subtype for the Event log category

Tags
route

GET /forticloud/event/{subtype}/raw

Return values
stdClass

Return the firewall's response as an object.

getForticloudRaw()

Log data for the given log type in raw format.

public getForticloudRaw( $type[,  $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

Tags
route

GET /forticloud/{type}/raw

Return values
stdClass

Return the firewall's response as an object.

getForticloudTraffic()

Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.

public getForticloudTraffic([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ][,  $extra = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$extra : = null

Flag(s) for extra data to be included [reverse_lookup|country_id].

$subtype :

Select the subtype for the Traffic log category

Tags
route

GET /forticloud/traffic/{subtype}

Return values
stdClass

Return the firewall's response as an object.

getForticloudTrafficRaw()

Log data for the given log type in raw format.

public getForticloudTrafficRaw([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$subtype :

Select the subtype for the Traffic log category

Tags
route

GET /forticloud/traffic/{subtype}/raw

Return values
stdClass

Return the firewall's response as an object.

getMemory()

Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.

public getMemory( $type[,  $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ][,  $extra = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$extra : = null

Flag(s) for extra data to be included [reverse_lookup|country_id].

Tags
route

GET /memory/{type}

Return values
stdClass

Return the firewall's response as an object.

getMemoryArchive()

Return a list of archived items for the desired type. :type can be app-ctrl or ips

public getMemoryArchive( $type[,  $mkey = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$mkey : = null

Archive identifier.

Tags
route

GET /memory/{type}/archive

Return values
stdClass

Return the firewall's response as an object.

getMemoryArchiveDownload()

Download an archived file.

public getMemoryArchiveDownload( $type[,  $mkey = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$mkey : = null

Archive identifier.

Tags
route

GET /memory/{type}/archive-download

Return values
stdClass

Return the firewall's response as an object.

getMemoryEvent()

Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.

public getMemoryEvent([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ][,  $extra = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$extra : = null

Flag(s) for extra data to be included [reverse_lookup|country_id].

$subtype :

Select the subtype for the Event log category

Tags
route

GET /memory/event/{subtype}

Return values
stdClass

Return the firewall's response as an object.

getMemoryEventRaw()

Log data for the given log type in raw format.

public getMemoryEventRaw([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$subtype :

Select the subtype for the Event log category

Tags
route

GET /memory/event/{subtype}/raw

Return values
stdClass

Return the firewall's response as an object.

getMemoryRaw()

Log data for the given log type in raw format.

public getMemoryRaw( $type[,  $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ]) : stdClass
Parameters
$type :

Type of log that can be retrieved

$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

Tags
route

GET /memory/{type}/raw

Return values
stdClass

Return the firewall's response as an object.

getMemoryTraffic()

Log data for the given log type (and subtype). Append '/raw' to retrieve in raw format.

public getMemoryTraffic([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ][,  $extra = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$extra : = null

Flag(s) for extra data to be included [reverse_lookup|country_id].

$subtype :

Select the subtype for the Traffic log category

Tags
route

GET /memory/traffic/{subtype}

Return values
stdClass

Return the firewall's response as an object.

getMemoryTrafficRaw()

Log data for the given log type in raw format.

public getMemoryTrafficRaw([ $start = null ][,  $rows = null ][,  $session_id = null ][,  $serial_no = null ][,  $is_ha_member = null ][,  $filter = null ],  $subtype) : stdClass
Parameters
$start : = null

Row number for the first row to return.

$rows : = null

Number of rows to return.

$session_id : = null

Provide a session_id to continue getting data for that request.

$serial_no : = null

Retrieve log from the specified device.

$is_ha_member : = null

Is the specified device an HA member.

$filter : = null

Filtering multiple key/value pairs Operator | Description == | Case insensitive match with pattern. != | Does not match with pattern (case insensitive). =@ | Pattern found in object value (case insensitive). !@ | Pattern not found in object value (case insensitive). <= | Value must be less than or equal to pattern. < | Value must be less than pattern. .>= | Value must be greater than or equal to pattern. .> | Value must be greater than pattern. Logical OR using , | Separate filters using commas ',' Logical AND using & | Filter strings can be combined to create logical AND queries by including multiple filters in the request. Combining AND and OR | You can combine AND and OR filters together to create more complex filters.

$subtype :

Select the subtype for the Traffic log category

Tags
route

GET /memory/traffic/{subtype}/raw

Return values
stdClass

Return the firewall's response as an object.

listTransactions()

List all transactions.

public listTransactions([string $vdom = null ]) : bool
Parameters
$vdom : string = null
Return values
bool

Return the firewall's response as an object. As of version 6.4.5, this method sometimes returns unparsable JSON.

startTransaction()

Start a transaction (Warning : Fortinet says all tables are not supported but do not indicate which one exactly).

public startTransaction([int $timeout = null ][, string|null $vdom = null ]) : bool
Parameters
$timeout : int = null

Transaction's timeout.

$vdom : string|null = null

Specify the Virtual Domain from which results are returned or changes are applied to. If this parameter is not provided, the management VDOM will be used. If the admin does not have access to the VDOM, a permission error will be returned.

Return values
bool

Return TRUE on success and FALSE on failure.

curlRequest()

Method to request the firewall's API.

protected curlRequest(string $method, string $endpoint[, int|string $pathData = null ][, stdClass|array<string|int, mixed> $queryData = null ][, stdClass|array<string|int, mixed> $bodyData = null ][, int $timeout = null ]) : stdClass
Parameters
$method : string

HTTP method (e.g. 'GET', 'POST', 'PUT', 'DELETE' ...).

$endpoint : string

API endpoint without the 2 first element ('rest' and API version '/api/vX'), e.g. /cmdb/router/static.

$pathData : int|string = null

Data to be passed in the request path (only one).

$queryData : stdClass|array<string|int, mixed> = null

Data to be passed in the request query as GET arguments.

$bodyData : stdClass|array<string|int, mixed> = null

Data to be passed in the request body as a JSON object.

$timeout : int = null
Return values
stdClass

Return firewall's response as a stdClass.

httpBuildCustomQuery()

Function used to build a query with params but following fortigate satndards.

private httpBuildCustomQuery(array<string|int, mixed> $data) : string
Parameters
$data : array<string|int, mixed>

Array of data.

Return values
string

Return the data encoded in a string to be passed as an URL.

login()

Login in the firewall.

private login() : bool
Return values
bool

Return TRUE if successful or throw Exception if fails.

logout()

Logout from the firewall.

private logout() : Return
Return values
Return

TRUE if successful, FALSE if it failed.

Search results