Getting Started

Prerequisites

This fotoobo package assumes you have

A Linux environment
Network access to Fortinet products
Administrative access to the Fortinet products (username/password, api key)
Fundamental knowledge of what you are doing

Installing fotoobo

Please install fotoobo on any Linux machine or container with Python on it. Although Python is an os independent programming language fotoobo is not meant to be installed and is not tested on any Windows machine. Not yet. If you want to use Windows then run fotoobo in WSL.

pipx install fotoobo

Execution

In its simplest form fotoobo lets you run different predefined functions as a cli application.

Start with:

fotoobo --help

An overview of all available fotoobo commands can be shown with:

fotoobo get commands

Connect your first FortiGate

The global configuration

Start by creating a configuration file named fotoobo.yaml. At least give it a path to your inventory.

# The path to the inventory file
inventory: inventory.yaml

For more options see the global configuration documentation.

The inventory

And of course you must also create the inventory file which in this case is called inventory.yaml.

demo-fortigate:
    hostname: <YOUR FORTIGATE DNS NAME OR IP-ADDRESS>
    https_port: 8443
    ssl_verify: false
    token: <YOUR FORTIGATE API ACCESS TOKEN>
    type: fortigate

For more options see the inventory documentation.

Let’s have fun with the first query

Now you can run fotoobo commands to the configured FortiGate. As an example you can get the FortiOS version from the FortiGate by issuing the following command:

fotoobo fgt get version demo-fortigate

Termination

fotoobo exits with defined status codes. You can show the status code in bash with echo $?. The fotoobo status code values are based on the levels from the Python logging module. The cli application (made with typer) exits with its own exit codes which do not correspond with the Python logging levels.

fotoobo$ fotoobo ems get version
  FortiClient EMS Version
┏━━━━━━━━━━━━━━━━━┳━━━━━━━━━┓
┃ FortiClient EMS ┃ Version ┃
┡━━━━━━━━━━━━━━━━━╇━━━━━━━━━┩
│ ems             │ v1.2.3  │
└─────────────────┴─────────┘
fotoobo$ echo $?
0

The following status codes are defined and used in fotoobo:

code	description
0	normal termination without any error
2	cli termination with error
30	normal termination with warning
40	abnormal termination with error
50	critical termination with exception and traceback

After a critical termination with exit code 50 you may find the traceback information in the file traceback.log in the local directory.