Using grep to filter get and show command output
In many cases, the get and show (and diagnose) commands may produce a large amount of output. If you are looking for specific information in a large get or show command output, you can use the grep command to filter the output to only display what you are looking for. The grep command is based on the standard UNIX grep, used for searching text output based on regular expressions.
Use the following command to display the MAC address of the FortiGate unit internal interface:
get hardware nic internal | grep Current_HWaddr
Current_HWaddr 00:09:0f:cb:c2:75
Use the following command to display all TCP sessions in the session list and include the session list line number in the output
get system session list | grep -n tcp
Use the following command to display all lines in HTTP replacement message commands that contain URL (upper or lower case):
show system replacemsg http | grep -i url
There are three additional options that can be applied to grep:
-A <num> After
-B <num> Before
-C <num> Context
The option -f is also available to support Fortinet contextual output, in order to show the complete configuration. The following example shows the difference in output when -f option is used versus when it is not.
Using -f:
show | grep -f ldap-group1
config user group
edit "ldap-group1"
set member "pc40-LDAP"
next
end
config firewall policy
edit 2
set srcintf "port31"
set dstintf "port32"
set srcaddr "all"
set action accept
set identity-based enable
set nat enable
config identity-based-policy
edit 1
set schedule "always"
set groups "ldap-group1"
set dstaddr "all"
set service "ALL"
next
end
next
end
Without using -f:
show | grep ldap-group1
edit "ldap-group1"
set groups "ldap-group1"
See Also