Topic Guides

Advanced topics, patterns, and techniques for working with HFortix.

• Child Table Helpers
• Reordering Objects with .move()
• Batch Transactions
• API Request Inspection
• FortiManager Proxy
• Creating Custom Wrappers and Aliases
• Enterprise Audit Logging
• Handler Protocol System
• Logging & Observability
• Debugging Guide
• Rate Limiting and Resilience
• Filtering, Sorting, and Formatting
• Validation
• Performance Testing and Optimization

Overview

Topic guides provide detailed, task-oriented documentation for advanced features and patterns.

Key Topics

Child Table Helpers (New)

Simplified CRUD operations for nested configuration within router singleton endpoints. Manage BGP neighbors, OSPF areas, RIP networks, and other child tables without requiring full parent object updates. Available for 10 router endpoints with comprehensive examples for common networking tasks. Includes best practices for error handling, validation, and efficient operations.

Reordering Objects (New in v0.5.155)

Change execution order of firewall policies, routes, and other sequential objects using the .move() method. Critical for policy management where order determines which rules are evaluated first. Move objects before/after others, to top/bottom, or specific positions. Available on 561 endpoints. Includes examples for firewall policies, route policies, and batch reordering operations.

Batch Transactions (New in v0.5.152)

Atomic configuration changes with automatic commit/rollback support (FortiOS 6.4.0+). Group multiple API operations into a single transaction with context manager and decorator patterns. All changes succeed together or rollback on error. Includes manual control, timeout configuration, and transaction inspection (7.4.1+).

API Request Inspection (New in v0.5.152)

Debug and audit API interactions by inspecting HTTP requests and responses. Access complete request details including method, URL, headers, body, status, and timing. Essential for debugging, audit logging, performance analysis, and learning the API. Includes integration examples for logging and monitoring.

FortiManager Proxy (New in v0.5.0)

Route FortiOS API calls through FortiManager to manage multiple FortiGate devices. Connect to FortiManager once and execute operations on any managed device using the same FortiOS API syntax. Supports multiple ADOMs and VDOMs.

Creating Custom Wrappers (New in v0.5.146)

Learn how to create your own convenience wrappers, aliases, and helper functions tailored to your specific needs. Includes examples for simple aliases, domain-specific wrappers, validation wrappers, async operations, and complete custom modules.

Advanced Topics

Audit Logging

Enterprise audit logging with SIEM integration for compliance (SOC 2, HIPAA, PCI-DSS). Built-in handlers for syslog, files, and streams. Automatic data sanitization and user context tracking.

Handler Protocol System (New in v0.4.1)

Extensible plugin architecture for custom audit handlers. Write handlers that integrate with Kafka, databases, webhooks, or any external system without modifying HFortix code. Protocol-based design with priority routing, conditional filtering, error aggregation, and dynamic management. Includes production-ready examples for Kafka, PostgreSQL/MySQL, and Slack/Teams/Discord notifications.

Observability

Structured logging and distributed tracing for production systems. Includes configure_logging() helper, JSON formatters, trace_id parameter for request correlation, and automatic VDOM/ADOM inclusion for multi-tenant environments. Integration with ELK, Splunk, CloudWatch, and Datadog.

Debugging (New in v0.4.0)

Comprehensive debugging tools and techniques. Covers debug mode (debug=True), connection pool monitoring (fgt.connection_stats), request inspection (fgt.last_request), DebugSession context manager, performance profiling, and structured logging configuration. Includes integration examples for ELK, Splunk, and CloudWatch.

Rate Limiting (New in v0.4.0)

Complete guide to handling API rate limits and building resilient applications. Covers HTTP 429 handling, retry strategies (exponential/linear/fibonacci), circuit breaker patterns, connection pool management, and async patterns for high throughput. Includes production-ready configuration examples.

Filtering

Complete guide to filtering and querying API results. 50+ examples covering simple filters, complex queries, logical operators, and performance optimization.

Validation

Guide to the validation framework with 832 auto-generated validators. Covers enum validation, length limits, range checks, pattern matching, and type validation.

Performance

Performance testing guide and optimization strategies. Includes connection pool tuning, timeout configuration, and device-specific recommendations.

See Also

• /fortios/user-guide/index - Core concepts and essential features

• /fortios/api-reference/index - Complete API reference

• /fortios/getting-started/quickstart - Quick start guide