What's the difference between "get", "show", and "execute" commands in FortiOS CLI?

An intro to some of the essential commands in FortiOS.

Mike Berggren

20 Aug 2025 — 2 min read

💡

This is part of an on-going series in cybersecurity foundations. Check the cyber 101 article tag index from time to time for more content.

The FortiOS CLI offers a LOT of flexibility but it can be quite a bit to memorize. For that reason, I find that it helps to understand the intent and purpose of the command (particularly the first word in the command). Here's a quick summary to keep in mind:

The get command does what you'd expect: it fetches a specific set of info and returns it in a readable format.
The show command is similar but with an important distinction: it shows the precise syntax/configuration, exactly like it's entered in the command-line.
The execute command performs a specific programmatic function/task.

Here are some examples:

Example_FAZ $ get system status
Platform Type                   : FAZ-1234G
Platform Full Name              : FortiAnalyzer-1234G
Version                         : v7.6.3-build3492 250421 (GA.F)

Example_FAZ $ show system dns
config system dns
    set primary 208.91.112.52
    set secondary 208.91.112.53
end

Example_FAZ $ execute ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=116 time=1.661 ms
64 bytes from 8.8.8.8: seq=1 ttl=116 time=1.457 ms
64 bytes from 8.8.8.8: seq=2 ttl=116 time=1.375 ms
64 bytes from 8.8.8.8: seq=3 ttl=116 time=1.354 ms

--- 8.8.8.8 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 1.354/1.461/1.661 ms

Spot the differences in the return output? For the last command, it performed a specific task (pinging a remote ip). Nifty huh.

That syntax logic forms the basis for the command structure on a lot of different commands. Obviously there's a lot more depth to the topic here but I think it's helpful to have a starting point. For more examples, check out the following resources: