Technical Tip: How to trigger alert email when FortiDeceptor detect RDP attempt being perform over lure package

1. Navigate under System -> Mail Server.
2. Select '+Create alert delivery rule'.
3. Select 'Enabled' on the toggle.
4. Fill in the Name.
   
   
5. Select relevant Alert Severity and Type.
6. Put in the Victim Decoy Port = 3389.
7. Fill in the recipient's email address.
8. Select 'OK'.
9. Perform test RDP service to dedicated deception lure package.
10. Check the log entry under Incident -> Analysis.
    
                                          
11. Log in to the respective recipient's email address.
12. Email being generated from FortiDeceptor regarding alert interaction events over the RDP protocol.
                      

Note: This option can also work with services other than RDP. If the defined port for another service is triggered, it will send an alert email as well.