Technical Tip: How to view full FortiOS event logs in automation stitch

Description

This article describes how to create FortiOs events logs to view full events stitch from Automation Stitch.

Scope

FortiGate.

Solution

FortiGate 7.0 and above:

There are various kinds of FortiOs events logs for automation stitch, for example, Interface & Bandwidth speed-related Automation Stitch:

1. Navigate to Security Fabric -> Automation and select Create New.
2. Select Entries -> Create -> Choose FortiOS Events logs.

3. Create a New Automation Stitch, select Entries Able to visible the full Forti_OS event logs for Automation Stitch.

Select the Event.

4. Select requirements for the Forti-OS Events logs.

Example:

Interface & Bandwidth Trigger.

Add on the Events

In the Field filter(s) field, select the '+' to add multiple field filters. All the configured filters must match for the stitch to be triggered. Verify the logs and then select the fields from the log details.

In this example, " Interface down’ is used as a filter. If an Interface is down or UP, it will trigger the stitch.

5. Select OK.
6. Select the trigger in the list and select Apply.
7.  Select Add Action. Select the pencil icon to edit the Default Email entry.
8. Once the configuration is done, When the automation stitch triggers, log Trigers from the FortiGate to  EMail.