Skip to main content
rhap4boy
rhap4boy
New Member
March 10, 2022
Question

Anomaly Email Alert

  • March 10, 2022
  • 1 reply
  • 3559 views

How do I get Fortigate to email Anomaly alert such as DDoS attack?

I configured DDoS policy and tested flooding attack.  It shows the attack in the Anomaly Log.  How do I get it to send alerts email?  The Automation Stitch doesn't seem to have an Anomaly trigger.  FortiOS Event Log Trigger doesn't show Anomaly trigger either. Help!!!

1 reply

sharmaj
Staff
sharmaj
Staff
March 11, 2022

Hello

 

By default, Fortigate does not have an inbuilt email alert for DOS attacks. The functionality requested is currently not supported in Fortigate. The DOS events are logged under Anomaly events and currently, there is no support to trigger mail alerts based on that.

 

However, u can create an event handler for DDoS logs. It will send an email alert once receive the DDoS log.

https://docs.fortinet.com/document/fortianalyzer/6.2.0/administration-guide/348606/creating-a-custom-event-handler

Terms & ConditionsAccessibility statement