Automation stitches and IPS

Forum|Forum|6 years ago
January 9, 2020
1 reply
3458 views

Is it possible to send IPS logs/alerts to webhook using automation stitches?

I search thru all "Events" in trigger "FortiOS Event Log" and didn't find any events connected to IPS alerts :(

nostalia_nse7

New Member

Have you looked into the integration with FortiAnalyzer; and whether you can trigger FAZ to cause a "Compromised Host" alert or something? Sorry haven't played with Stitches much yet. My use case for IPS Triggers has been having a script parse the email notifications, get the source IPs, then dumping them to a text file on a web server; then using the External List fabric connector to import the addresses into an address object used in a Deny policy ahead of my VIPs / other rules where appropriate.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded