Skip to main content
BK_LGW
BK_LGW
New Member
June 29, 2020
Solved

Possible To Get EXACT Configuration Change - Automation Stitch?

  • June 29, 2020
  • 1 reply
  • 7435 views

Hello all. I've enabled an Automation stitch to email me whenever any other admin signs into the FGT (6.2.1) and makes any changes. Those emails look like this:

 

FGT[FGxxxxxxxxxxxxxx] Automation Stitch:Config-Change is triggered.

date=2020-06-29 time=08:25:47 logid="0100032102" type="event" subtype="system" level="alert" vd="root" eventtime=1593437147787054028 tz="-0500" logdesc="Configuration changed" user="xxxxxxxxxxxx" ui="ssh(xxxxxx)" msg="Configuration is changed in the admin session"

 

Is it possible to have these emails include the EXACT config change made .e.g. user Andrew made a change: an interface IP address changed, or a policy was disabled?

    Best answer by TecnetRuss

    Rather than use an Automation Stitch, try Under Log & Report / E-mail Alert Settings, enabling "Configuration change" - that will send an e-mail to the e-mail addresses at the top of that page including the details of the configuration change.

     

    If you don't see "Email Alerts Settings" under Log & Report (this page is present on my 60E with FortiOS 6.0.x but is missing on my 60E with FortiOS 6.4.x) you can set this in the CLI ("set configuration-changes-logs enable").

    https://docs.fortinet.com/document/fortigate/6.2.4/cli-reference/520620/alertemail-setting

     

    Russ

    NSE7

     

    1 reply

    TecnetRuss
    TecnetRussAnswer
    Visitor III
    June 30, 2020

    Rather than use an Automation Stitch, try Under Log & Report / E-mail Alert Settings, enabling "Configuration change" - that will send an e-mail to the e-mail addresses at the top of that page including the details of the configuration change.

     

    If you don't see "Email Alerts Settings" under Log & Report (this page is present on my 60E with FortiOS 6.0.x but is missing on my 60E with FortiOS 6.4.x) you can set this in the CLI ("set configuration-changes-logs enable").

    https://docs.fortinet.com/document/fortigate/6.2.4/cli-reference/520620/alertemail-setting

     

    Russ

    NSE7

     
    BK_LGW
    BK_LGWAuthor
    New Member
    June 30, 2020

    Thank you, Russ. I'll try that and observe further.

    Terms & ConditionsCookie settingsAccessibility statement