Description
This article describes how to send an alert message from FortiAnalyzer to a Webhook site.
Scope
FortiAnalyzer.
Solution
When accessing to webhook site, it will generate a unique URL as in general.
- Use the unique URL to put in under the Generic Connector URL value:
- In v7.4.x, go to Fabric View -> Fabric Connectors -> Create New -> Generic Connector.
- In v7.6.x, go to Incidents & Events -> Automation -> Active Connectors -> Create New -> Generic Connector.
Other than the URL value, it is only mandatory to put in below value:
| Protocol | HTTPS |
| Port | 443 |
| Method | POST |
Authentication is not necessary for this setup and can be ignored, for HTTP bodies are optional to get a meaningful message display for the alert.
The text output for ${} sign can be replaced using other Configuring ITSM connectors in (Supported macros for the MS Teams Connector).
- Add the created webhook to the Notification Profile.
- In v7.4.x, go to Incidents & Events -> Handlers -> Notification Profiles -> Create New.
- In v7.6.x, go to Incidents & Events -> Event Handlers -> Notification Profiles -> Create New.
- Create an event and add the notifications profile to it.
- In v7.4.x, go to Incidents & Events -> Handlers -> Basic Handlers -> Create New.
- In v7.6.x, go to Incidents & Events -> Event Handlers -> Event Handlers -> Create New.
- Trigger the event and check if it is present in Event Monitor and webhook site.
Related articles:
Technical Tip: FortiAnalyzer use webhook to send alert to Telegram
Technical Tip: FortiAnalyzer use webhook to send alert to Slack
