Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vbandha
Staff
Staff

Created on ‎12-03-2023 10:58 PM Edited on ‎12-01-2025 07:50 AM By Community Manager

Article Id 287255

Automation stitch to Export IPS Signature database to email whenever there is an IPS Database update

Description

This article describes how to export IPS signatures using Automation stitch whenever there is an IPS signature database update to the email.
Scope FortiGate v7.0+.
Solution

Create Automation Trigger:

  • Go to Security Fabric -> Automation.
  • Select Trigger and then Create New.
  • Select AV & IPS DB Update.
  • Give a name to the trigger, in this example, IPS update.
  • Select OK at the bottom.

 

1.JPG

 

Create First Automation Action (CLI Script):

  • Switch over to Action at the top and select Create New.
  • Select CLI script.
  • Give it a name, in this example, CLI script.
  • Under script type:

 

get ips rule status <----- If there is a FortiGate with a single VDOM.

config global       <----- If there is a multi-VDOM environment.

get ips rule status

 

  • Under 'Administrative Profile', select super_admin
  • Select OK at the bottom.

 

2.JPG

 

Create Second Automation Action (Email):

  • Create the second action
  • Select Create New under Action.
  • Select Email.
  • Give it a name, for this example, Email.
  • Type the email of the recipient, for this example, test@example.com
  • Under Subject, it is possible to type it as per requirement. IPS signature update in this example.
  • Under the body, it is necessary to have %%results%%
  • Select 'OK' at the bottom.

 

3.JPG

 

Create Automation Stitch.

  • Go to the Stitch option at the top and select Create New.
  • Give it a name as per requirement, IPS Update Stitch for this example.
  • Make sure to keep Action Execution Sequential.
  • Under Trigger, select the trigger created, in this case, IPS Update. Then select Apply.
  • Under the first action, select the CLI action that was created before, in this case, CLI Script. Then select Apply.
  • Select Add Action.
  • Select the email action created. For this case, Email. Then select Apply.
  • Once done, select OK.

 

4.JPG

 

 

CLI Reference:

 

config system automation-trigger

    edit "IPS update"

        set description "The antivirus and IPS database has been updated."

        set event-type virus-ips-db-updated

    next

 

config system automation-action

    edit "CLI Script"

        set action-type cli-script

        set script "config global 

        get ips rule status"

        set accprofile "super_admin"

    next

end

 

config system automation-action

    edit "Email"

        set action-type email

        set email-to "test@example.com"

        set email-subject "IPS signature update"

        set message "%%results%%"

    next

end

 

config system automation-stitch

    edit "IPS Update Stitch"

        set trigger " IPS update "

            config actions

                edit 1

                    set action "CLI Script"

                    set required enable

                next

                edit 2

                    set action "Email"

                    set required enable

                next

            end

        next

    end

 

This will create the automation stitch to send the update for the IPS Signature database to the email.
1138
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.