| Description | This article describes how to configure an automation stitch to provide email alerts when SSL VPN login failures appear in the logs. |
| Scope | FortiOS 6.4 or above. |
| Solution |
Create an Automation stitch under Security Fabric -> Automation -> Stitch -> Create New.
Give it the name and trigger shown in the screenshot below:
Configure the action in the screenshot below:
Next, test the stitch by entering the wrong user ID or password. Check the status from the firewall and check for an email.
The CLI part after configuration is as follows:
Stitch:
config system automation-stitch edit "SSL VPN Login-Failure" set trigger "SSL-VPN-Login" config actions edit 1 set action "SSL-VPN-Failed" next end next end
Trigger:
config system automation-trigger edit "SSL-VPN-Login" set event-type event-log next end
Action:
config system automation-action edit "SSL-VPN-Login-Failed" set action-type email next end
Log: The email will contain the following log: date=2023-11-24 time=09:39:36 devid="FGT61FTK22059174" devname="FGT" eventtime=1700847576403329440 tz="-0800" logid="0101039426" type="event" subtype="vpn" level="alert" vd="root" logdesc="SSL VPN login fail" action="SSL-VPN-Failed" tunneltype="ssl-web" tunnelid=0 remip=209.87.240.230 srccountry="Canada" user="user01" group="N/A" dst_host="N/A" reason="sslvpn_login_permissio
Note:
If the automation stitch is triggered but fails to receive an email alert, refer to Troubleshooting Tip: Email alert or contact Fortinet Support for assistance.
|
Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Spring Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiGuest
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiSRA
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiScan
- FortiSandbox
- FortiSASE
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiWAN
- FortiToken
- FortiVoice
- FortiWeb
- FortiAppSec Cloud
- RMA Information and Announcements
- Lacework
- Wireless Controller
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
- Fortinet Community
- Knowledge Base
- FortiGate
- Technical Tip: Configure an automation stitch to g...
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.