Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Vedaant
Staff
Staff

Created on ‎09-05-2024 10:06 PM

Article Id 338725

Technical Tip: Configure automation stitch to receive email alert for only particular IPSEC tunnel status change.

Description

This article describes how to configure an automation stitch for a specific IPSEC tunnel to get an alert email for status changes.
Scope FortiGate.
Solution

Create an automation stitch for email alerts for IPSEC tunnel status changes. Go to Security Fabric -> Automation ->Stitch and  select 'Create New'.

 

create automation stitch.PNG


Create a trigger and action configured to send an alert email.

Automation stitch.PNG

Trigger configuration. Select event IPsec connection status changed and for specific IPSEC tunnels, enter the field filters  
vpntunnel: 'FGT1toFGT2 -----------name of the specific IPSEC tunnel'.

stitch field value.PNG

 

To get field value, download the logs from the Events logs:


status change logs.PNG

 

From the download logs, fetch the exact field filter value entered in the trigger:


raw logs.PNG

Configure Action to receive email notifications for tunnel status changes:


email.PNG

When the tunnel status for a specific tunnel changes, email alerts will be received but not for other IPSEC tunnels.

trigger.PNG

 

 

 

 

 

 

140
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.