FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ihaidar
Staff
Staff
Article Id 321566
Description This article describes how to make an automation stitch work on the downstream devices when connected to the Security Fabric.
Scope FortiGate.
Solution

Assume that the two FortiGates are connected in the Security Fabric as shown in the following screenshot:

 

security fabric diagram.png

 

This article will demonstrate how to configure an automation script to send an email alert containing command outputs each time a user logs into either of the two FortiGates.

 

For the automation stitch to be applied on both FortiGates, follow the steps below:

 

  1. As shown below, navigate to the Fabric root create a new stitch and add 'All FortiGates'.
  2. Create a new trigger and choose the FortiOS events shown below in the screenshot:

Step2.png

 

  1. Create a new Action, choose CLI Script, and follow the setup shown in the screenshot below:

Note:

If the commands need to be executed on both FortiGates on the security fabric, keep the option 'Execute on security Fabric' disabled.

 

Step3.png

 

  1. Create a new Action choose an email and follow the setup shown in the screenshot below:

Note:

Add the email in the blank as illustrated in the screenshot below:

Step4.png

 

  1. Select OK to save the setup as shown in the following screenshot:

 

Step5.png

 

Results:

Whenever a user tries to log in to any of the FortiGate Firewalls, an email alert will be received with the output of the above commands. (The commands that are added in the CLI Script created.)