FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
nradia_FTNT
Staff
Staff
Article Id 355243
Description This article describes about sending email alert when FortiGuard servers are unreachable.
Scope FortiGate 6.x, 7.x
Solution

 

  • Step 1: Configure Trigger using Log ID.

config system automation-trigger

    edit "WebFilterDown_trigger"

        set event-type event-log

        set logid 20119

    next

end

 

  • Step 2: Configure two sequential actions. One runs a CLI debug and the second sends the results via email. Replace them with appropriate email addresses for From and To.

config sys automation-action

    edit "FortiGuardDown_debug"

        set action-type cli-script

        set script " exe ping service.fortiguard.net

        exe ping update.fortiguard.net

        exe ping guard.fortinet.net

        diagnose debug rating

        get sys stat

        get sys perf stat 

        set accprofile "super_admin"

    next

    edit "WebFilterDown_email"

        set action-type email

        set email-to "admin@abc.com"

        set email-from "fgt@abc.com"

        set email-subject "FortiGuard is unreachable, see debug attached"

        set message "%%results%%"

    next

end

 

  • Step 3: Create a Stitch to combine all of the above.

config system automation-stitch

    edit "WebFilterDown_stitch"

        set trigger "WebFilterDown_trigger"

            config actions

                edit 1

                    set action "FortiGuardDown_debug"

                    set required enable

                edit 2

                    set action "WebFilterDown_email"

                    set required enable

                next

            end

        next

    end