Description

This article describes generating email alerts for a single CPU core spike.

Scope

FortiGate.

Solution

Refer below steps to configure the automation stitch for generating mail alerts for a single CPU core spike.

1. Navigate Security Fabric and select Automation.
    
   

2. Select Create New to create a new automation stitch.
   
   

   

    

    

3. Configure the Name and enable the status.

    

4. Select Add Trigger to configure the trigger condition and then select Create New and then FortiOS Event Logs.

    

   

    

5. Configure the Name, select FortiOS Event ID: 40707, and select OK.
                                                                           

                                                            

    

6. Once Automation Trigger is configured, apply the object to Trigger.
   
   

7. Select Add Action and New or select an existing email notification action.
   
   

8. After selecting New, select the Email option from the notification. 
   
   

9. Configure the fields Name, From, To, and select OK.
                                                           

   
   

10. Select OK.
    

Make sure the below command is enabled to log the event. Any single CPU core usage above the CPU usage threshold will report an event log.

config system global
    set log-single-cpu-high enable
end

To make sure that the email daemon is working as expected, a test log email alert can be generated using the command: diagnose log alertmail test.

Related article:

Technical Tip: How to configure alert email settings