Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
rahul_p1
Staff
Staff

Created on ‎03-18-2025 06:12 AM Edited on ‎11-19-2025 01:46 PM By Community Manager

Article Id 382899

Technical Tip: Email alert using automation stitch when FortiGate image is loaded successfully

Description This article describes how to configure an automation stitch to receive an email alert when FortiGate upgrades firmware.
Scope FortiGate.
Solution

As shown in this image, the current firmware on FortiGate is v7.4.5.

 

rahul_p1_0-1742293002901.png

 

When FortiGate loads an image system log is generated in the system Events.

For the image to load successfully log ID will be generated (log id="0100032201).

 

Create an automation trigger for FortiOS event logs.

Select the FortiOS event Log as the image loaded successfully with the correct log as shown in the screenshot.

 

rahul_p1_1-1742293002903.png

 

Create an action that will be performed when this log is generated in the system alert.

Email notification is used for action.

Add an email address to which the alert will be sent by FortiGate.

 

rahul_p1_2-1742293002904.png

 

Create an Automation stitch and select the trigger and action that were configured above.

 

rahul_p1_3-1742293002906.png

 

After the configuration of the Automation stitch, perform a manual test, and when it will be uploaded the image on FortiGate, it will send the alert email to the email given in action.

 

rahul_p1_4-1742293002907.png

 

Email alert messages are received by email with the details of the log ID, and a successful image is loaded.

 

devname="ion-kvm148" eventtime=1742271339921790999 tz="-0700" logid="0100032201" type="event" subtype="system" level="critical" vd="root" logdesc="Image loaded successfully" user="admin" ui="GUI(172.16.15.1)" action="loaded-image" status="success" msg="User admin loaded an image from GUI(172.16.15.1). The new image does have a valid RSA signature."

 

The CLI part after configuration is as follows:

  1. Stitch:

 

config system automation-stitch

    edit "Image loaded successfully"

        set trigger "Image loaded successfully"

            config actions

                edit 1

                    set action "Image loaded successfully"
                    set required enable

                next

end

 

  1. Trigger:

 

config system automation-trigger

    edit "Image loaded successfully"

        set event-type event-log
        set logid 32201

    next

end

 

  1. Action:

 

config system automation-action

    edit "Image loaded successfully"

        set action-type email
        set email-to "abc@xyz.com"
        set email-subject "Image loaded successfully"

    next

end

 

To test the Automation Stitch, run the following command:

 

diagnose automation test Login-Failure 0100032201

automation test failed(2). stitch: Image loaded successfully
354
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.