Technical Tip: Email notification when an anomaly ...

FortiGate

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

Article Id 353276

Description

This article describes how to enable Email alerts whenever an anomaly is detected.

Scope

FortiGate v7.2.

Solution

Make sure a DOS policy is in place and logging is enabled.

Refer to this article: Technical Tip: How to configure IPv4 DOS policy.
Go to Security Fabric -> Automation -> Trigger -> Select Create New -> Select Anomaly Logs.

Set the name for the Anomaly Logs Automation Trigger, then select OK:
Go to Security Fabric -> Automation -> Action -> Select Create New:
- Set the Name.
- Interval time can be configured.
- Set the Email from, Email recipient, and Email subject.
- Leave the body "%%log%%" as default.

Go to Security Fabric -> Automation -> Stitch -> Select Create New.
- Set the Name.
- Set the Status to 'Enable'.
- Set Action execution to 'Sequential'.
- Under Stitch, select the newly created trigger for Anomaly Logs and action to Email Notification.
- Select OK.

Result:

An email notification will be sent to the recipient's Email address when the FortiGate DOS policy threshold is triggered or an anomaly is detected.

230

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: Email notification when an anomaly is detected

You are leaving our website