This article describes about the configuration of alert email for interface status change event per interface using automation.

One can configure email alert when interface status is changed following below the below article:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-email-alert-when-interfac... 

This will trigger an email when any of the interface on the firewall changes its status.

But what if the requirement is to set up an email alert for specific interface rather than sending an alert email for all interfaces.

In such scenario ‘Fields’ option comes into play.

A name and a value can be set under the ‘Fields’ section to trigger customized email alerts.

An example to trigger alert email when internal1 interface changes its state is shown below:

# config system automation-action

     edit "Network Down_email"

        set action-type email

        set email-to "xyz@gmail.com"

        set email-subject "interface"

      next

   end

# config system automation-stitch

      edit "Network Down"

         set trigger "Network Down"

         set action "Network Down_email"

      next

   end

# config system automation-trigger

      edit "Network Down"

         set event-type event-log

         set logid 20099

         config fields

             edit 1

                 set name "msg"

                 set value "Link monitor: Interface internal1 was turned down"

             next

         end

      next

   end

After this configuration is in place, verify that only Internal1 interface status related emails are sent.

If email is not visible in the inbox, check the junk/spam folder.

Note: Customizing alert email specific to the interface can only be done through CLI.