| Description | This article describes how to create automation stitch triggers for when the FortiGuard web filter is unreachable and when they become reachable again. These can be used with an automation stitch action that will send an alert email when the stitch is triggered. |
| Scope | FortiGate. |
| Solution |
To configure automation stitches, see Creating automation stitches - FortiGate administration guide.
To configure an automation stitch that will send an alert email, see
For an automation stitch that will trigger when the FortiGuard web filter is unreachable, Log ID 20119 can be used. See 20119 - LOG_ID_WEBF_STATUS_UNREACH - FortiGate 7.4.7 documentation for reference. To create the trigger in the GUI, browse to Security Fabric -> Automation -> Trigger tab -> Create New. Select the FortiOS Event Log, and add a name. For the event, add 'FortiGuard webfilter unreachable'.
To configure the trigger on the CLI:
config system automation-trigger edit "WebFilter-Down" set event-type event-log set logid 20119 next end
For an automation stitch that will trigger when the FortiGuard web filter is reachable again, use Log ID 20118. See 20118 - LOG_ID_WEBF_STATUS_REACH - FortiGate 7.4.7 documentation.
To create the trigger, browse to Security Fabric -> Automation -> Trigger tab -> Create New. Select FortiOS Event Log and add a name. For the event, add 'FortiGuard webfilter reachable'.
To configure the above automation stitch in the CLI, run the following:
config system automation-trigger edit "WebFilter-Up" set event-type event-log set logid 20118 next end |
