Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
rsondal
Staff
Staff

Created on ‎04-26-2023 07:55 AM Edited on ‎08-04-2025 09:53 PM By Moderator

Article Id 254113

Technical Tip: How to receive an alert email when SSL VPN user login successfully

Description This article describes how to receive an alert email when SSL VPN user login successfully.
Scope FortiGate.
Solution
  1. Create an Automation Stitch for this.
  2. Go to Security Fabric -> Automation -> Create New.

 

1st.png

 

  1. Select Add Trigger -> Create -> FortiOS event log -> Event and select the correct SSL VPN Tunnel Up entry.

 

2nd.png

 

3rd.png

 

4th.png

 

  1. Select Add Action-> Create -> Select Email and configure as preferred.

 

5th.png

 

auto action.PNG

 

Example configuration in the CLI: 

 

config system automation-trigger
    edit "test"
        set event-type event-log
        set logid 39424
    next
end

config system automation-action
    edit "test_email"
        set action-type email
        set email-to "test@fortinet.com"
        set email-subject "Alert-VPN login successful"
    next
end

config system automation-stitch
    edit "sslvpn login successful"
        set trigger "test"
            config actions
                edit 1
                    set action "test_email"
                    set required enable
                next
            end
    next
end

 

  1. Try to log in to SSL VPN and it will be possible to see the logs under System Events -> VPN events.

 

7th.png

 

8th.png

 

It is possible alternatively to test the automation stitch using the following command:

 

diagnose automation test <name>


To receive email alerts using automation stitch for a specific user, use the following field filter. 

auto SSL VPN stitch.PNG

 

Note:
If the automation stitch is triggered but fails to receive an email alert, refer to Troubleshooting Tip: Email alert or contact Fortinet Support for assistance.
 
Related articles:
Technical Tip: Configure an automation stitch to get an email alert for SSL VPN login failures
Technical Tip: How to limit SSL VPN login attempts and block duration
11286
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.