| Description | This article describes the process of getting notification of policy expiry ahead of its scheduled expiry using a one-time schedule. |
| Scope | FortiGate. |
| Solution |
Currently, there is no direct method of getting an alert for policy expiry before its scheduled expiry date. A one-time schedule can be used to achieve this alert notification.
Follow this article to configure policy expiry: Technical Tip: Configuring a Schedule Firewall policy expiration.
In the policy below, expiry is set for 01/01/2026 at 11:59 PM.
Create a one-time schedule with the end date the same as the policy expiry date and enable the 'Pre-expiration event log' option. The name of the above policy is 'Policy1', and this one-time schedule name is set as 'Policy1_Expiry'.
Refer to the article below to see more details about the One-time schedule 'Pre-expiration event log' generation.
Create an Automation action for email alert:
Create an automation stitch combining Trigger and Action:
Based on the one-time schedule, the system event log will be generated 24 hours prior, as shown in the screenshot below.
Upon this event log trigger, an alert will be sent to the configured email address.
 |
