Description
This article describes how to use automation stitches to automatically send alert emails for specific events.
For more information:
- FortiGate handbook section on Automation Stitches is available here.
- FortiGate handbook on alert emails in general is available here.
Solution
FortiOS 6.0 introduces Automation Stitches as part of the Security Fabric. Automation Stitches can be used to automate certain actions in response to certain triggers.
This includes sending alert emails in response to specific events and allows for far more granular log-based alerting that Alert Emails configured under Log & Report.
Automation stitches for alert emails can be configured as follows:
1) Create a new Automation Stitch: Go to Security Fabric -> Automation and click on ‘Create New’.
2) Assign a name, select Trigger ‘Event Log’, and Action ‘Email’. Optionally, decide on which FortiGates in the Fabric should have the Automation stitch.
3) Select the proper event log that should trigger the alert, and select where the email should be sent (and with what subject), then save.
4) The FortiGate will now send an email when the trigger event log is generated.
Note: For the alert email to be sent when the Automation stitch is triggered, an Email server needs to be configured under System -> Advanced. On how to configure this, please check the ‘To configure email server’ section here.
5) From CLI:
# config system automation-action
edit <action-name>
set action-type email
set email-from <Email sender name>
set email-to <email-address>
set email-subject <subject-name>
set minimum-interval <seconds>
next
end
Related documents:
