Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
zkarimov
Staff
Staff

Created on ‎12-22-2025 10:24 AM

Article Id 424134

Troubleshooting Tip: Automation Stitch notifications not reaching Microsoft Teams Channel

Description This article describes how to troubleshoot an issue where Automation Stitch notifications configured on FortiGate are not appearing in a Microsoft Teams channel.
Scope FortiGate (7.2, 7.4, 7.6), Automation Stitch, Microsoft Teams workflow webhook.
Solution

Microsoft Teams: 

Microsoft Teams workflows can be configured to receive incoming webhooks and post messages to a channel.
The workflow generates a URL that is used as the destination URL in the FortiGate Automation Action.

An example of a generated webhook URL is shown below.

 

https://default1234144eab8edcfc987654c9.48.environment.api.powerplatform.com:443/powerautomate/automations/direct/workflows/fb26eea3d456hgytu822b7adaa99/triggers/manual/paths/invoke?api-version=1&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0&sig=OSznsFS_oi6yq1W4ODCc0o5vOvZzzzZW0ape1JE

 

FortiGate troubleshooting: 

 

Enable debugging for the automation daemon using following CLI commands: 

 

diagnose debug application autod -1
diagnose debug enable

 

Output of the debug command when the event is triggered: 

 

FGT-01 # pid:2083-__handle_msg()-414: Subscriber:4 received package. pubid:0 pkgid:937 pkg_index:0
pid:2083-__handle_pkg_logs()-356: Subscriber:4 processing package size:924 logs:1 pickup:1
pid:2083-__subscr_close_cur_pkg()-140: close package size:924 logs:1
auto_generate_generic_curl_request()-468: Generating generic automation CURL request for action (MSTeams-notification).
auto_generate_generic_curl_request()-525: Generic automation CURL request POST data for action (MSTeams-notification):
{ "text": "date=2025-12-21 time=22:06:34 devid=\"FGVM012345678987\" devname=\"FGT-01\" eventtime=1766383594113832139 tz=\"-0800\" logid=\"0100032001\" type=\"event\" subtype=\"system\" level=\"information\" vd=\"root\" logdesc=\"Admin login successful\" sn=\"1766383594\" user=\"admin\" ui=\"https(172.25.188.102)\" method=\"https\" srcip=172.25.188.102 dstip=10.9.12.72 action=\"login\" status=\"success\" reason=\"none\" profile=\"super_admin\" msg=\"Administrator admin logged in successfully from https(172.25.188.102)\"" }

auto_generate_generic_curl_request()-579: Generic automation CURL request Host header: default1234144eab8edcfc987654c9.48.environment.api.powerplatform.com:443
auto_generate_generic_curl_request()-582: Adding 0 user defined headers
pid:2083-__handle_msg()-414: Subscriber:4 received package. pubid:0 pkgid:938 pkg_index:191
pid:2083-__handle_pkg_logs()-356: Subscriber:4 processing package size:1251 logs:1 pickup:1
pid:2083-__subscr_close_cur_pkg()-140: close package size:1251 logs:1
auto_generic_curl_request_status()-636: Failed to resolve address for: default1234144eab8edcfc987654c9.48.environment.api.powerplatform.com:443
__run_action()-320: Error when running service for stitch:teams-stitch action:MSTeams-notification.

 

Debug output indicates a hostname resolution failure ('Failed to resolve address for ...').
The destination is treated as 'hostname:443' instead of 'hostname', and DNS resolution fails. 

 

Resolution: 

Remove the ':443' portion from the Microsoft Teams webhook URL before configuring the Automation Action.
130
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.