Description
This article describes the steps on how to configure email alerts for config and policy status changes on FortiManager.
Scope
FortiManager. Cannot be done on FortiManager Cloud: Limitations of FortiManager Cloud
Solution
To configure email alerts, the Event Handler feature is used.
Configuration steps by steps
1: Enable FortiAnalyzer feature: Event handler is a FortiAnalyzer feature and hence needs to be enabled.
Under System Settings -> Dashboard -> System Information and Toggle ON for FortiAnalyzer features.
Note: Adding the FortiAnalyzer feature will double the minimum requirements!
3: Under System Settings -> Event logs, events will be seen when config status or policy status is changed.
Both events will be logged under separate log types.
For policy changes you can refer below image:
For config changes you can refer below image:
4: Configure email server: Alerts would be sent using this email server.
Configure it under System Settings -> Mail Server.
5: Create an event handler for both conditions
Under Event Management -> Event Handler list and select 'Create new'.
Event handler for config status changes:
Event handler for policy status changes you can refer below image:
Note: In version 7.4+ first create a "Incident & events > Data selector > Create new" then choose local and use the provided example above. Then use the data selector in the event handler.
6: When there is an event log generated for the status changes and when it matches the events configured in the event handler, there is an email sent with details about the event to the email addresses configured in the notification section.
7.Debugs on the FortiAnalyzer.
The following commands on the FortiAnalyzer will provide more information regarding the SMTP client application.For FortiAnalyzer 7.6 or above, perform a flow capture:
diagnose debug application fazmaild 8
diagnose debug timestamp enable
diagnose debug enable
Related article:
Technical Tip: How to set up Email Notifications with notification.fortinet.net
