Description

This article describes how to configure SMS Notification for incidents.

Scope

FortiSIEM.

Solution

1. Create an email/SMS policy following 'Sending Email and SMS Notifications for Incidents' from the User Guide, indicated in the related documents.
2. When adding an email address for notification, choose either email or SMS as the delivery method. For this option to work, the carrier should support the 'email to text' notification.

• For example, if the recipient is using AT&T Wireless, then use the recipient's 10-digit wireless phone number, followed by @txt.att.net
• For example, 5551234567@txt.att.net. The format for the email-to-text email address is different for the various carriers.

Check whether or not the carrier support this type of service. 

Tips for Effective SMS Alerts:

• Begin with Severity, Incident Category, Incident ID, Time, and Incident Title.
• In the template, keep the Incident detail at last, so this would be truncated or pushed to the next message depending on length
• Adding a subject line in SMS is not recommended and this depends on SMS service provider. 

Related documents:
https://en.wikipedia.org/wiki/SMS_gateway#Carrier_Provided_Email_or_Web_to_SMS_gateways
https://help.fortinet.com/fsiem/5-2-5_ESCG_HTML/FortiSIEM/User-guide/Sending-Email-and-SMS-Notificat...