Help
FortiSOAR Discussions
adem_netsys
Contributor II

Created on ‎01-26-2026 05:05 AM

Sample Audit Log Notify

Hello All,

 

We would like to receive audit log activities via email at specific intervals for specific users. When we tried using a notification rule, it only allowed us to select individual statuses. Has anyone tried this before? We are also open to hearing about any different notification rules you have used.

 

Thanks in advance

48
0 Kudos
3 REPLIES 3
jankit6
Staff
Staff

Created on ‎01-26-2026 05:46 AM

Hello @adem_netsys 

Can you forward the logs using the 'Log Forwarding' option to a syslog server and then perform automation directly from there? Would that help?

Regards,
Ankit Jain | Tech Lead
39
0 Kudos
adem_netsys
Contributor II
In response to jankit6

Created on ‎01-26-2026 06:54 AM

Actually, we can see the audit logs on SOAR. Can't we retrieve them via the API, or if there is an API endpoint, we could use a code snippet?

36
0 Kudos
sahirrao
Staff
Staff

Created on ‎01-27-2026 01:44 AM

Hi @adem_netsys 
Kindly refer to the attached sample playbook, which is expected to satisfy your requirements.

1 Playbook - 01 - Drafts (2026127311).json
16
0 Kudos
Announcements

Welcome to your new FortiSOAR Community!

View More

Labels
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.