How do I get Fortigate to email Anomaly alert such as DDoS attack?
I configured DDoS policy and tested flooding attack. It shows the attack in the Anomaly Log. How do I get it to send alerts email? The Automation Stitch doesn't seem to have an Anomaly trigger. FortiOS Event Log Trigger doesn't show Anomaly trigger either. Help!!!
By default, Fortigate does not have an inbuilt email alert for DOS attacks. The functionality requested is currently not supported in Fortigate. The DOS events are logged under Anomaly events and currently, there is no support to trigger mail alerts based on that.
However, u can create an event handler for DDoS logs. It will send an email alert once receive the DDoS log.