Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
hard2know
New Contributor

Automation stitches and IPS

Is it possible to send IPS logs/alerts to webhook using automation stitches?

I search thru all "Events" in trigger "FortiOS Event Log" and didn't find any events connected to IPS alerts :(

 

1 REPLY 1
nostalia_nse7
New Contributor

Have you looked into the integration with FortiAnalyzer; and whether you can trigger FAZ to cause a "Compromised Host" alert or something?  Sorry haven't played with Stitches much yet.  My use case for IPS Triggers has been having a script parse the email notifications, get the source IPs, then dumping them to a text file on a web server; then using the External List fabric connector to import the addresses into an address object used in a Deny policy ahead of my VIPs / other rules where appropriate.

 

Labels
Top Kudoed Authors