Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
damianhlozano
Contributor

Created on ‎01-03-2022 10:22 AM

Alert emails for hardware or software events

Hello!

Happy new year!

 

We have many fortigate devices and I was wondering if there is a way to generate an alert email when a hardware or software event appears.

For example:

- CPU utilization above a threshold

- Memory utilization above a threshold

- A service is stopped anormally

 

If I set "Severity based" alerts, with "Critical" we get a lot of messages, many unnecesary for us

If I set "Event based" alerts, I dont have an option for this kind of event.

 

If not, probably, is there a way to change level for some event types?

I have seen a previous post similar to this but without a solution.

 

Thanks in advance.

Regards,

Damián

Damián Lozano
Damián Lozano
Labels:
3610
0 Kudos
1 Solution
jcvm
New Contributor III

Created on ‎01-03-2022 12:49 PM

Hello,

 

Puedes hacer todo lo que mencionas anteriormente utilizando el Trigger (Disparador) asociado a un action (acción) que es la de enviar un correo electrónico personalizado y todo eso se combina en el Stitch.

 

Puedes crear un Trigger (Disparador) para el CPU alto, a continuación en la imagen se muestra donde esta para crearlo:

 

Security Fabric > Automation > Trigger

 

jcvm_0-1641242634716.png

 

Una vez creado lo puedes asociar la acción de enviar correo electrónico.

 

Y asi puedes combinarlo con todo lo mencionado por ti anteriormente.

 

--------------------- ENGLISH ----------------------

 

Hello,

 

You can do everything you mentioned above using the Trigger associated with an action which is to send a personalized email and all of that is combined in the Stitch.

 

You can create a Trigger for the high CPU, below in the image it is shown where it is to create it:

jcvm_0-1641242634716.png

Security Fabric> Automation> Trigger

Once created, you can associate it with the action of sending email.

And so you can combine it with everything mentioned by you above

View solution in original post

3598
4 REPLIES 4
jcvm
New Contributor III

Created on ‎01-03-2022 12:07 PM

Hola,

 

¿Qué versión tienes en tu Fortigate?

 

Read the following link and see if it works for you.

 

https://docs.fortinet.com/document/fortigate/7.0.3/administration-guide/526019/email-alerts

3567
0 Kudos
damianhlozano
Contributor
In response to jcvm

Created on ‎01-03-2022 12:38 PM

Hola estimado!!!!

Muchas gracias por la respuesta!

Tengo varios fortigates con distintas versiones, se implementará esto en los que sea posible.

Estuve leyendo el link que me pasaste, por el lado de las alerts email no veo ninguna solución, en cuanto a los "Automation stitches", eso parecería aplicar, para eso tendría que saber a que corresponde cada evento y tendría que crear uno para cada evento, lo cual es un poco engorroso

¿Sabes si el evento "CPU usage statistics" es el que se genera cuando hay excesivo consumo de CPU?  Es el único que vi con la palabra "CPU"

¿Se te ocurre alguna otra opción?

 

Desde ya muchas gracias.

Saludos,

Damián

Damián Lozano
Damián Lozano
3564
0 Kudos
jcvm
New Contributor III

Created on ‎01-03-2022 12:49 PM

Hello,

 

Puedes hacer todo lo que mencionas anteriormente utilizando el Trigger (Disparador) asociado a un action (acción) que es la de enviar un correo electrónico personalizado y todo eso se combina en el Stitch.

 

Puedes crear un Trigger (Disparador) para el CPU alto, a continuación en la imagen se muestra donde esta para crearlo:

 

Security Fabric > Automation > Trigger

 

jcvm_0-1641242634716.png

 

Una vez creado lo puedes asociar la acción de enviar correo electrónico.

 

Y asi puedes combinarlo con todo lo mencionado por ti anteriormente.

 

--------------------- ENGLISH ----------------------

 

Hello,

 

You can do everything you mentioned above using the Trigger associated with an action which is to send a personalized email and all of that is combined in the Stitch.

 

You can create a Trigger for the high CPU, below in the image it is shown where it is to create it:

jcvm_0-1641242634716.png

Security Fabric> Automation> Trigger

Once created, you can associate it with the action of sending email.

And so you can combine it with everything mentioned by you above

3599
damianhlozano
Contributor

Created on ‎01-03-2022 01:10 PM

Thanks jcvm for your response.

I was finding out the option to create a new trigger, it seems it is only available on 7+ version, however event trigger is included in 6+ version

I think I will use the event trigger to be able to copy this configuration to all fortigates

 

Regards,

Damián

 

Damián Lozano
Damián Lozano
3553
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.