Hi all ¡¡ I'm trying to configure an email alert when WAN2 interface from my fortigate with 7.0.11 goes dow, but its not working. Probably I'm forgetting some steps or doing something wrong.
This is the article:
Technical Tip: E-mail alert when WAN interface wen... - Fortinet Community
I attach you my trigger, action and stich. I have tried it using the LOG ID 22922 as in the example. Cause it doesn't work I've noticed that the event ID changes in my FW (I attach you an image). I've changed it.
Finally I attach you my mail server configuration (default configuration).
What am I doing wrong? The mail doesn't arrive (I've checked the spam folder).
Thanks ¡¡
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @fortimaster,
You Field filter is wrong. Please try the following and test again.
config system automation-trigger
edit "Link wan down"
set event-type event-log
set logid 20099
config fields
edit 1
set name "Message"
set value "Link monitor: Interface wan2 was turned down"
next
end
next
end
Regards,
Hi FortiMaster
Did you test your mail configuration?
diagnose log alertmail test
If you don't receive a test mail then you have first to fix your mail configuration.
Thanks for your help.
Initially, the test mail didn't work. If I configure this it works:
config alertemail setting
set username "test@test.es"
set mailto1 "testmail1@hotmail.com"
I've received a mail with "empty body":
Alert Mail Test
Message body (log level = 1):
1st Line
2nd Line
(2024-01-15 22:21:03)
But the automation stitch doesn't send mail. It has 0 trigger count and with a debug to check the sent mails I can see that the FW doesn't send mail when I turn down the interface.
Maybe cause I turn it downs manually?
Thanks ¡¡
Solved ¡¡
It didn't works cause the interface filter was wrong. If I delete in the automation-trigger filter "wan2" it works perfectly. I don't know the cause, but I'm not worried cause I want to "monitorice" all interfaces.
The alertmail settings are not needed (its needed to test mail). Thanks for your help ¡¡¡
Hi @fortimaster,
You Field filter is wrong. Please try the following and test again.
config system automation-trigger
edit "Link wan down"
set event-type event-log
set logid 20099
config fields
edit 1
set name "Message"
set value "Link monitor: Interface wan2 was turned down"
next
end
next
end
Regards,
Information anyone needs it on future. Set name "msg" works, with "Message" it not works.
Thanks ''
You're right. I had just written that it is because of the filter but I didn't know why, thank you very much.
Even if you try this Log ID 20090 it's still not working? https://docs.fortinet.com/document/fortigate/7.0.11/fortios-log-message-reference/20090/20090-log-id...
Thanks Ricky , the problem is solved. The filter "wan2" was wrong and the action didn't match the link down.
Thanks to all ¡¡
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.