Event Handle email notification

niknok236 · ‎11-08-2017

Hello,

I am testing an auto email notification for the event alert that automatically send out an email. SMTP server has been setup and tested successfully; however, the auto email under Event management--> Event Handler List does not seem to generate email. The App control event is enabled. Is there any other settings or logs that I need to check to troubleshoot this issue. Please advise.

Product Model: FortiAnalyzer 3900E

chall_FTNT · ‎11-08-2017

Do you see an event appear under "Event Management >> All Events"?

Only after new incoming logs have matched an event handler will such an event be registered.

Chris Hall
Fortinet Technical Support

niknok236 · ‎11-08-2017

Yes from the "Event Management >> All Events" critical alerts for proxy and botnet shows up. This is the filter I am trying to trigger an email for testing; however, no email was sent out. See config below.

Filters:

Log Type: Traffic Log

Event Category: Application Control

Group By: Application Name

Logs match: Any of the following conditions

Destination Port Equal To 22

Application Category Equal To Remote Access

Application Category Equal To Proxy

Application Category Equal To Botnet

Notifications

Generate alert when at least 1 matches occurred over a period of 30 minutes

Send Alert Email

Please advise,

Thanks

Event Handle email notification

Nominate a Forum Post for Knowledge Article Creation