Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

SSL VPN alert



Would anyone know a method within Fortinet to create an email alert when a specific SSL-VPN portal is logged into?


I have a tried using the security fabric automation on the event 'SSL VPN Tunnel UP' but I cant see a way to specify which tunnel I want the alert for, as we have a few. 


I am running version: 6.4.8


Many thanks,


Hi Team,


As per my knowledge there is no feature for your request.

Lets wait for our team to confirm the same


Hey bw1,

you could certainly do an alert via FortiAnalyzer:

-> you have a lot of filtering options to trigger an alert email being sent, including looking for specific strings in log messages (such as 'logid=0101039424 and user~"<some_user>"')

-> you would have to check what raw log messages you want to trigger the alert exactly


If you don't have a FortiAnalyzer, only a FortiGate, there are additional options in FortiOS 7.0 and higher, I believe:


You could set a field-filter for specific usernames, or a similar criterion.

FortiGate does not log the specific SSLVPN portal a user goes through, though, but portals should be triggered by specific users, so that would probably be a way to go about it.

-> you would need to find something in the VPN logs that is unique to that specific portal being accessed (such as the username)

-> you could then create a handler on FortiAnalyzer or an automation stitch on FortiGate to trigger on VPN tunnel-up log coupled with that specific username.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
Top Kudoed Authors