Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
nbctcp
New Contributor III

Created on ‎01-13-2023 06:36 PM Edited on ‎01-13-2023 11:41 PM

Telegram notification

SW INFO:
-pnetlab 5.2.7
-fortigate qcow eval license
 

 

I am following above links to set notification in telegram if admin login

I can send manually from linux to telegram

# curl --request 'POST'https://api.telegram.org/bot5962153123:AAHf7wKYu7dhheSiLc580pC4G-LUmEvOSLA/sendMessage -H 'Content-Type:application/json' -d '{"chat_id":"-759260123","text":"coba2"}' 
 
CONFIG:
config system automation-action
edit "telegram"
set action-type webhook
set protocol https
set uri "api.telegram.org/bot5962153123:AAHf7wKYu7dhheSiLc580pC4G-LUmEvOSLA/sendMessage"
set http-body "{\"chat_id\":\"-759260123\",\"text\":\"%%msg%%\"}"
set port 443
set headers "Content-Type:application/json"
set verify-host-cert enable
next
end
 
STATUS:
-I can see System Event shown "Automation stitch triggered" but nothing happen in my telegram
 
?
1. can I test using fortigate 7.2 eval license in pnetlab
 
tq
 
UPDATE1:
-with real 80D I can get notif in telegram
that mean I can't test webhook in vm eval license

http://goo.gl/lhQjmU
http://nbctcp.wordpress.com

 

Labels:
625
0 Kudos
1 Solution
pminarik
Staff
Staff

Created on ‎01-16-2023 01:49 AM

Just an educated guess: Make a packet capture of traffic going to the api.telegram.org address, and then check the pcap. Pay attention to the TLS handshake first.

The trial VMs are known to have severely restricted crypto algorithms, to the point of being unfit for modern use. While an exception has been made for incoming admin access and FortiManager communication (ref ), I would assume that outgoing stitches are still bound by these restrictions. The pcap should allow you to verify this - if the TLS handshake is failing due to no crypto match, that's it.

[ corrections always welcome ]

View solution in original post

588
0 Kudos
1 REPLY 1
pminarik
Staff
Staff

Created on ‎01-16-2023 01:49 AM

Just an educated guess: Make a packet capture of traffic going to the api.telegram.org address, and then check the pcap. Pay attention to the TLS handshake first.

The trial VMs are known to have severely restricted crypto algorithms, to the point of being unfit for modern use. While an exception has been made for incoming admin access and FortiManager communication (ref ), I would assume that outgoing stitches are still bound by these restrictions. The pcap should allow you to verify this - if the TLS handshake is failing due to no crypto match, that's it.

[ corrections always welcome ]
589
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.