Trigger Event on the FortiGate from and Event Handler for FortiMail on the FortiAnalyzer
I currently have event triggers working on the FortiGate to ban IP's when the event handler on the FortiAnalyzer sees a matching event from the FortiGate. I also have an alert working within FortiAnalyzer for FortiMail when the event handler sees a matching event from the FortiMail.
I recall reading somewhere, when the FortiGate Event Handler is triggered, it only notifies the device from where it originated, which explains why I cannot get it to trigger on the FortiGate since it originated from FortiMail.
I'm trying to determine how I can ban an IP on the FortiGate from and event captured on the FortiMail using FortiAnalyzer. Is this possible? Has anyone done anything similar?
NOTE: In the images below, I have email alert configured instead ban IP for testing purposes.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.