Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Rizio
New Contributor II

Warning Message on bandwidth limit exceeded

Hi all,

it's possible to create an email warning message (on the fortigate or fortianalyzer) when the interface limit has been exceeded over 2 minute?

 

Thank's in advance

Maurizio

1 Solution
KumarV
Staff
Staff

Hello @Rizio 

FortiGate allows you to define custom alert conditions based on various criteria. In this case, you want to trigger an alert when the interface traffic exceeds a certain threshold for more than 2 minutes. You would typically use the FortiGate scripting language, called FortiScript, to create this custom condition. Here's a simplified example:

 

fortiscript

 

In this script, we define a condition that checks if the traffic on a specific interface exceeds a certain threshold for 2 minutes. When this condition is met, it triggers a script that sends an email alert

evenhandler.PNG

Regards

Verender

View solution in original post

9 REPLIES 9
KumarV
Staff
Staff

Hello @Rizio 

FortiGate allows you to define custom alert conditions based on various criteria. In this case, you want to trigger an alert when the interface traffic exceeds a certain threshold for more than 2 minutes. You would typically use the FortiGate scripting language, called FortiScript, to create this custom condition. Here's a simplified example:

 

fortiscript

 

In this script, we define a condition that checks if the traffic on a specific interface exceeds a certain threshold for 2 minutes. When this condition is met, it triggers a script that sends an email alert

evenhandler.PNG

Regards

Verender

Rizio
New Contributor II

Thank you so much KumarV.

Do you think this solution may be applied also in Fortianalyzer, in the event handler section? (to avoid to do it on all my firewalls)

obulareddy
New Contributor III

its is working in fortianalyzer ?

 

ussu
ussu
Rizios

Hello obulareddy,

nope, in my fortianalyzer (7.0.12) doesn't work.

 

Rizio

Rizio
New Contributor II

Hello Verender,

I've been try to implement your script on one fortigate but I'm unable to complete a command.

After "config sys" I don't see "eventhandler" section.

 

Which version of FortiOS you have?

On my fortinet run 6.4.14 and 7.0.12 FortiOS.

 

Regards

Maurizio

obulareddy
New Contributor III

then how you are configured ? 

 

ussu
ussu
Rizios

I don't have configure any warning.

It's impossbile to configure in any fortigate, you MUST have a particular FIPS image.

As fortinet support told me in one support ticket:

 

"The Outbound bandwidth and Inbound bandwidth rate exceeded event will get generated only when FIPS-CC is enabled as per design. 

Only certain versions and model are FIPS-CC certified and the configuration has to be done while the unit is in factory default settings.Browse to support.fortinet.com/Download/FirmwareImages.aspx  for the FIPS-CC-Certified images.
For units where FIPS-CC is not enabled, the above configuration will not work."

 

Rizio


 

obulareddy
New Contributor III

thanks for the replying and it is possible to do it in Forti analyzer latest  version ?

ussu
ussu
Rizios

Hi obulareddy,

I don't know, I don't have tested on my fortianalyzer, sorry.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors