fortigate alertemail configurations

kinmun · ‎05-04-2016

using cli to configure the alertemail settings, can i configure such that mailto1 received ips alert while mailto2 received all critical alerts ?

in the gui, i can only select based on events or serverity for one or many users

ede_pfau · ‎05-05-2016

As far as I know the settings are global, only one setting per system. The only thing you can configure in the CLI is multiple mail recipients.

Ede Kernel panic: Aiee, killing interrupt handler!

emnoc · ‎05-05-2016

Suggestion

If you like hacking around , you could what we did . We used our sendmail relay and parser to direct alerts from the mail-relay to the intended email-target.

This way you can grep on strings, and direct just that alert to mailing-list for mailto:SOC for IPS security event and for example all others to the mailto:NOC team. We had to do this to keep our NOC from getting what IPS/IDS drive events.

But to have the fortigate do this, is just not doable at this time. Now if you have a PaloAlto PA you have more flexibility on the appliance for this

PCNSE

NSE

StrongSwan

fortigate alertemail configurations

Nominate a Forum Post for Knowledge Article Creation