Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kinmun
New Contributor II

Created on ‎05-04-2016 07:14 PM

fortigate alertemail configurations

using cli to configure the alertemail settings, can i configure such that mailto1 received ips alert while mailto2 received all critical alerts ?

 

in the gui, i can only select based on events or serverity for one or many users

3506
0 Kudos
2 REPLIES 2
ede_pfau
SuperUser
SuperUser

Created on ‎05-05-2016 03:39 AM

As far as I know the settings are global, only one setting per system. The only thing you can configure in the CLI is multiple mail recipients.


Ede


"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
982
0 Kudos
emnoc
Esteemed Contributor III
In response to ede_pfau

Created on ‎05-05-2016 08:27 AM

Suggestion

 

If you like hacking around , you could what we did . We used our sendmail relay  and parser to direct alerts from  the mail-relay to the intended email-target.

 

This way you can grep on strings, and direct just that alert to   mailing-list  for mailto:SOC  for IPS security event and  for example all others to  the mailto:NOC team. We had to do this to  keep our NOC from getting what IPS/IDS drive events.

 

But to have the  fortigate  do  this,  is just not doable at this time. Now if you have a PaloAlto PA you have more flexibility on the appliance for this

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
982
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.