| Description | This article descrines how to use FortiGate automation stitches to trigger FSSO event alert emails. |
| Scope | FortiGate. |
| Solution |
FSSO-related log messages are generated from authentication events. These include user log on and log-off events, and NTLM authentication events.
GUI:
CLI:
config system automation-action
edit "Default Email"
set description "Default automation action configuration for sending an email with basic information on the log event."
set action-type email
set email-to "abc@gmail.com"
set email-subject "FSSO_Disconnect"
next
config system automation-stitch
edit "FSSO_Disconnect"
set trigger "FSSO_Triggers"
config actions
edit 1
set action "Default Email"
set required enable
next
config system automation-trigger
edit "FSSO_Triggers"
set event-type event-log
set logid 43013 43015 43051 43017
next
It is also possible to enable FSSO-disconnect-logs under 'config alertemail setting' to get information over email about FSSO collector agent disconnect.
HUB # config alertemail setting
HUB (setting) # set FSSO-disconnect-logs enable |
