FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
oarslan
Staff
Staff
Description
Microsoft Teams notification actions can be configured to send notifications to channels in Microsoft Teams. 

To trigger the notifications, it is necessary to add an Incoming Webhook connector to a channel in Microsoft Teams, then it is possible to configure the automation stitch with the webhook URL.
Solution
In the following example, an automation stitch will be configured with a Security Rating Summary trigger and two Microsoft Teams notification actions with different notification messages. 
One message is for the Security Rating Summary log, and the other is a custom message with a ten second delay.

To add the Incoming Webhook connector in a Microsoft Teams channel:

1) In Microsoft Teams, select the ... (More options) beside the channel name, and select Connectors.

2) Search for Incoming Webhook and select 'Configure'.

3) Enter a name for the webhook, upload an image for the webhook, and select 'Create'.

4) Copy the webhook to the clipboard and save it.




5) Select 'Done'.

To configure an automation stitch with Microsoft Teams Notification actions in the GUI:
1) Go to Security Fabric > Automation and select 'Create New'.

2) Enter the stitch name.

Configure the Security Rating Summary trigger:

1) Select 'Add Trigger'.

2) Select 'Create' and select 'Security Rating Summary'.

3) Enter a name, and for Report, select Security Posture.





4) Select 'OK'.

5) Select the trigger in the list and select 'Apply'.

Configure the first Microsoft Teams Notification action:

1) Select 'Add Action'.

2) Select 'Create' and select Microsoft Teams Notification.

3) Enter the following:






4) Select 'OK'.

5) Select the action in the list and select 'Apply'.

Configure the second Microsoft Teams Notification action:

1) Select 'Add Action'.

2) Select 'Create' and select Microsoft Teams Notification.

3) Enter the following:






4) Select 'OK'.

5) Select the action in the list and select 'Apply'.

6) Select 'OK'.

7) Trigger the automation stitch:
- Select the automation stitch and select 'Test Automation Stitch'.




After the Security Rating report is finished, the automation is triggered and an event log is created by the FortiGate. 
The two notifications are sent to the Microsoft Teams channel.




To configure an automation stitch with Microsoft Teams notification actions in the CLI:

1) Configure the automation trigger:

# config system automation-trigger
edit "Teams_action"
set event-type security-rating-summary
next
end

2) Configure the automation actions:

# config system automation-action
edit "teams_1"
set action-type microsoft-teams-notification
set message-type text
set message "%%log%%"
set uri "outlook.office.com/webhook/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx@xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/IncomingWebhook/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
next
edit "teams_2"
set action-type microsoft-teams-notification
set delay 10
set message-type text
set message "This is for test."
set uri "outlook.office.com/webhook/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx@xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/IncomingWebhook/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
next
end

3) Configure the automation stitch:

# config system automation-stitch
edit "Teams_action"
set trigger "Teams_action"
set action "teams_1" "teams_2"
next
end

4) Verify that the automation action was triggered:

# diagnose test application autod 3
stitch: Teams_action
local hit: 2 relayed to: 0 relayed from: 0
last trigger:Mon Nov 16 10:28:08 2020
last relay:
actions:
teams_1:
done: 2 relayed to: 0 relayed from: 0
last trigger:Mon Nov 16 10:28:08 2020
last relay:
teams_2:
done: 2 relayed to: 0 relayed from: 0
last trigger:Mon Nov 16 10:28:08 2020
last relay:
logid2stitch mapping:
id:52000 local hit: 22 relayed hits: 0
Teams_action

Contributors