Alert email

Alert email

As an administrator, you want to be certain you can respond quickly to issues occurring on your network or on the FortiGate unit. Alert emails provide an efficient and direct method of notifying an administrator of events. By configuring alert messages, you can define the threshold when a problem becomes critical and needs attention. When this threshold is reached, the FortiGate unit will send an email to one or more individuals, notifying them of the issue.

In the following example, the FortiGate unit is configured to send email to two administrators (admin1 and admin2) when multiple intrusions are detected every two minutes. The FortiGate unit has its own email address on the mail server.

 

To configure the email service

1. Go to System > Config > Advanced.

2. In the Email Service, complete the following and select Apply:

SMTP Server                              Enter the address or name of the email server. For example, smt- p.example.com.

Default Reply To                       Enter an email address to associate with the alert email. This field is optional. If you enter an email address here, it overrides the email address entered when configuring alert email in Log & Report > Alert E-mail.

Authentication                           Enable authentication if required by the email server.

Security mode                           Choose between None, SMTPS or STARTTLS

Port                                             25

 

To configure alert email – web-based manager

1. Go to Log & Report > Log Config > Alert E-mail.

2. Enter the information:

Email from                                 fortigate@example.com

Email to                                      admin1@example.com admin2@example.com

3. For the Interval Time, enter 2.

4. Select Intrusion Detected.

5. Select Apply.

 

To configure alert email – CLI

config system email-server set port 25

set server smtp.example.com set authenticate enable

set username FortiGate

set password *************

end

config alertemail setting

set username fortigate@example.com set mailto1 admin1@example.com

set mailto2 admin2@example.com set filter category

set IPS-logs enable end

This entry was posted in FortiOS, FortiOS 5.4 Handbook and tagged , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.