Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Handbook

    Home FortiADC 6.0.0 Handbook
    6.0.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.4
    7.1.3
    7.1.2
    7.1.1
    7.1.0
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.6
    6.1.5
    6.1.4
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.1
    6.0.0
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.3.6
    5.3.5
    5.3.4
    5.3.3
    5.3.2
    5.3.1
    5.3.0
    5.2.7

    Creating alert configurations

    Creating alert configurations

    Alert configurations are specific events or metrics that you can monitor. If the alert configurations are triggered, you can define alert actions for them in alert policies. FortiADC comes equipped with a number of default alert configurations; you can further configure these to fit your environment's particular needs.

    To create alert configurations:
    1. Go to System > Alert > Alert and select the Alert Config tab.
    2. Click Create New.
    3. Complete the configuration as described in Alert Config.
    4. Click Save.

    Alert Config
    Settings Guidelines
    Name Specify the name of the alert configuration. You will use the name to select the alert configuration in alert policies.
    Priority

    Set the alert level of the alert configuration:

    • High
    • Middle
    • Low

    The alert level is color-coded and denotes the severity of the alert configuration.
    Rolling Window

    Enable to define a Rolling Window Time and Number of Occurence (see below). The Rolling Window Time sets a period of time in which a number of events must take place before an alert is triggered. The number of events that must take place within this period of time is set in the Number of Occurrences option.

    Note: the Throttle Alert option may override and suppress alerts defined by the rolling window.
    Rolling Window Time Available only when Rolling Window is enabled (see above). Specify the range of time (in seconds) for the rolling window. The valid range is 1–3600.
    Alert Expiry Time

    Specify the time (in seconds) until the alert is no longer active in the web interface. Once the alert expires and is no longer active, it is still visible, but will be grayed out. The valid range is 3600–7776000. The default value is 86400
    Number of Occurrences Availabe only when Rolling Window is enabled (see above). Specify the number of events that must take place before FortiADC will trigger the alert. The valid range is 1–3600. The default value is 1.
    Throttle Alert Specify a range of time (in seconds) in which FortiADC will trigger an alert. Within the range of time, only one alert will trigger after any number of events in the alert configuration occur. The valid range is 1–3600. The default value is 300.
    Description Enter a comments or description of the alert configuration as needed.
    Source Type

    Select either of the options:

    • Event—Select this option to choose an event that triggers the alert.
    • Metric—Select this option to specify the metric that triggers the alert. To use this option, you must configure the Alert Metric Expire Member as described at the end of this section.
    Event Occurs

    Note: This option is available only when Event is selected in the Source Typefield.

    Select the event to be monitored in the alert configuration.

    Note: A brief description of the selected event appears below the drop-down menu box.
    Object

    Note: This option is available when Metric is selected in the Source Type field.

    Select one of the following options:

    • System
    • Virtual Server
    • Interface
    Duration

    Note: This option is available when Metric is selected in the Source Type field.

    Specify the length of time (in seconds) required for a selected "metric" to exist before an alert is triggered.

    Instance

    Note: This option is available only when either Virtual Sever or Interface is selected in the Object field.

    • Virtual Server—Select a virtual server (name) from the drop-down menu.
    • Interface—Select a network interface (port) from the drop-down menu.
    To modify default alert configurations:

    You cannot edit or delete default alert configurations, but you can clone them and create custom alert configurations.

    1. Go to System > Alert > Alert and select the Alert Config tab.
    2. Click the (clone) icon in the row of the default alert configuration that you want to modify.
    3. Complete the configuration as described in Alert Config.
    4. Click Save.
    To add metrics to alert configurations:

    Before you begin, you must create and save an alert configuration in which the Source Type is Metric and the Duration is defined.

    1. Go to System > Alert > Alert.
    2. Select the Alert Config tab
    3. Double-click the alert configuration in the row of the alert configuration that you want to modify.
    4. Set Rolling Window to Off.
    5. Set Source Type to Metric.
    6. Set Object to System. This will open up the Alert Metric Expire Member section all the way below.
    7. In that section, click Create New.
    8. Complete the configuration as described in Add metrics to alert configurations.
    9. Click Save.
    10. Complete Steps 3 through 5 for as many metrics as you want to monitor in an alert configuration.

    Add metrics to alert configurations
    Settings Guidelines
    Name Specify a name for the metric.
    Metric Occurs

    Select among the following metrics that the event configuration will monitor:

    • dev_stats.avg_cpu_usage—total average CPU usage as a percentage of CPU available to the server
    • dev_stats.avg_mem_usage—total average memory usage as a percentage of memory available to the server
    • dev_stats.avg_disk_usage—virtual disk1 capacity usage
    Comparator

    The metric is compared to the Value field according to the selected option:

    • Ge—greater than
    • Le—less than
    • Eq—equal to

    The alert configuration will trigger if the specified value satisfies the selected option.
    Value

    Specify the metric value that the Comparator uses to determine if the metric triggers an alert. Enter the scalar portion of the value.

    For example, if you want to specify 2 milliseconds, 2 is the scalar and milliseconds is the unit of measure. Once the scalar portion of the value is defined, the Vantage web interface will auto-populate the unit portion of the value field based on the metric selected.

    Note: After a metric-object-instance has been specified in an alert, the system will not prohibit you from deleting it in other part of the system configuration. For instance, a port named vlan1 is added in network configuration and then used as a metric-object-instance in an alert. If vlan1 is deleted later on in network configuration, FortiADC will not generate an error message for this action.

    Previous
    Next

    Creating alert configurations

    Creating alert configurations

    Alert configurations are specific events or metrics that you can monitor. If the alert configurations are triggered, you can define alert actions for them in alert policies. FortiADC comes equipped with a number of default alert configurations; you can further configure these to fit your environment's particular needs.

    To create alert configurations:
    1. Go to System > Alert > Alert and select the Alert Config tab.
    2. Click Create New.
    3. Complete the configuration as described in Alert Config.
    4. Click Save.

    Alert Config
    Settings Guidelines
    Name Specify the name of the alert configuration. You will use the name to select the alert configuration in alert policies.
    Priority

    Set the alert level of the alert configuration:

    • High
    • Middle
    • Low

    The alert level is color-coded and denotes the severity of the alert configuration.
    Rolling Window

    Enable to define a Rolling Window Time and Number of Occurence (see below). The Rolling Window Time sets a period of time in which a number of events must take place before an alert is triggered. The number of events that must take place within this period of time is set in the Number of Occurrences option.

    Note: the Throttle Alert option may override and suppress alerts defined by the rolling window.
    Rolling Window Time Available only when Rolling Window is enabled (see above). Specify the range of time (in seconds) for the rolling window. The valid range is 1–3600.
    Alert Expiry Time

    Specify the time (in seconds) until the alert is no longer active in the web interface. Once the alert expires and is no longer active, it is still visible, but will be grayed out. The valid range is 3600–7776000. The default value is 86400
    Number of Occurrences Availabe only when Rolling Window is enabled (see above). Specify the number of events that must take place before FortiADC will trigger the alert. The valid range is 1–3600. The default value is 1.
    Throttle Alert Specify a range of time (in seconds) in which FortiADC will trigger an alert. Within the range of time, only one alert will trigger after any number of events in the alert configuration occur. The valid range is 1–3600. The default value is 300.
    Description Enter a comments or description of the alert configuration as needed.
    Source Type

    Select either of the options:

    • Event—Select this option to choose an event that triggers the alert.
    • Metric—Select this option to specify the metric that triggers the alert. To use this option, you must configure the Alert Metric Expire Member as described at the end of this section.
    Event Occurs

    Note: This option is available only when Event is selected in the Source Typefield.

    Select the event to be monitored in the alert configuration.

    Note: A brief description of the selected event appears below the drop-down menu box.
    Object

    Note: This option is available when Metric is selected in the Source Type field.

    Select one of the following options:

    • System
    • Virtual Server
    • Interface
    Duration

    Note: This option is available when Metric is selected in the Source Type field.

    Specify the length of time (in seconds) required for a selected "metric" to exist before an alert is triggered.

    Instance

    Note: This option is available only when either Virtual Sever or Interface is selected in the Object field.

    • Virtual Server—Select a virtual server (name) from the drop-down menu.
    • Interface—Select a network interface (port) from the drop-down menu.
    To modify default alert configurations:

    You cannot edit or delete default alert configurations, but you can clone them and create custom alert configurations.

    1. Go to System > Alert > Alert and select the Alert Config tab.
    2. Click the (clone) icon in the row of the default alert configuration that you want to modify.
    3. Complete the configuration as described in Alert Config.
    4. Click Save.
    To add metrics to alert configurations:

    Before you begin, you must create and save an alert configuration in which the Source Type is Metric and the Duration is defined.

    1. Go to System > Alert > Alert.
    2. Select the Alert Config tab
    3. Double-click the alert configuration in the row of the alert configuration that you want to modify.
    4. Set Rolling Window to Off.
    5. Set Source Type to Metric.
    6. Set Object to System. This will open up the Alert Metric Expire Member section all the way below.
    7. In that section, click Create New.
    8. Complete the configuration as described in Add metrics to alert configurations.
    9. Click Save.
    10. Complete Steps 3 through 5 for as many metrics as you want to monitor in an alert configuration.

    Add metrics to alert configurations
    Settings Guidelines
    Name Specify a name for the metric.
    Metric Occurs

    Select among the following metrics that the event configuration will monitor:

    • dev_stats.avg_cpu_usage—total average CPU usage as a percentage of CPU available to the server
    • dev_stats.avg_mem_usage—total average memory usage as a percentage of memory available to the server
    • dev_stats.avg_disk_usage—virtual disk1 capacity usage
    Comparator

    The metric is compared to the Value field according to the selected option:

    • Ge—greater than
    • Le—less than
    • Eq—equal to

    The alert configuration will trigger if the specified value satisfies the selected option.
    Value

    Specify the metric value that the Comparator uses to determine if the metric triggers an alert. Enter the scalar portion of the value.

    For example, if you want to specify 2 milliseconds, 2 is the scalar and milliseconds is the unit of measure. Once the scalar portion of the value is defined, the Vantage web interface will auto-populate the unit portion of the value field based on the metric selected.

    Note: After a metric-object-instance has been specified in an alert, the system will not prohibit you from deleting it in other part of the system configuration. For instance, a port named vlan1 is added in network configuration and then used as a metric-object-instance in an alert. If vlan1 is deleted later on in network configuration, FortiADC will not generate an error message for this action.

    Previous
    Next