Fortinet black logo

Handbook

Alert email

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:893788
Download PDF

Alert email

As an administrator, you want to be certain you can respond quickly to issues occurring on your network or on the FortiGate unit. Alert emails provide an efficient and direct method of notifying an administrator of events. By configuring alert messages, you can define the threshold when a problem becomes critical and needs attention. When this threshold is reached, the FortiGate unit will send an email to one or more individuals, notifying them of the issue.

In the following example, the FortiGate unit is configured to send email to two administrators (admin1 and admin2) when multiple intrusions are detected every two minutes. The FortiGate unit has its own email address on the mail server.

To configure the email service
  1. Go to System > Advanced.
  2. In the Email Service, enable Use Custom Email Server, complete the following and select Apply:
  3. SMTP Server Enter the address or name of the email server. For example, smtp.example.com.
    Default Reply To Enter an email address to associate with the alert email. This field is optional. If you enter an email address here, it overrides the email address entered when configuring alert email in Log & Report > Email Alert Settings.
    Authentication Enable authentication if required by the email server.
    Security mode Choose between None, SMTPS or STARTTLS
    Port 25
To configure alert email - GUI
  1. Go to Log & Report > Email Alert Settings.
  2. Enter the information:
  3. Email from fortigate@example.com
    Email to admin1@example.com

    admin2@example.com
  4. For the Interval Time, enter 2.
  5. Select Intrusion Detected.
  6. Select Apply.
To configure alert email - CLI

config system email-server

set port 25

set server smtp.example.com

set authenticate enable

set username FortiGate

set password *************

end

config alertemail setting

set username fortigate@example.com

set mailto1 admin1@example.com

set mailto2 admin2@example.com

set filter category

set IPS-logs enable

end

Alert email

As an administrator, you want to be certain you can respond quickly to issues occurring on your network or on the FortiGate unit. Alert emails provide an efficient and direct method of notifying an administrator of events. By configuring alert messages, you can define the threshold when a problem becomes critical and needs attention. When this threshold is reached, the FortiGate unit will send an email to one or more individuals, notifying them of the issue.

In the following example, the FortiGate unit is configured to send email to two administrators (admin1 and admin2) when multiple intrusions are detected every two minutes. The FortiGate unit has its own email address on the mail server.

To configure the email service
  1. Go to System > Advanced.
  2. In the Email Service, enable Use Custom Email Server, complete the following and select Apply:
  3. SMTP Server Enter the address or name of the email server. For example, smtp.example.com.
    Default Reply To Enter an email address to associate with the alert email. This field is optional. If you enter an email address here, it overrides the email address entered when configuring alert email in Log & Report > Email Alert Settings.
    Authentication Enable authentication if required by the email server.
    Security mode Choose between None, SMTPS or STARTTLS
    Port 25
To configure alert email - GUI
  1. Go to Log & Report > Email Alert Settings.
  2. Enter the information:
  3. Email from fortigate@example.com
    Email to admin1@example.com

    admin2@example.com
  4. For the Interval Time, enter 2.
  5. Select Intrusion Detected.
  6. Select Apply.
To configure alert email - CLI

config system email-server

set port 25

set server smtp.example.com

set authenticate enable

set username FortiGate

set password *************

end

config alertemail setting

set username fortigate@example.com

set mailto1 admin1@example.com

set mailto2 admin2@example.com

set filter category

set IPS-logs enable

end