Fortinet black logo

Administration Guide

Slack notification action

Slack notification action

To configure the automation stitch, create an incoming webhook in Slack, and then enter the webhook URL in the corresponding field of the notification action in FortiGate.

To create an incoming webhook in Slack:
  1. Go to the Slack website, and create a workspace.
  2. Create a Slack application for the workspace.

  3. Add an Incoming Webhook to a channel in the workspace.
  4. Activate the Incoming Webhook, and record the Webhook URL.

For information about using incoming webhooks in Slack, see https://api.slack.com/incoming-webhooks.

To configure a Slack notification in the GUI:
  1. Go to Security Fabric > Automation.
  2. Choose an automation stitch, and click Edit.
  3. Select Slack Notification, and configure the notification settings.

    NameEnter a name for the notification.
    DelayEnter the number of seconds to delay the notification after the previous action is triggered.
    URLEnter the Webhook URL you recorded when you created the incoming webhook in Slack.
    Message

    Take one of the following actions:

    • Configure the message parameters. Click % to view a description of the available parameters.
    • Enter the message to display in the Slack channel.
  4. (Optional) Click the plus (+) sign to add another action.
  5. Click OK.
  6. Run the automation stitch to trigger the action.
To configure a Slack notification in the CLI:
  1. Add the webhook URL the Slack notification action:

    config system automation-action

    edit "slack1"

    set action-type slack-notification

    set minimum-interval 0

    set delay 0

    set required disable

    set message "This is test for slack notification."

    set uri "hooks.slack.com/services/xxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx"

    next

    edit "slack2"

    set action-type slack-notification

    set minimum-interval 0

    set delay 90

    set required disable

    set message "%%log%%"

    set uri "hooks.slack.com/services/xxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx"

    next

    end

  2. Create the trigger for the notification:

    config system automation-trigger

    edit "auto-rating"

    set trigger-type event-based

    set event-type security-rating-summary

    next

    end

  3. Configure the action for the trigger:

    config system automation-stitch

    edit "auto-rating"

    set status enable

    set trigger "auto-rating"

    set action "slack1" "slack2"

    next

    end

  4. Trigger the notification.

The notification action is triggered in FortiGate.

The message you entered in the automation stitch is delivered to the Slack channel.

Slack notification action

To configure the automation stitch, create an incoming webhook in Slack, and then enter the webhook URL in the corresponding field of the notification action in FortiGate.

To create an incoming webhook in Slack:
  1. Go to the Slack website, and create a workspace.
  2. Create a Slack application for the workspace.

  3. Add an Incoming Webhook to a channel in the workspace.
  4. Activate the Incoming Webhook, and record the Webhook URL.

For information about using incoming webhooks in Slack, see https://api.slack.com/incoming-webhooks.

To configure a Slack notification in the GUI:
  1. Go to Security Fabric > Automation.
  2. Choose an automation stitch, and click Edit.
  3. Select Slack Notification, and configure the notification settings.

    NameEnter a name for the notification.
    DelayEnter the number of seconds to delay the notification after the previous action is triggered.
    URLEnter the Webhook URL you recorded when you created the incoming webhook in Slack.
    Message

    Take one of the following actions:

    • Configure the message parameters. Click % to view a description of the available parameters.
    • Enter the message to display in the Slack channel.
  4. (Optional) Click the plus (+) sign to add another action.
  5. Click OK.
  6. Run the automation stitch to trigger the action.
To configure a Slack notification in the CLI:
  1. Add the webhook URL the Slack notification action:

    config system automation-action

    edit "slack1"

    set action-type slack-notification

    set minimum-interval 0

    set delay 0

    set required disable

    set message "This is test for slack notification."

    set uri "hooks.slack.com/services/xxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx"

    next

    edit "slack2"

    set action-type slack-notification

    set minimum-interval 0

    set delay 90

    set required disable

    set message "%%log%%"

    set uri "hooks.slack.com/services/xxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx"

    next

    end

  2. Create the trigger for the notification:

    config system automation-trigger

    edit "auto-rating"

    set trigger-type event-based

    set event-type security-rating-summary

    next

    end

  3. Configure the action for the trigger:

    config system automation-stitch

    edit "auto-rating"

    set status enable

    set trigger "auto-rating"

    set action "slack1" "slack2"

    next

    end

  4. Trigger the notification.

The notification action is triggered in FortiGate.

The message you entered in the automation stitch is delivered to the Slack channel.