Automation stitches automate the activities between the different components in the Security Fabric, decreasing the response times to security events. Events from any source in the Security Fabric can be monitored, and action responses can be set up to any destination.
Automation stitches can also be used on FortiGate devices that are not part of a Security Fabric.
Automation stitches that use cloud-based actions, such as AWS Lambda and Azure Function, have the option to delay an action after the previous action is completed.
An automation stitch consists of two parts, the trigger and the actions. The trigger is the condition or event on the FortiGate that activates the action, for example, a specific log, or a failed log in attempt. The action is what the FortiGate does in response to the trigger.
Diagnose commands are available in the CLI to test, log, and display the history and settings of stitches.
Automation stitches can only be created on the root FortiGate in a Security Fabric.