Fortinet black logo

New Features

Microsoft Teams Notification action

Copy Link
Copy Doc ID 4f6cd3c1-22cb-11eb-96b9-00505692583a:72623
Download PDF

Microsoft Teams Notification action

Microsoft Teams Notification actions can be configured to send notifications to channels in Microsoft Teams. To trigger the notifications, you need to add an Incoming Webhook connector to a channel in Microsoft Teams, then you can configure the automation stitch with the webhook URL.

In the following example, you will configure an automation stitch with a Security Rating Summary trigger and two Microsoft Teams Notification actions with different notification messages. One message is for the Security Rating Summary log, and the other is a custom message with a ten second delay.

To add the Incoming Webhook connector in a Microsoft Teams channel:
  1. In Microsoft Teams, click the ... (More options) beside the channel name, and select Connectors.
  2. Search for Incoming Webhook and click Configure.
  3. Enter a name for the webhook, upload an image for the webhook, and click Create.
  4. Copy the webhook to the clipboard and save it.

  5. Click Done.
To configure an automation stitch with Microsoft Teams Notification actions in the GUI:
  1. Go to Security Fabric > Automation and click Create New.
  2. Enter the stitch name.
  3. Configure the Security Rating Summary trigger:
    1. Click Add Trigger.
    2. Click Create and select Security Rating Summary.
    3. Enter a name, and for Report, select Security Posture.

    4. Click OK.
    5. Select the trigger in the list and click Apply.
  4. Configure the first Microsoft Teams Notification action:
    1. Click Add Action.
    2. Click Create and select Microsoft Teams Notification.
    3. Enter the following:

      Name

      teams_1

      URL

      Paste the webhook URI from the clipboard

      Message

      Text

      Message text

      %%log%%

    4. Click OK.
    5. Select the action in the list and click Apply.
  5. Configure the second Microsoft Teams Notification action:
    1. Click Add Action.
    2. Click Create and select Microsoft Teams Notification.
    3. Enter the following:

      Name

      teams_2

      Delay

      10

      URL

      Paste the webhook URI from the clipboard

      Message

      Text

      Message text

      This is for test.

    4. Click OK.
    5. Select the action in the list and click Apply.
  6. Click OK.
  7. Trigger the automation stitch:
    1. Right-click the automation stitch and select Test Automation Stitch.

      After the Security Rating report is finished, the automation is triggered and an event log is created by the FortiGate. The two notifications are sent to the Microsoft Teams channel.

To configure an automation stitch with Microsoft Teams Notification actions in the CLI:
  1. Configure the automation trigger:

    config system automation-trigger

    edit "Teams_action"

    set event-type security-rating-summary

    next

    end

  2. Configure the automation actions:

    config system automation-action

    edit "teams_1"

    set action-type microsoft-teams-notification

    set message-type text

    set message "%%log%%"

    set uri "outlook.office.com/webhook/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx@xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/IncomingWebhook/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

    next

    edit "teams_2"

    set action-type microsoft-teams-notification

    set delay 10

    set message-type text

    set message "This is for test."

    set uri "outlook.office.com/webhook/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx@xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/IncomingWebhook/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

    next

    end

  3. Configure the automation stitch:

    config system automation-stitch

    edit "Teams_action"

    set trigger "Teams_action"

    set action "teams_1" "teams_2"

    next

    end

  4. Verify that the automation action was triggered:

    # diagnose test application autod 3

    stitch: Teams_action

    local hit: 2 relayed to: 0 relayed from: 0

    last trigger:Mon Nov 16 10:28:08 2020

    last relay:

    actions:

    teams_1:

    done: 2 relayed to: 0 relayed from: 0

    last trigger:Mon Nov 16 10:28:08 2020

    last relay:

    teams_2:

    done: 2 relayed to: 0 relayed from: 0

    last trigger:Mon Nov 16 10:28:08 2020

    last relay:

    logid2stitch mapping:

    id:52000 local hit: 22 relayed hits: 0

    Teams_action

Microsoft Teams Notification action

Microsoft Teams Notification actions can be configured to send notifications to channels in Microsoft Teams. To trigger the notifications, you need to add an Incoming Webhook connector to a channel in Microsoft Teams, then you can configure the automation stitch with the webhook URL.

In the following example, you will configure an automation stitch with a Security Rating Summary trigger and two Microsoft Teams Notification actions with different notification messages. One message is for the Security Rating Summary log, and the other is a custom message with a ten second delay.

To add the Incoming Webhook connector in a Microsoft Teams channel:
  1. In Microsoft Teams, click the ... (More options) beside the channel name, and select Connectors.
  2. Search for Incoming Webhook and click Configure.
  3. Enter a name for the webhook, upload an image for the webhook, and click Create.
  4. Copy the webhook to the clipboard and save it.

  5. Click Done.
To configure an automation stitch with Microsoft Teams Notification actions in the GUI:
  1. Go to Security Fabric > Automation and click Create New.
  2. Enter the stitch name.
  3. Configure the Security Rating Summary trigger:
    1. Click Add Trigger.
    2. Click Create and select Security Rating Summary.
    3. Enter a name, and for Report, select Security Posture.

    4. Click OK.
    5. Select the trigger in the list and click Apply.
  4. Configure the first Microsoft Teams Notification action:
    1. Click Add Action.
    2. Click Create and select Microsoft Teams Notification.
    3. Enter the following:

      Name

      teams_1

      URL

      Paste the webhook URI from the clipboard

      Message

      Text

      Message text

      %%log%%

    4. Click OK.
    5. Select the action in the list and click Apply.
  5. Configure the second Microsoft Teams Notification action:
    1. Click Add Action.
    2. Click Create and select Microsoft Teams Notification.
    3. Enter the following:

      Name

      teams_2

      Delay

      10

      URL

      Paste the webhook URI from the clipboard

      Message

      Text

      Message text

      This is for test.

    4. Click OK.
    5. Select the action in the list and click Apply.
  6. Click OK.
  7. Trigger the automation stitch:
    1. Right-click the automation stitch and select Test Automation Stitch.

      After the Security Rating report is finished, the automation is triggered and an event log is created by the FortiGate. The two notifications are sent to the Microsoft Teams channel.

To configure an automation stitch with Microsoft Teams Notification actions in the CLI:
  1. Configure the automation trigger:

    config system automation-trigger

    edit "Teams_action"

    set event-type security-rating-summary

    next

    end

  2. Configure the automation actions:

    config system automation-action

    edit "teams_1"

    set action-type microsoft-teams-notification

    set message-type text

    set message "%%log%%"

    set uri "outlook.office.com/webhook/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx@xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/IncomingWebhook/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

    next

    edit "teams_2"

    set action-type microsoft-teams-notification

    set delay 10

    set message-type text

    set message "This is for test."

    set uri "outlook.office.com/webhook/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx@xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/IncomingWebhook/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

    next

    end

  3. Configure the automation stitch:

    config system automation-stitch

    edit "Teams_action"

    set trigger "Teams_action"

    set action "teams_1" "teams_2"

    next

    end

  4. Verify that the automation action was triggered:

    # diagnose test application autod 3

    stitch: Teams_action

    local hit: 2 relayed to: 0 relayed from: 0

    last trigger:Mon Nov 16 10:28:08 2020

    last relay:

    actions:

    teams_1:

    done: 2 relayed to: 0 relayed from: 0

    last trigger:Mon Nov 16 10:28:08 2020

    last relay:

    teams_2:

    done: 2 relayed to: 0 relayed from: 0

    last trigger:Mon Nov 16 10:28:08 2020

    last relay:

    logid2stitch mapping:

    id:52000 local hit: 22 relayed hits: 0

    Teams_action