Automation stitches automate the activities between the different components in the Security Fabric, which decreases the response times to security events. Events from any source in the Security Fabric can be monitored, and action responses can be set up to any destination.
Automation stitches can also be used on FortiGate devices that are not part of a Security Fabric.
An automation stitch consists of two parts: the trigger and the actions. The trigger is the condition or event on the FortiGate that activates the action, for example, a specific log, or a failed log in attempt. The action is what the FortiGate does in response to the trigger.
Automation stitches that use cloud-based actions (AWS Lambda, Azure Function, Google Cloud Function, and AliCloud Function) have the option to delay an action after the previous action is completed.
Diagnose commands are available in the CLI to test, log, and display the stitch history and settings.
Automation stitches can only be created on the root FortiGate in a Security Fabric.