Fortinet black logo

CLI Reference

log email policy

log email-policy

Use this command to create an email policy. An email policy identifies email recipients, email address, email connection requirements and authentication information, if required.

You can configure multiple email policies and apply those policies as required in different situations. The FortiWeb appliance can be configured to send email for different situations, such as to alert administrators when certain system events or rule violations occur, or when log reports are available for distribution.

To use this command, your administrator account’s access control profile must have either w or rw permission to the loggrp area. For details, see Permissions.

Syntax

config log email-policy

edit "<email-policy_name>"

set mailfrom "<address_str>"

set mailto1 "<recipient_email>"

set mailto2 "<recipient_email>"

set mailto3 "<recipient_email>"

set smtp-server {"<smtp_ipv4>" | "<smtpfqdn>"}

set smtp-port <smtp-port_int>

set smtp-auth {enable | disable}

set smtp-username "<auth_str>"

set smtp-password "<password_str>"

set severity {alert | critical | debug | emergency | error | information | notification | warning}

set interval <interval_int>

set connection-security {NONE | STARTTLS | SSL/TLS}

set send-email-based-on-interval-time {enable | disable}

set company-logo "<company-logo_str>"

set company-name "<company-name_str>"

next

end


Variable Description Default

"<email-policy_name>"

Enter the name of an email policy. The maximum length is 63 characters. No default.

mailfrom "<address_str>"

Enter the sender email address, such as FortiWeb@example.com, that the FortiWeb appliance will use when sending email. The maximum length is 63 characters. No default.

mailto1 "<recipient_email>"

Enter the email address of the first recipient, such as admin@example.com, to which the FortiWeb appliance will send email. You must enter one email address for alert email to function. The maximum length is 63 characters. No default.

mailto2 "<recipient_email>"

Enter the email address of the second recipient, if any, to which the FortiWeb appliance will send alert email. The maximum length is 63 characters. No default.

mailto3 "<recipient_email>"

Enter the email address of the third recipient, if any, to which the FortiWeb appliance will send alert email. The maximum length is 63 characters. No default.

smtp-server {"<smtp_ipv4>" | "<smtpfqdn>"}

Enter the IP address or fully qualified domain name (FQDN) of the SMTP server, such as mail.example.com, that the FortiWeb appliance can use to send email. The maximum length is 63 characters. No default.

smtp-port <smtp-port_int>

Enter the port on the SMTP server that listens for alerts and generated reports from FortiWeb.

The valid range is 1–65,535.

25

smtp-auth {enable | disable}

Enable if the SMTP server requires authentication. Also enable if authentication is not required but is available and you want the FortiWeb appliance to authenticate. disable

smtp-username "<auth_str>"

If you enable smtp-auth {enable | disable}, enter the user name that the FortiWeb appliance will use to authenticate itself with the SMTP relay. The maximum length is 63 characters.

This field is available only if you enable smtp-auth {enable | disable}.

No default.

smtp-password "<password_str>"

If you enable smtp-auth {enable | disable}, enter the password that corresponds with the user name.

This field is available only if you enable smtp-auth {enable | disable}.

No default.

severity {alert | critical | debug | emergency | error | information | notification | warning}

Select the severity threshold that log messages must meet or exceed in order to cause an email alert. emergency

interval <interval_int>

Enter the number of minutes FortiWeb waits to send an additional alert if an alert condition of the specified severity level continues to occur after the initial alert.

The valid range is 1–2,147,483,647.

1

connection-security {NONE | STARTTLS | SSL/TLS}

Select one of the following options:

  • NONEFortiWeb applies no security protocol to email.
  • STARTTLS—Encrypts the connection to the SMTP server using STARTTLS.
  • SSL/TLS—Encrypts the connection to the SMTP server using SSL/TLS.
NONE

send-email-based-on-interval-time {enable | disable}

Enable/disable sending emails by interval time. No default.

company-logo "<company-logo_str>"

Set the company logo in the email policy by entering a Base64 string (base64 encoding) of the image. Only JPG format is supported. Size limit is 36 KB.

You are strongly recommended to upload a company logo through the FortiWeb GUI.

No default.

company-name "<company-name_str>"

Set the company name in the email policy. The maximum length is 63 characters. No default.

Example

This example creates email policy for use in multiple situations. When the email policy is attached to rule violations or log reports, FortiWeb sends an email from fortiweb@example.com, to admin@example.com and analysis@example.com, using an SMTP server mail.example.com. The SMTP server requires authentication. The FortiWeb appliance authenticates as fortiweb when connecting to the SMTP server.

FortiWeb logs messages more severe than a notification. As long as events continue to trigger notification-level log messages, FortiWeb sends an alert email every 10 minutes. (Log messages of other severity levels trigger alert email at their default intervals.) All the related log messages will be attached to the emails in ZIP format.

When the configuration is complete, log in to the web UI to send a sample alert email to test the configuration and the email system.

config log email-policy

edit "Email_Policy1"

set mailfrom "fortiweb@example.com"

set mailto1 "admin@example.com"

set mailto2 "analysis@example.com"

set smtp-server "mail.example.com"

set smtp-auth enable

set smtp-username "fortiweb"

set smtp-password "fortiWebPassworD2"

set severity notification

set interval 10

set attach-compression enable

next

end

Related topics

log email-policy

Use this command to create an email policy. An email policy identifies email recipients, email address, email connection requirements and authentication information, if required.

You can configure multiple email policies and apply those policies as required in different situations. The FortiWeb appliance can be configured to send email for different situations, such as to alert administrators when certain system events or rule violations occur, or when log reports are available for distribution.

To use this command, your administrator account’s access control profile must have either w or rw permission to the loggrp area. For details, see Permissions.

Syntax

config log email-policy

edit "<email-policy_name>"

set mailfrom "<address_str>"

set mailto1 "<recipient_email>"

set mailto2 "<recipient_email>"

set mailto3 "<recipient_email>"

set smtp-server {"<smtp_ipv4>" | "<smtpfqdn>"}

set smtp-port <smtp-port_int>

set smtp-auth {enable | disable}

set smtp-username "<auth_str>"

set smtp-password "<password_str>"

set severity {alert | critical | debug | emergency | error | information | notification | warning}

set interval <interval_int>

set connection-security {NONE | STARTTLS | SSL/TLS}

set send-email-based-on-interval-time {enable | disable}

set company-logo "<company-logo_str>"

set company-name "<company-name_str>"

next

end


Variable Description Default

"<email-policy_name>"

Enter the name of an email policy. The maximum length is 63 characters. No default.

mailfrom "<address_str>"

Enter the sender email address, such as FortiWeb@example.com, that the FortiWeb appliance will use when sending email. The maximum length is 63 characters. No default.

mailto1 "<recipient_email>"

Enter the email address of the first recipient, such as admin@example.com, to which the FortiWeb appliance will send email. You must enter one email address for alert email to function. The maximum length is 63 characters. No default.

mailto2 "<recipient_email>"

Enter the email address of the second recipient, if any, to which the FortiWeb appliance will send alert email. The maximum length is 63 characters. No default.

mailto3 "<recipient_email>"

Enter the email address of the third recipient, if any, to which the FortiWeb appliance will send alert email. The maximum length is 63 characters. No default.

smtp-server {"<smtp_ipv4>" | "<smtpfqdn>"}

Enter the IP address or fully qualified domain name (FQDN) of the SMTP server, such as mail.example.com, that the FortiWeb appliance can use to send email. The maximum length is 63 characters. No default.

smtp-port <smtp-port_int>

Enter the port on the SMTP server that listens for alerts and generated reports from FortiWeb.

The valid range is 1–65,535.

25

smtp-auth {enable | disable}

Enable if the SMTP server requires authentication. Also enable if authentication is not required but is available and you want the FortiWeb appliance to authenticate. disable

smtp-username "<auth_str>"

If you enable smtp-auth {enable | disable}, enter the user name that the FortiWeb appliance will use to authenticate itself with the SMTP relay. The maximum length is 63 characters.

This field is available only if you enable smtp-auth {enable | disable}.

No default.

smtp-password "<password_str>"

If you enable smtp-auth {enable | disable}, enter the password that corresponds with the user name.

This field is available only if you enable smtp-auth {enable | disable}.

No default.

severity {alert | critical | debug | emergency | error | information | notification | warning}

Select the severity threshold that log messages must meet or exceed in order to cause an email alert. emergency

interval <interval_int>

Enter the number of minutes FortiWeb waits to send an additional alert if an alert condition of the specified severity level continues to occur after the initial alert.

The valid range is 1–2,147,483,647.

1

connection-security {NONE | STARTTLS | SSL/TLS}

Select one of the following options:

  • NONEFortiWeb applies no security protocol to email.
  • STARTTLS—Encrypts the connection to the SMTP server using STARTTLS.
  • SSL/TLS—Encrypts the connection to the SMTP server using SSL/TLS.
NONE

send-email-based-on-interval-time {enable | disable}

Enable/disable sending emails by interval time. No default.

company-logo "<company-logo_str>"

Set the company logo in the email policy by entering a Base64 string (base64 encoding) of the image. Only JPG format is supported. Size limit is 36 KB.

You are strongly recommended to upload a company logo through the FortiWeb GUI.

No default.

company-name "<company-name_str>"

Set the company name in the email policy. The maximum length is 63 characters. No default.

Example

This example creates email policy for use in multiple situations. When the email policy is attached to rule violations or log reports, FortiWeb sends an email from fortiweb@example.com, to admin@example.com and analysis@example.com, using an SMTP server mail.example.com. The SMTP server requires authentication. The FortiWeb appliance authenticates as fortiweb when connecting to the SMTP server.

FortiWeb logs messages more severe than a notification. As long as events continue to trigger notification-level log messages, FortiWeb sends an alert email every 10 minutes. (Log messages of other severity levels trigger alert email at their default intervals.) All the related log messages will be attached to the emails in ZIP format.

When the configuration is complete, log in to the web UI to send a sample alert email to test the configuration and the email system.

config log email-policy

edit "Email_Policy1"

set mailfrom "fortiweb@example.com"

set mailto1 "admin@example.com"

set mailto2 "analysis@example.com"

set smtp-server "mail.example.com"

set smtp-auth enable

set smtp-username "fortiweb"

set smtp-password "fortiWebPassworD2"

set severity notification

set interval 10

set attach-compression enable

next

end

Related topics