Sending alert emails is a useful way of keeping track of security events within your firewall without having to log into it several times a day.
With FortiOS version 5, the Alert E-Mail option has been removed from the GUI by default unless a messaging server has been configured.
To configure the email alerts, first goto System > Config > Messaging Servers and enter your email servers details and default reply to address. Ensure you tick and fill out some authentication credentials if your email server only allows authenticated connections to send an email.
After this go back to Log & Report > Log Config > Log Settings and you'll see the new 'Alert Email' section.
Once here you can configure the from and to email addresses, as well as the triggers for the alerts and interval times.
With FortiOS version 5, the Alert E-Mail option has been removed from the GUI by default unless a messaging server has been configured.
To configure the email alerts, first goto System > Config > Messaging Servers and enter your email servers details and default reply to address. Ensure you tick and fill out some authentication credentials if your email server only allows authenticated connections to send an email.
After this go back to Log & Report > Log Config > Log Settings and you'll see the new 'Alert Email' section.
Once here you can configure the from and to email addresses, as well as the triggers for the alerts and interval times.
or configure with cli
ReplyDeleteTo configure alert emai in CLI
config system email-server
set port 25
set server smtp.nymail.com
set authenticate enable
set username myaccount
set password *************
end
config alertemail setting
set username myaccount@mymail.com
set mailto1 admin1@mymail.com
set mailto2 admin2@external.com
set filter category
set IPS-logs enable
end
see reference on fortinet-docs
how to test the email alert working
ReplyDeleteyou can login and logout for triggering the alert
ReplyDelete