Reading time: 2 minutes
Configuration steps for creating automation-stitches via command-line. Create the action first, then the trigger and then stitch it together.
- I will set the action first. In this case I want it to email me. Make sure to add the “set email-from” address or else it won’t work.
config system automation-action
edit "Email-me"
show
config system automation-action
edit "Email-me"
set action-type email
set email-to "ben@askben.cloud"
set email-subject "Fortigate Alerts"
set email-from "noreply@askben.cloud"
next
end
- This will be the trigger. In this case, if the license expires or one of the SD-WAN members has an issue it will cause a trigger.
show system automation-trigger
config system automation-trigger
edit "LicenseExpiry"
set event-type license-near-expiry
set license-type any
next
edit "SD-WAN Monitor"
set event-type event-log
set logid 22925
next
end
- This stitches it all together.
config system automation-stitch
edit "SD-WAN Alerts"
Check out the configuration before proceeding
show
config system automation-stitch
edit "SD-WAN Alerts"
set description "Send me an email when there is change in SD-WAN"
set trigger "SD-WAN Monitor"
set action "Email-me"
next
end
- Some additional settings for other alerts that do not need Automation-Stitching.
Configure Alert Emails
config alertemail setting
set username "ben@askben.cloud"
set mailto1 "hulk@askben.cloud"
set mailto2 "ironman@askben.cloud"
set IPS-logs enable
set firewall-authentication-failure-logs enable
set HA-logs enable
set configuration-changes-logs enable
set admin-login-logs enable
set FDS-license-expiring-warning enable
end
- Change the default email server used by Fortinet
Configure Email server
config system email-server
set reply-to "ben@askben.cloud"
set server "email-smtp.us-west-2.amazonaws.com"
set port 587
set authenticate enable
set username "amazon-ses"
set password "password from aws ses, sendgrid or mailchimp"
set security starttls
