As an administrator, you want to be certain you can respond quickly to issues occurring on your network or on the FortiGate unit. Alert emails provide an efficient and direct method of notifying an administrator of events. By configuring alert messages, you can define the threshold when a problem becomes critical and needs attention. When this threshold is reached, the FortiGate unit will send an email to one or more individuals, notifying them of the issue.
In the following example, the FortiGate unit is configured to send email to two administrators (admin1 and admin2) when multiple intrusions are detected every two minutes. The FortiGate unit has its own email address on the mail server.
To configure the email service
- Go to System > Config > Advanced.
- In the Email Service, complete the following and select Apply:
|SMTP Server||Enter the address or name of the email server. For example,
|Default Reply To||Enter an email address to associate with the alert email. This field is optional. If you enter an email address here, it overrides the email address entered when configuring alert email in Log & Report > Alert E-mail.|
|Authentication||Enable authentication if required by the email server.|
|Security mode||Choose between None, SMTPS or STARTTLS|
To configure alert email - web-based manager
- Go to Log & Report > Log Config > Alert E-mail.
- Enter the information:
- For the Interval Time, enter
- Select Intrusion Detected.
- Select Apply.
To configure alert email - CLI
config system email-server
set port 25
set server smtp.example.com
set authenticate enable
set username FortiGate
set password *************
config alertemail setting
set username firstname.lastname@example.org
set mailto1 email@example.com
set mailto2 firstname.lastname@example.org
set filter category
set IPS-logs enable