config : log email-policy
 
log email-policy
Use this command to create an email policy. An email policy identifies email recipients, email address, email connection requirements and authentication information, if required.
You can configure multiple email policies and apply those policies as required in different situations. The FortiWeb appliance can be configured to send email for different situations, such as to alert administrators when certain system events or rule violations occur, or when log reports are available for distribution.
To use this command, your administrator account’s access control profile must have either w or rw permission to the loggrp area. For more information, see “Permissions”.
Syntax
config log email-policy
edit <email-policy_name>
set mailfrom <address_str>
set mailto1 <recipient_email>
set mailto2 <recipient_email>
set mailto3 <recipient_email>
set smtp-server {<smtp_ipv4> | <smtpfqdn>}
set smtp-port <smtp-port_int>
set smtp-auth {enable | disable}
set smtp-username <auth_str>
set smtp-password <password_str>
set severity {alert | critical | debug | emergency | error | information | notification | warning}
set interval <interval_int>
set connection-security {NONE | STARTTLS | SSL/TLS}
next
end
Variable
Description
Default
<email-policy_name>
Type the name of an email policy. The maximum length is 35 characters.
No default.
mailfrom <address_str>
Type the sender email address, such as FortiWeb@example.com, that the FortiWeb appliance will use when sending email. The maximum length is 63 characters.
No default.
mailto1 <recipient_email>
Type the email address of the first recipient, such as admin@example.com, to which the FortiWeb appliance will send email. You must enter one email address for alert email to function. The maximum length is 63 characters.
No default.
mailto2 <recipient_email>
Type the email address of the second recipient, if any, to which the FortiWeb appliance will send alert email. The maximum length is 63 characters.
No default.
mailto3 <recipient_email>
Type the email address of the third recipient, if any, to which the FortiWeb appliance will send alert email. The maximum length is 63 characters.
No default.
smtp-server {<smtp_ipv4> | <smtpfqdn>}
Type the IP address or fully qualified domain name (FQDN) of the SMTP server, such as mail.example.com, that the FortiWeb appliance can use to send email. The maximum length is 63 characters.
No default.
smtp-port <smtp-port_int>
Enter the port on the SMTP server that listens for alerts and generated reports from FortiWeb.
Valid values are from 1 to 65535.
25
smtp-auth {enable | disable}
Enable if the SMTP server requires authentication. Also enable if authentication is not required but is available and you want the FortiWeb appliance to authenticate.
disable
smtp-username <auth_str>
If you enable smtp-auth {enable | disable}, type the user name that the FortiWeb appliance will use to authenticate itself with the SMTP relay. The maximum length is 63 characters.
This field is available only if you enable smtp-auth {enable | disable}.
No default.
smtp-password <password_str>
If you enable smtp-auth {enable | disable}, type the password that corresponds with the user name.
This field is available only if you enable smtp-auth {enable | disable}.
No default.
severity {alert | critical | debug | emergency | error | information | notification | warning}
Select the severity threshold that log messages must meet or exceed in order to cause an email alert.
emergency
interval <interval_int>
Enter the number of minutes FortiWeb waits to send an additional alert if an alert condition of the specified severity level continues to occur after the initial alert.
Valid values are from 1 to 2147483647.
1
connection-security {NONE | STARTTLS | SSL/TLS}
Select one of the following options:
NONE — FortiWeb applies no security protocol to email.
STARTTLS — Encrypts the connection to the SMTP server using STARTTLS.
SSL/TLS — Encrypts the connection to the SMTP server using SSL/TLS.
NONE
Example
This example creates email policy for use in multiple situations. When the email policy is attached to rule violations or log reports, FortiWeb sends an email from fortiweb@example.com, to admin@example.com and analysis@example.com, using an SMTP server mail.example.com. The SMTP server requires authentication. The FortiWeb appliance authenticates as fortiweb when connecting to the SMTP server.
FortiWeb logs messages more severe than a notification. As long as events continue to trigger notification-level log messages, FortiWeb sends an alert email every 10 minutes. (Log messages of other severity levels trigger alert email at their default intervals.)
When the configuration is complete, log in to the web UI to send a sample alert email to test the configuration and the email system.
config log email-policy
edit Email_Policy1
set mailfrom fortiweb@example.com
set mailto1 admin@example.com
set mailto2 analysis@example.com
set smtp-server mail.example.com
set smtp-auth enable
set smtp-username fortiweb
set smtp-password fortiWebPassworD2
set severity notification
set interval 10
next
end
Related topics
config log alertemail
config log trigger-policy
config system dns
config router static