Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiGate / FortiOS 6.4.11 Administration Guide
    6.4.11
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0

    Slack Notification action

    Slack Notification action

    To configure an automation stitch with a Slack Notification action, you first need to configure an incoming webhook in Slack. Then you can enter the webhook URL when you configure the Slack Notification action.

    This example uses a Security Rating Summary trigger in the automation stitch with two Slack Notification actions with different notification messages. One message is a custom message, and the other is for the Security Rating Summary log with a 90 second delay.

    To create an Incoming Webhook in Slack:
    1. Go to the Slack website, and create a workspace.
    2. Create a Slack application for the workspace.

    3. Add an Incoming Webhook to a channel in the workspace (see Sending messages using Incoming Webhooks for more details).
    4. Activate the Incoming Webhook, and copy the Webhook URL to the clipboard.

    To configure an automation stitch with Slack Notification actions in the GUI:
    1. Go to Security Fabric > Automation and click Create New.
    2. Enter a name for the stitch, and select the FortiGate devices that it will be applied to.
    3. For Trigger, select Security Rating Summary.
    4. For action, select Slack Notification, and configure the notification settings.
      1. First action:
        Nameslack1
        Delay0
        URLPaste the webhook URL from the clipboard
        Message

        This is test for slack notification.

      2. Click the + and configure the second action:
        Nameslack2
        Delay90
        URLPaste the webhook URL from the clipboard
        Message

        %%log%%

    5. Click OK.
    6. Run the automation stitch to trigger the action.
    To configure an automation stitch with Slack Notification actions in the CLI:
    1. Create the Slack Notification actions:

      config system automation-action

      edit "slack1"

      set action-type slack-notification

      set minimum-interval 0

      set delay 0

      set required disable

      set message "This is test for slack notification."

      set uri "hooks.slack.com/services/xxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx"

      next

      edit "slack2"

      set action-type slack-notification

      set minimum-interval 0

      set delay 90

      set required disable

      set message "%%log%%"

      set uri "hooks.slack.com/services/xxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx"

      next

      end

    2. Create the automation trigger:

      config system automation-trigger

      edit "auto-rating"

      set trigger-type event-based

      set event-type security-rating-summary

      next

      end

    3. Configure the automation stitch:

      config system automation-stitch

      edit "auto-rating"

      set status enable

      set trigger "auto-rating"

      set action "slack1" "slack2"

      next

      end

    4. Trigger the automation stitch.

    The notification action is triggered in FortiGate.

    The message you entered in the automation stitch is delivered to the Slack channel.

    Previous
    Next

    Slack Notification action

    Slack Notification action

    To configure an automation stitch with a Slack Notification action, you first need to configure an incoming webhook in Slack. Then you can enter the webhook URL when you configure the Slack Notification action.

    This example uses a Security Rating Summary trigger in the automation stitch with two Slack Notification actions with different notification messages. One message is a custom message, and the other is for the Security Rating Summary log with a 90 second delay.

    To create an Incoming Webhook in Slack:
    1. Go to the Slack website, and create a workspace.
    2. Create a Slack application for the workspace.

    3. Add an Incoming Webhook to a channel in the workspace (see Sending messages using Incoming Webhooks for more details).
    4. Activate the Incoming Webhook, and copy the Webhook URL to the clipboard.

    To configure an automation stitch with Slack Notification actions in the GUI:
    1. Go to Security Fabric > Automation and click Create New.
    2. Enter a name for the stitch, and select the FortiGate devices that it will be applied to.
    3. For Trigger, select Security Rating Summary.
    4. For action, select Slack Notification, and configure the notification settings.
      1. First action:
        Nameslack1
        Delay0
        URLPaste the webhook URL from the clipboard
        Message

        This is test for slack notification.

      2. Click the + and configure the second action:
        Nameslack2
        Delay90
        URLPaste the webhook URL from the clipboard
        Message

        %%log%%

    5. Click OK.
    6. Run the automation stitch to trigger the action.
    To configure an automation stitch with Slack Notification actions in the CLI:
    1. Create the Slack Notification actions:

      config system automation-action

      edit "slack1"

      set action-type slack-notification

      set minimum-interval 0

      set delay 0

      set required disable

      set message "This is test for slack notification."

      set uri "hooks.slack.com/services/xxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx"

      next

      edit "slack2"

      set action-type slack-notification

      set minimum-interval 0

      set delay 90

      set required disable

      set message "%%log%%"

      set uri "hooks.slack.com/services/xxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx"

      next

      end

    2. Create the automation trigger:

      config system automation-trigger

      edit "auto-rating"

      set trigger-type event-based

      set event-type security-rating-summary

      next

      end

    3. Configure the automation stitch:

      config system automation-stitch

      edit "auto-rating"

      set status enable

      set trigger "auto-rating"

      set action "slack1" "slack2"

      next

      end

    4. Trigger the automation stitch.

    The notification action is triggered in FortiGate.

    The message you entered in the automation stitch is delivered to the Slack channel.

    Previous
    Next