Configuration commands
config profile ldap
Use this command to configure LDAP profiles which can query LDAP servers for authentication.
Before using an LDAP profile, verify each LDAP query and connectivity with your LDAP server. |
Each LDAP profile contains queries that retrieve configuration data from an LDAP server, such as user groups.
Syntax
config profile ldap edit <profile_name> set auth-bind-dn {cnid | none | searchuser | upn} set authstate {enable | disable} set base-dn <basedn_str> set bind-dn <binddn_str> set bind-password <bindpw_str> set cache-state {enable | disable} set cache-ttl <ttl_int> set cnid-name <cnid_str> set dereferencing {never | always | search | find} set fallback-port <port_int> set fallback-server {<fqdn_str> | <server_ipv4>} set port <port_int> set query <query_str> set scope {base | one | sub} set secure {none | ssl} set server <name_str> set timeout <timeout_int> set unauth-bind {enable | disable} set upn-suffix <upns_str> set version {ver2 | ver3} end
Variable |
Description |
Default |
---|---|---|
|
Name of the LDAP profile. |
|
|
|
|
|
Enable to perform user authentication queries. |
|
|
The DN of the part of the LDAP directory tree where FortiAI searches for user objects, such as User objects must be child nodes of this location. |
|
|
The bind DN of an LDAP user account with permissions to query the This command is optional if your LDAP server does not require FortiAI to authenticate when performing queries and you have enabled |
|
|
The password of |
|
|
Enable to cache LDAP query results. Caching LDAP queries can reduce LDAP network traffic when there are frequent queries for information that does not change. However, caching might cause a delay from the time you update LDAP directory information and when FortiAI begins using that new information. If you enable this option but queries are not cached, check the TTL value. A TTL value of 0 effectively disables caching. |
|
|
The amount of time, in minutes, that FortiAI caches query results. After the time has elapsed, cached results expire and subsequent requests for that information requires FortiAI to query the LDAP server and refresh the cache. The default TTL value is 1440 minutes (one day). The maximum is 10080 minutes (one week). A value of 0 effectively disables caching. |
|
|
Name of the user objects’ common name attribute, such as |
|
|
Method of de-referencing attributes whose values are references.
|
|
|
If you have configured a backup LDAP server that listens on a nonstandard port, enter the TCP port number. The standard port for LDAP is 389. The standard port for SSL-secured LDAP is 636. If |
|
|
The FQDN or IP address of the backup LDAP server. If there is no fallback server, enter an empty string (''). |
|
|
If you have configured a backup LDAP server that listens on a nonstandard port, enter the TCP port number. The standard port for LDAP is 389. The standard port for SSL-secured LDAP is 636. |
|
|
An LDAP query filter, enclosed in single quotes ('), that selects a set of user objects from the LDAP directory. The query filter string filters the result set based on attributes common to all user objects and excludes non-user objects. For example, if user objects in your directory have two characteristics, the (& (objectClass=inetOrgPerson) (mail=$m)) where This command applies to user defined schema only. For details on query syntax, see any standard LDAP query filter reference manual. |
|
|
The level of depth to query:
|
|
|
Whether to connect to LDAP servers using an encrypted connection:
|
|
|
The FQDN or IP address of the LDAP server. |
|
|
The maximum length of time in seconds that FortiAI waits for query responses from the LDAP server. |
|
|
Enable to perform queries in this profile without supplying a bind DN and password for the directory search. Many LDAP servers require LDAP queries to be authenticated using a bind DN and password. If your LDAP server does not require FortiAI to authenticate before performing queries, you might enable this option. If this option is disabled, you must configure |
|
|
If you want to use a UPN other than the mail domain, enter that UPN. This is useful if users authenticate with a domain other than the mail server’s principal domain name. |
|
|
The protocol version used to communicate with the LDAP server. |
|
config profile authentication radius
Use this command to configure FortiAI to connect to an external RADIUS server to authenticate FortiAI Users.
Syntax
config profile authentication radius edit <profile_name> set auth-prot {auto | chap | mschap | mschap2 | pap} set nas-ip <ip_addr> set port <port_int> set secret <password_str> set send-domain {enable | disable} set server {<fqdn_str> | <host_ipv4>} end
Variable |
Description |
Default |
---|---|---|
|
The IP address or FQDN of the POP3 server. |
|
|
The authentication method for the RADIUS server. |
|
|
The NAS IP address and the Called Station ID. If you do not enter an IP address, FortiNDR uses the IP address that the FortiAI interface uses to communicate with the RADIUS server. For information about RADIUS attribute 31, see Microsoft Vendor-specific RADIUS Attributes. |
|
|
If the RADIUS server listens on a nonstandard port number, enter the port number of the RADIUS server. The standard port number for RADIUS is 1812. |
|
|
The password of the RADIUS server. |
|
|
Enable if the RADIUS server requires both the user name and the domain when authenticating. |
|
|
The IP address or FQDN of the RADIUS server. |
|
config system accprofile
Use this command to configure access profiles. This command governs which areas of the web-based manager and CLI that administrators can access and whether they have permission to change the configuration or other items in each area.
Everyone is treated as an administrator. Set up non-administrators with a custom non-administrator |
The GUI Admin Profiles is the accprofile
. Only the default SuperAdminProfile can modify Admin Profiles and accprofile
. Only administrators with the default SuperAdminProfile can reboot or shut down the system.
Syntax
config system accprofile edit <profile_name> set system-access {none | read | read-write} set system-config {none | read | read-write} set system-maintenance {none | read | read-write} set system-status {none | read | read-write} end
Variable |
Description |
Default |
---|---|---|
|
Name of the access profile. |
|
|
Specify the account permission associated with this access profile. The |
|
|
Specify the account permission associated with this access profile. The |
|
|
Specify the account permission associated with this access profile. The |
|
|
Specify the account permission associated with this access profile. The Users with this permission set to |
|
config system admin
Use this command to configure FortiAI administrator accounts.
By default, FortiAI units have a single administrator account named admin. For more granular control over administrative access, you can create additional administrator accounts with more restricted permissions such as being able to configure a specific domain.
Syntax
config system admin edit <name_str> set access-profile <profile_name> set auth-strategy {local | local-plus-radius | ldap | radius} set name <name> set password <password_str> set radius-permission-check {enable | disable} set radius-subtype-id <subtype_int>] set radius-vendor-id <vendor_int> set sshkey <key_str> set status {enable | disable} set theme {Neutrino| Jade | Mariner | Graphite | Melongene | Onyx | Dark_Matter | Eclipse | Cloud_App_Light | Cloud_App_Dark} set trust-hosts <host_ipv4mask> end
Variable |
Description |
Default |
---|---|---|
|
Name of the administrator account. |
|
|
Name of an access profile that determines which functional areas the administrator account may view or affect. |
|
|
Select the local or remote type of authentication that the administrator can use. |
|
|
Name of user. |
|
|
If Do not use an administrator password shorter than six characters. For better security, use a longer password with a complex combination of characters and numbers. Change the password regularly. A weak password might compromise the security of your FortiAI unit. |
|
|
If |
|
|
If |
|
|
If |
|
|
Enter the SSH key string inside single straight quote marks ('). When connecting from an SSH client that presents this key, administrators do not need to enter the account name and password to log in to the CLI. |
|
|
Enable or disable admin users. |
|
|
Theme of the GUI for this admin. |
|
|
Enter one to three IP addresses and netmasks from which the administrator can log into FortiAI. Separate each pair of IP address and netmask with a comma (,). To allow the administrator to authenticate from any IP address, enter |
|
config system appearance
Use this command to customize the appearance of the login page.
Syntax
config system appearance set login-page-theme {Neutrino| Jade | Mariner | Graphite | Melongene | Onyx | Dark_Matter | Eclipse | Cloud_App_Light | Cloud_App_Dark} end
Variable |
Description |
Default |
---|---|---|
|
The theme of the setting page for this user. |
|
config system automation-settings
Syntax
Use this command to configure the automation profiles used by the FortiNDR enforcement feature.
config system automation-settings edit <name_str> set type {fgt-quarantine|fnac-quarantine|generic-webhook} set vdom <vdom_str> set api-key <apikey_str> set webhook-config <config_str> set ip <ip_addr> set port <port_int> set status {enable | disable} set source {fabric-device | sniffer} set profile <enforcement_profile_name> end
Variable |
Description |
Default |
---|---|---|
|
Automation Profile name |
|
|
FortiNDR supports three types of automated quarantine |
|
|
The VDOM of
the FortiGate. Only applicable to f |
|
|
API key
of the device. Only applicable to |
|
|
The webhook configuration to be used by FortiNDR enforcement. Only
applicable to For
For
{"webhook_exec"
:{"url":"https://host1.com:443/api/ip_blocker","method":"post","http_body":"{\"srcip\":\"%%srcip%%\"}","headers":{"content-type":"application/json"}},
"webhook_undo":{"url":"https://host1.com:443/api/ip_unblocker","method":"post","http_body":"
{\"srcip\":\"%%srcip%%\"}","headers":{"content-type":"application/json"}}
} To enter the JSON data through CLI, the JSON string must be formatted as one line and enclosed in single quotes ('). |
|
|
IP
address of the device. Only applicable to |
|
|
Port
number of the device. Only applicable for |
|
|
Enable or disable the automation profile. |
|
|
Set the
source of detection that applies to the current profile. Only applicable
for |
|
|
The enforcement profile to be used by the current automation setting. |
|
config system certificate ca
Use this command to import certificates for certificate authorities (CA).
Certificate authorities validate and sign other certificates to indicate to third parties that those certificates can be trusted.
CA certificates are required by connections that use transport layer security (TLS).
Syntax
config system certificate ca edit <name_str> set certificate <cert_str> end
Variable |
Description |
Default |
---|---|---|
|
The name of this certificate. |
|
|
Enter or paste the certificate in PEM format to import it. |
|
config system fortigate settings
Use this command to configure settings for FortiGate inline blocking. Since FortiOS 7.0.1, FortiGate can send files and get the verdict from FortiNDR directly via the HTTP/2 protocol after FortiNDR joins the Security Fabric.
Syntax
config system fortigate settings set timeout <timeout_int>
Variable |
Description |
Default |
---|---|---|
|
The maximum waiting time of FortiNDR verdict fetching for FortiGate verdict request. |
|
config system fortiguard update
Use this command to configure how FortiNDR will retrieve the most recent Fortiguard Neural Networks engine and database updates.
Syntax
config system fortiguard update set scheduled-update-day <day_int> set scheduled-update-frequency {daily | every | weekly} set scheduled-update-status {enable | disable} set scheduled-update-time <time_str> end
Variable |
Description |
Default |
---|---|---|
|
Enter the day of the week at which FortiNDR will request updates where
the range is from |
|
|
Enter the frequency at which FortiNDR will request updates. You also need to configure
|
|
|
Enable to perform updates according to the configured schedule. |
|
|
Enter the time of the day at which FortiNDR will request updates, in
the format |
|
config system syslog fortianalyzer settings
Use this command to configure FortiAnalyzer server settings for the syslog to be sent to this server. By default, port number is 514.
Syntax
config system syslog fortianalyzer settings set ipaddr <ip_address> set port <port> set status {enable | disable}
Variable |
Description |
Default |
---|---|---|
|
IP address of FortiAnalyzer server. |
|
|
Port number of FortiAnalyzer server used to receive syslog. |
|
|
Enable the status to send syslog to a FortiAnalyzer server. Disable this option to not send any syslog. |
|
config system ha
Use this command to configure FortiNDR to act as a member of a Hgh Availability (HA) cluster in order to increase availability.
config system ha config interface edit <interface_name> set action-on-primary {ignore-vip | use-vip} set heartbeat-status {disable | primary | secondary} set peer-ip <ipv4mask> set port-monitor <enable | disable> set virtual-ip <ipv4mask> set hb-base-port <hb-port_int> set hb-lost-threshold <hb-threshold_int> set mode {off | primary | secondary} set password <password_str>
Variable |
Description |
Default |
||
---|---|---|---|---|
|
Enter the interface name of which you want to apply HA configuration. |
|
||
|
Enable/disable virtual IP configured on this interface.
|
|
||
|
Specify if this interface will be used for HA heartbeat and synchronization.
|
|
||
|
Enter the IP address of the matching heartbeat network interface of the other member of the HA group. If you are configuring the primary unit’s primary heartbeat network interface, enter the IP address of the secondary unit’s primary heartbeat network interface. For the secondary heartbeat network interface, enter the IP address of the other unit’s secondary heartbeat network interface. |
|
||
|
Enable to monitor a network interface for failure. If the port fails, the primary unit will trigger a failover. |
|
||
|
Enter the virtual IP address and netmask for this interface. |
|
||
|
Enter the first of four total TCP port numbers that will be used for:
|
|
||
|
Enter the total span of time, in seconds, for which the primary unit can be unresponsive before it triggers a failover and the secondary unit assumes the role of the primary unit.
|
|
||
|
Enter the HA operating mode or disable HA |
|
||
|
Enter a password for the HA group. The password must be the same on the primary and secondary FortiAI unit(s). The password must be a least 1 character. |
|
config system syslog1 settings
Use this command to configure a remote server settings and the syslog is sent to this server. The default port number is 514.
Syntax
config system syslog1 settings Set ipaddr <ip_address> Set port <port> Set status {enable | disable}
Variable |
Description |
Default |
---|---|---|
|
IP address of a remote server. |
|
|
Port number of remote server used to receive syslog. |
|
|
Enable the status to send syslog to a remote server. Disable this option to not send any syslog. |
|
config system certificate crl
Use this command to import certificate revocation lists.
To ensure that FortiNDR validates only certificates that have not been revoked, periodically upload a current certificate revocation list from certificate authorities (CA) or use the online certificate status protocol (OCSP) to query the certificate status.
Syntax
config system certificate crl edit <name_str> set crl <cert_str> end
Variable |
Description |
Default |
---|---|---|
|
The name of this certificate revocation list. |
|
|
Enter or paste the certificate in PEM format to import it. |
|
config system certificate local
Use this command to import signed certificates and certificate requests to install them for local use by FortiNDR.
FortiNDR requires a local server certificate that it can present when clients request secure connections.
When using this command to import a local certificate, you must follow the order of the commands described below. This is because |
Syntax
config system certificate local edit <name_str> set password set private-key set certificate <cert_str> set csr <csr_str> set comments <comment_str> end
Variable |
Description |
Default |
---|---|---|
|
The name of the certificate to be imported. |
|
|
The password of the certificate. |
|
|
The private key of the certificate. |
|
|
Enter or paste the certificate in PEM format to import it. |
|
|
Enter or paste the certificate signing request in PEM format to import it. |
|
|
Comments for this certificate. |
|
config system certificate remote
Use this command to import the certificates of the online certificate status protocol (OCSP) servers of your certificate authority (CA).
OCSP lets you revoke or validate certificates by query rather than by importing certificate revocation lists (CRL).
If you enable OCSP for PKI users, remote certificates are required.
Syntax
config system certificate remote edit <name_str> set certificate <cert_str> end
Variable |
Description |
Default |
---|---|---|
|
The name of the certificate to be imported. |
|
|
Enter or paste the certificate in PEM format to import it. |
|
config system csf
Use this command to configure FortiNDR as a Security Fabric member.
Syntax
config system csf set configuration-sync {local | sync} set managment-ip <ip_str> set managment-port <port_int> set status {enable | disable} set upstream-ip <ip_str> set upstream-port <port_int>
Variable |
Description |
Default |
---|---|---|
|
Configuration synchronization mode. |
|
|
Management IP address of FortiNDR to join the Security Fabric. |
|
|
Management port number of the unit to join the Security Fabric. Set the value between 1-65535. |
|
|
Enable or disable Security Fabric configuration. |
|
|
IP address of upstream FortiGate. |
|
|
Upstream FortiGate port number. |
|
config system dhcp server
Use this command to configure the DHCP server object.
Syntax
config system dhcp server edit <serverName> config exclude-range edit <id of IP address> config ip-range edit <id of IP address> config reserved-address edit <id of IP address> set auto-configuration {enable | disable} set conflicted-ip-timeout <int> set default-gateway <IP Address> set dns-service {default | specify} set domain <domain name> set enable {enable | disable} set htype {normal | other} set interface <interface name> set lease-time <lease time in seconds> set netmask <netmask_ip> end
Variable |
Description |
Default |
---|---|---|
|
The server name of this DHCP server. |
|
|
DHCP excluded IP range. |
|
|
DHCP IP address range. |
|
|
DHCP reserved IP address. |
|
|
Enable or disable auto configuration. |
|
|
IP address conflict timeout in seconds. |
|
|
Default gateway IP address. |
|
|
DNS server options. |
|
|
Domain name of the DHCP server. |
|
|
Enable or disable this DHCP server. |
|
|
Device/port name. |
|
|
Interface name. |
|
|
Lease time in seconds. |
|
|
Netmask of this DHCP server. |
|
config system dns
Use this command to configure the IP addresses of the primary and secondary DNS servers that FortiAI queries to resolve domain names into IP addresses.
Syntax
config system dns set cache {enable | disable} set cache-min-ttl <time_in_sec> set primary <dns_ipv4> set private_ip_query {enable | disable} set protected-domain-dns-servers <class_ip> set protected-domain-dns-state {enable | disable} set secondary <dns_ipv4> set truncate-handling {disable | tcp-retry} end
Variable |
Description |
Default |
---|---|---|
|
Enable to cache DNS query results to improve performance. If memory is low, disable to free up more memory. |
|
|
Minimum TTL for cached DNS records in seconds. |
|
|
IP address of the primary DNS server. |
|
|
Enable to perform reverse DNS lookups on private network IP addresses, as defined in RFC 1918. The DNS server must have PTR records for your private network’s IP addresses. Not having records for those IP addresses might increase DNS query time and cause query results to show Host not found. |
|
|
IP addresses of DNS servers for protected domains. |
|
|
Enable or disable using DNS servers for protected domains. |
|
|
IP address of the secondary DNS serve. |
|
|
Action for truncated UDP. |
|
config system enforcement-profile
Use this command to configure the FortiNDR enforcement profile. FortiNDR system will use this to filter out anomaly detection events for executing enforcement.
Syntax
config system enforcement-profile edit <name_str> set allowlist <ipv4mask> set risk-level <int> set conf-level <int> set severity <int> set category {malware,botnet,encrypted-attack,network-attack,ioc,week-cipher, machine-learning} end
Variable |
Description |
Default |
---|---|---|
|
The IP addresses and netmasks in the allowlist (white list) are excluded from enforcement consideration. Separate each pair of IP address and netmask with a comma (,). |
|
|
Malicious detected records with the entered risk level and above are considered when executing enforcement by FortiNDR. Valid values are |
|
|
Malicious detected records with the entered confidence level and above are considered when executing enforcement by FortiNDR. The valid range is |
0.8
|
config system interface
Use this command to configure allowed and denied administrative access protocols, up or down administrative status for the network interfaces of FortiNDR.
Syntax
config system interface edit <physical_interface_str> set allowaccess {ping https ssh telnet} set discover {enable | disable} set ip <ipv4mask> set mode {static | dhcp} set speed {auto | 10full | 10half | 100full | 100half | 1000full} set status {down | up} end
Variable |
Description |
Default |
---|---|---|
|
Name of the physical network interface, such as port1. |
|
|
Add one or more protocols to the list of protocols that allow administrative access to FortiNDR through this network interface: ping: Allow ICMP ping responses from this network interface. https: Allow secure HTTP (HTTPS) access to the web-based manager and per-recipient quarantines. ssh: Allow SSH access to the CLI. telnet: Allow Telnet access to the CLI. HTTP and Telnet connections are not secure and can be intercepted by a third party. To reduce risk, enable this option only on network interfaces connected directly to your management computer. |
Varies by network interface. |
|
Allow discovery of the interface on this port. |
|
|
IP address and netmask of the network interface. |
|
|
Interface mode. |
|
|
Speed of the network interface. Some network interfaces might not support all speeds. |
|
|
up enables the network interface to send and receive traffic. down disables the network interface.
|
|
config system route
Use this command to configure static routes.
Syntax
config system route edit <route_int> set destination <destination_ipv4mask> set gateway <gateway_ipv4> set interface <interface name> end
Variable |
Description |
Default |
---|---|---|
|
Index number of the route in the routing table. |
|
|
Destination IP address and netmask of traffic that is subject to this route, separated by a space. To indicate all traffic regardless of IP address and netmask, enter |
|
|
IP address of the gateway router. |
|
|
Network interface associated with this route. |
|
config system time manual
Use this command to manually configure the FortiNDR system time.
Accurate system time is required by many features such as log messages and SSL-secured connections.
This command applies only if NTP is disabled. Alternatively, you can configure FortiAI to synchronize its system time with an NTP server.
Syntax
config system time manual set daylight-saving-time {disable | enable} set zone <zone_int> end
Variable |
Description |
Default |
---|---|---|
|
Enable to automatically adjust the system time for daylight-saving time (DST). |
|
|
The number which indicates the time zone where the FortiAI unit is located. |
config system time ntp
Use this command to configure FortiAI to synchronize its system time with a network time protocol (NTP) server.
Accurate system time is required by many features of FortiAI such as log messages and SSL-secured connections.
Syntax
config system time ntp set ntpserver {<address_ipv4> | <fqdn_str>} set ntpsync {enable | disable} set syncinterval <interval_int> end
Variable |
Description |
Default |
---|---|---|
|
IP address or FQDN of an NTP server. You can add a maximum of ten NTP servers. FortiAI uses the first NTP server based on the selection mechanism of the NTP protocol. To locate a public NTP server, visit http://www.ntp.org/. |
|
|
Enable to synchronize FortiAI with an NTP server instead of manually configuring the system time. |
|
|
The interval in minutes between synchronizations of the system time with the NTP server. The valid range is 1 to 1440. |
config system ICAP server
Use this command to configure ICAP server settings.
Syntax
config system icap server set conf-level <confidence_level_int> set interface {port1 | port2} set enable {1 | 0} set rtavscan {1 | 0} set ssl-port <ssl_port_int> set ssl-support {1 | 0} set port <port_int> set timeout <timeout_int> end
Variable |
Description |
Default |
---|---|---|
|
The confidence of detection. Value is between 0 and 100. |
|
|
Interface name. |
|
|
Set to 1 to enable ICAP server. Set to 0 to disable the ICAP server. |
|
|
Set to 1 to enable realtime FAI scan. Set to 0 to disable. |
|
|
The maximum waiting time for realtime FAI scan. |
|
|
ICAP server SSL port number. |
|
|
Set to 1 to enable SSL support. Set to 0 to disable it. |
|
|
ICAP server port. |
|
config system global
Syntax
Use this command to configure the FortiNDR system-wide configuration.
config system global set hostname <str> end
Variable |
Description |
Default |
---|---|---|
|
Host name of FortiNDR |
|
config system syslog fortianalyzer settings
Syntax
Use this command to configure a FortiAnalyzer remote server which will receive syslogs. FortiNDR system will send logs with specified type and severity (only for NDR type ) to this remote server.
config system syslog fortianalyzer settings set ipaddr <ipv4mask> set port <int> set status {enable, disable} set type {event, malware, ndr} set ndr-severity {low, medium, high, critical} end
Variable |
Description |
Default |
---|---|---|
|
Profile name |
|
|
The IP address of the remote server. Only IPv4 is supported. |
|
|
The port number of the remote server for syslog services. |
|
|
Enable or disable sending logs to this remote server. |
|
|
FortiNDR supports three types of logs: Multiple choices are supported. |
|
|
Filtering by severity is supported for sending |
|
config system syslog1 settings
Syntax
Use this command to configure a general remote server which can receive syslogs. FortiNDR system will send logs with specified type and severity (only for ndr
type) to this remote server.
config system syslog1 settings set ipaddr <ipv4mask> set port <int> set status {enable, disable} set type {event, malware, ndr} set ndr-severity {low, medium, high, critical} end
Variable |
Description |
Default |
---|---|---|
|
Profile name |
|
|
The IP address of the remote server. Only IPv4 is supported. |
|
|
The port number of the remote server for syslog services. |
|
|
Enable or disable sending logs to this remote server. |
|
|
FortiNDR supports three types of logs: Multiple choices are supported. |
|
|
Filtering by severity is supported when sending |
|
config system syslog2 settings
Syntax
Use this command to configure a general remote server which will receive syslogs. FortiNDR system will send logs with specified type and severity (only for ndr
log types ) to this remote server.
config system syslog2 settings set ipaddr <ipv4mask> set port <int> set status {enable, disable} set type {event, malware, ndr} set ndr-severity {low, medium, high, critical} end
Variable |
Description |
Default |
---|---|---|
|
Profile name |
|
|
The IP address of the remote server. Only IPv4 is supported. |
|
|
The port number of the remote server for syslog services. |
|
|
Enable or disable sending logs to this remote server. |
|
|
FortiNDR supports to three types of logs, including Multiple choices are supported. |
|
|
Filtering by severity is supported when sending |
|
config log alertemail server
Syntax
Use this command to configure the Email server FortiNDR will use to send alert emails for events detected.
config log alertemail server
set name < name >
set openssl {enable|disable}
set password <password>
set port <port>
set sendername <senderName>
set username <username>
end
Variable |
Description |
Default |
---|---|---|
|
Name/IP of the mailing server. |
|
|
Enable/disable security connection for the email transaction. |
|
|
Password of the user in the mailing server. |
|
|
The port used to send email. |
|
|
The email sender's name. This is different from |
|
|
Name of the user in the mailing server.
|
|