Fortinet black logo

Administration Guide

Home FortiProxy 7.0.0 Administration Guide
7.0.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

Email Alert Settings

Email Alert Settings

Alert email messages provide notification about activities or events logged. These email messages also provide notification about the log severity level, such as a critical or emergency.

You can send alert email messages to up to three email addresses. Alert messages are also logged and can be viewed from the System Events log file.

You can use the alert email feature to monitor logs for log messages, and to send email notification about a specific activity or event logged. For example, if you require notification about administrators logging in and out, you can configure an alert email that is sent whenever an administrator logs in and out. You can also base alert email messages on the severity levels of the logs.

Before configuring alert email, you must configure at least one DNS server if you are configuring with an Fully Qualified Domain Server (FQDN). The FortiProxy unit uses the SMTP server name to connect to the mail server, and must look up this name on your DNS server. You can also specify an IP address.

note icon The default minimum log severity level is Alert. If the FortiProxy unit collects more than one log message before an interval is reached, the FortiProxy unit combines the messages and sends out one alert email.

How to configure email notifications

The following procedure explains how to configure an alert email notification for IPsec tunnel errors, firewall authentication failure, configuration changes and FortiGuard license expiry.

  1. In System > Advanced, under Email Service, enable Use Custom Email Server and configure the SMTP server.

    The SMTP server settings allow the FortiProxy unit to know exactly where the email will be sent from, as well as who to send it to. The SMTP server must be a server that does not support SSL/TLS connections; if the SMTP server does, the alert email configuration will not work. The FortiProxy unit does not currently support SSL/TLS connections for SMTP servers.

  2. In Log > Email Alert Settings, toggle Enabled, configure the email alert settings as described in the table, and select Apply to save your changes.

Configure the following settings:

From

Enter the source email address.

To

Enter up to three target email addresses.

Alert parameter

If you select Events, enter the number of minutes in Interval and enable the events that will cause email alerts to be sent.

If you select Severity, select the event priority level for email alerts to be sent in the Minimum level drop-down list. The priority level indicates the immediacy and the possible repercussions of the event. There are eight priority levels from Debug (lowest priority) to Emergency (highest priority). The default priority level is Alert.

Interval

Select the number of minutes between email alerts, from 1 to 99,999 minutes. The default is 5 minutes.

Intrusion detected

Enable to send an email alert when an intrusion is detected.

Virus detected

Enable to send an email alert when a virus is detected.

Web Filter blocked traffic

Enable to send an email alert when a web filter blocked traffic.

Policy denied traffic

Enable to send an email alert when a policy denied traffic.

Disk usage exceeds

Enable and enter a percentage to send an email alert when the disk usage exceeds the specified level. The default is 75%.

FortiGuard renewal due within

Enable and enter the number of days to send an email alert before FortiGuard must be renewed.

Administrator login/logout

Enable to send an email alert when an administrator logs in or out of the FortiProxy unit.

Configuration change

Enable to send an email alert when the FortiProxy configuration has been changed.

Firewall authentication failure

Enable to send an email when traffic fails authentication.

HA status change

Enable to send an email when there is a change in the HA status.
Previous
Next

Email Alert Settings

Alert email messages provide notification about activities or events logged. These email messages also provide notification about the log severity level, such as a critical or emergency.

You can send alert email messages to up to three email addresses. Alert messages are also logged and can be viewed from the System Events log file.

You can use the alert email feature to monitor logs for log messages, and to send email notification about a specific activity or event logged. For example, if you require notification about administrators logging in and out, you can configure an alert email that is sent whenever an administrator logs in and out. You can also base alert email messages on the severity levels of the logs.

Before configuring alert email, you must configure at least one DNS server if you are configuring with an Fully Qualified Domain Server (FQDN). The FortiProxy unit uses the SMTP server name to connect to the mail server, and must look up this name on your DNS server. You can also specify an IP address.

note icon The default minimum log severity level is Alert. If the FortiProxy unit collects more than one log message before an interval is reached, the FortiProxy unit combines the messages and sends out one alert email.

How to configure email notifications

The following procedure explains how to configure an alert email notification for IPsec tunnel errors, firewall authentication failure, configuration changes and FortiGuard license expiry.

  1. In System > Advanced, under Email Service, enable Use Custom Email Server and configure the SMTP server.

    The SMTP server settings allow the FortiProxy unit to know exactly where the email will be sent from, as well as who to send it to. The SMTP server must be a server that does not support SSL/TLS connections; if the SMTP server does, the alert email configuration will not work. The FortiProxy unit does not currently support SSL/TLS connections for SMTP servers.

  2. In Log > Email Alert Settings, toggle Enabled, configure the email alert settings as described in the table, and select Apply to save your changes.

Configure the following settings:

From

Enter the source email address.

To

Enter up to three target email addresses.

Alert parameter

If you select Events, enter the number of minutes in Interval and enable the events that will cause email alerts to be sent.

If you select Severity, select the event priority level for email alerts to be sent in the Minimum level drop-down list. The priority level indicates the immediacy and the possible repercussions of the event. There are eight priority levels from Debug (lowest priority) to Emergency (highest priority). The default priority level is Alert.

Interval

Select the number of minutes between email alerts, from 1 to 99,999 minutes. The default is 5 minutes.

Intrusion detected

Enable to send an email alert when an intrusion is detected.

Virus detected

Enable to send an email alert when a virus is detected.

Web Filter blocked traffic

Enable to send an email alert when a web filter blocked traffic.

Policy denied traffic

Enable to send an email alert when a policy denied traffic.

Disk usage exceeds

Enable and enter a percentage to send an email alert when the disk usage exceeds the specified level. The default is 75%.

FortiGuard renewal due within

Enable and enter the number of days to send an email alert before FortiGuard must be renewed.

Administrator login/logout

Enable to send an email alert when an administrator logs in or out of the FortiProxy unit.

Configuration change

Enable to send an email alert when the FortiProxy configuration has been changed.

Firewall authentication failure

Enable to send an email when traffic fails authentication.

HA status change

Enable to send an email when there is a change in the HA status.
Previous
Next