Description
This article describes how to get all message details which is mentioned in event logs during setting up the e-mail alerts.
Solution
While setting up the emails alerts in go to Security Fabric -> Automation -> E-mail Alerts and do not remove '%%log%%' from the e-mail body otherwise the event details will appear but not the proper information mentioned in the event logs:
In the below screenshot, the event was set up for the link status and in the E-mail alert ->E-mail Body value '%%log%%' was removed.
When the link status is moved to downstate, the below message will appear in the email which did not have the complete information that the interface down or up.
If the issue still persists, collect the below debug:
To collect the debug for email alert :
diag debug reset
diag debug enable
diag debug console timestamp enable
diag debug application alertmail -1
Send a test activation mail:
diagnose log alertmail test
Then disable debug:
diag debug disable
diag debug reset
Related article:
Technical Tip: How to configure email alert when interface status is changed
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.