Skip to content

Configure Email Alerts

When something important happens (HA failover, link down, high CPU, malware detected) you want an email or SMS so you can react. FortiGate has an alert email system that watches event categories and notifies on rules you define.

Before You Start

  • SMTP relay (Gmail with app password, internal mail server, SendGrid).
  • The events / categories you want alerts on decided.

Steps

1. Configure SMTP

  1. System → Settings → Email Service.
  2. Fill in:
    • SMTP Serversmtp.gmail.com, smtp.sendgrid.net, etc.
    • Port587 (typical TLS).
    • AuthenticationEnable.
    • Username / Password — relay creds.
    • Security ModeSTARTTLS (typical).
    • Default Reply-To Address — what to put in From.
  3. Test Connectivity — should succeed.
  4. Apply.

2. Configure alert email

  1. Log & Report → Email Alert Settings (in some versions; or System → Replacement Messages → Alert Email).
  2. Email Recipients — comma-separated list.
  3. Subject Prefix — e.g. [FortiGate-Branch1].
  4. Send Email For:
    • System events (HA failover, link down).
    • Security events (AV detection, IPS critical).
    • Specific log severities (alert+).
  5. Apply.

3. Test

# Send a test email:
execute log alertemail send-test "test@example.com"

📸 Screenshot needed

System → Settings → Email Service dialog with SMTP config + the alert email recipients list.

Use Cases

  • HA failover — alert when active becomes standby.
  • Link down — alert on WAN failure.
  • Critical IPS — alert on severity = critical IPS events.
  • License expiry — alert N days before expiry.
  • Disk full — alert on disk approaching capacity.

CLI Equivalent

config system email-server
    set server "smtp.gmail.com"
    set port 587
    set authenticate enable
    set username "alerts@example.com"
    set password ENC ...
    set security starttls
end

config alertemail setting
    set username "alerts@example.com"
    set mailto1 "ops@example.com"
    set HA-events enable
    set logdisk-usage-warning-level 90
end

Common Issues

  • No emails received. SMTP creds wrong, or relay blocks the from-address. Test with execute log alertemail send-test.
  • Too many emails (spam). Severity threshold too low. Raise to alert or higher.
  • Gmail blocks. Need App Password, not account password. 2FA must be on.
  • Internal mail server rejects. Set up FortiGate's IP as allowed sender on the relay.