Situation

# Config變更的時候寄信通知
Using email to inform admin when config is been changed.

Solution

[1]
Login FortiGate WebUI > Security Fabric > Automation

[2]
# (條件)如果log裡面出現configure被更改了
Trigger > FortiOS Event Log > Event > Attribute configured, Configuration changed, Object attribute configured

[3-1]
# (動作)寄信通知
Action > Email
    From    > "" 
    To      > "Your@Email" 
    Subject > "%%logdesc%%" 
    Body    > "%%log%%" 

[3-2]
# 如果覺得訊息太過複雜，可以參考%%log%%的值，取自己要的值重新編排
Action > Email
    From    > "" 
    To      > "Your@Email" 
    Subject > "[Configured_Changed] %%devname%%" 
    Body    > "At %%time%% on %%date%%, the configure of %%devname%% was changed." 

[4]
# 設定Stitch語法整合Trigger跟Action
Stitch > Choose Trigger > Choose Action > Apply

TroubleShooting

# 確認FortiGuard是否可連
execute ping service.fortiguard.net

# 如果FortiGuard不可連，確認連出去的介面是否正確
config system fortiguard
  set interface-select-method { auto | sdwan | specify }
end

# 確認郵件Server狀態
get system email-server

# 測試寄信
diagnose debug reset
diagnose debug enable
diagnose debug console timestamp enable
diagnose debug application alertmail -1
diagnose log alertmail test