CLI commands

FortiLog CLI reference

 

 

 

 

 

 

 

set alertmail device enable add levelnum

Set the level to monitor before sending an alert message. The FortiLog

 

{emergency alert critical error warning

unit sends alert email for all messages at and above the logging severity

 

notification information}

level you set.

 

 

 

 

 

 

set alertmail device enable add eventnum

Set the number of selected events that occur before the FortiLog unit

 

{1 5 10 20 50 100 500 1000}

sends an alert message. Use this setting in conjunction with the setting

 

 

below.

 

set alertmail device enable add leveltime

Set the wait time for the number of events to occur within before sending

 

{0.5 1.0 3.0 6.0 12.0 24.0 72.0 168.0}

an alert email for the specified level log messages. Use this setting in

 

 

conjunction with the setting above.

 

set alertmail device enable add leveldevice

Set level setting to monitor each device separately or as a group.

 

{all per}

 

 

 

 

 

set alertmail device enable add attackalert

Enable or disable the monitoring of specific attack types.

 

{enable disable}

 

 

 

 

 

set alertmail device enable add attackany

Set the FortiLog to monitor for any attack types or specific attacks. Use in

 

{any some}

conjunction with the next command.

 

 

 

 

set alertmail device enable add attackeywords

Set the attack types the Fortilog should monitor for in the device logs. Use

 

<keyword1 keyword2}

in conjunction with the command above.

 

 

 

 

set alertmail device enable add attacknum

Set the number of attack events that occur before the FortiLog unit sends

 

{1 5 10 20 50 100 500 1000}

an alert message. Use this setting in conjunction with the setting below.

 

 

 

 

set alertmail device enable add attacktime

Set the wait time for the number of attack events to occur within before

 

{0.5 1.0 3.0 6.0 12.0 24.0 72.0 168.0}

sending an alert email for the specified level log messages. Use this

 

 

setting in conjunction with the setting above.

 

set alertmail device enable add attackdevice

Set level setting to monitor each device separately or as a group.

 

{all per}

 

 

 

 

 

set alertmail device enable add attacksingle

Set to the FortiLog unit send and alert email only when the defined attack

 

{y n}

settings originate from a singe source IP.

 

 

 

 

set alertmail device enable add virusalert

Enable or disable the monitoring of specific virus types.

 

{enable disable}

 

 

 

 

 

set alertmail device enable add virusany

Set the FortiLog to monitor for any virus types or specific attacks. Use in

 

{any some}

conjunction with the next command.

 

 

 

 

set alertmail device enable add viruskeywords

Set the virus types the Fortilog should monitor for in the device logs. Use

 

<keyword1 keyword2}

in conjunction with the command above.

 

 

 

 

set alertmail device enable add virusnum

Set the number of virus events that occur before the FortiLog unit sends

 

{1 5 10 20 50 100 500 1000}

an alert message. Use this setting in conjunction with the setting below.

 

 

 

 

set alertmail device enable add virustime

Set the wait time for the number of virus events to occur within before

 

{0.5 1.0 3.0 6.0 12.0 24.0 72.0 168.0}

sending an alert email for the specified level log messages. Use this

 

 

setting in conjunction with the setting above.

 

set alertmail device enable add virusdevice

Set level setting to monitor each device separately or as a group.

 

{all per}

 

 

 

 

 

set alertmail device enable add virussingle

Set to the FortiLog unit send and alert email only when the defined virus

 

{y n}

settings originate from a singe source IP.

 

 

 

 

set alertmail device enable add devicemailaddr

Set the email addresses of the recipients to receive the alert warning

 

<string>

messages.

 

 

 

96

05-16000-0082-20050115

Fortinet Inc.

Page 96
Image 96
Fortinet FortiLog-100 CLI commands, Set alertmail device enable add leveltime, Settings originate from a singe source IP