beautypg.com

Fortinet FortiGate 50A User Manual

Page 135

background image

System configuration

Replacement messages

FortiGate-50A Installation and Configuration Guide

135

Table 17: Alert email message sections

NIDS event

Used for NIDS event alert email messages

Section Start

<**NIDS_EVENT**>

Allowed Tags

%%NIDS_EVENT%%

The NIDS attack message.

Section End

<**/NIDS_EVENT**>

Virus alert

Used for virus alert email messages

Section Start

<**VIRUS_ALERT**>

Allowed Tags

%%VIRUS%%

The name of the virus.

%%PROTOCOL%%

The service for which the virus was detected.

%%SOURCE_IP%%

The IP address from which the virus was received.

For email this is the IP address of the email server

that sent the email containing the virus. For HTTP

this is the IP address of web page that sent the

virus.

%%DEST_IP%%

The IP address of the computer that would have

received the virus. For POP3 this is the IP address

of the user’s computer that attempted to download

the email containing the virus.

%%EMAIL_FROM%% The email address of the sender of the message in

which the virus was found.

%%EMAIL_TO%%

The email address of the intended receiver of the

message in which the virus was found.

Section End

<**/VIRUS_ALERT**>

Block alert

Used for file block alert email messages

Section Start

<**BLOCK_ALERT**>

Allowed Tags

%%FILE%%

The name of the file that was blocked.

%%PROTOCOL%%

The service for which the file was blocked.

%%SOURCE_IP%%

The IP address from which the block file was

received. For email this is the IP address of the

email server that sent the email containing the

blocked file. For HTTP this is the IP address of

web page that sent the blocked file.

%%DEST_IP%%

The IP address of the computer that would have

received the blocked file. For email this is the IP

address of the user’s computer that attempted to

download the message from which the file ware

removed.

%%EMAIL_FROM%% The email address of the sender of the message

from which the file was removed.

%%EMAIL_TO%%

The email address of the intended receiver of the

message from which the file was removed.

Section End

<**/BLOCK_ALERT**>

See also other documents in the category Fortinet Hardware: