Hi Seadave, sorry for the delay and please dont give up on us :P
So the main thing here is the behaviour of this "config-change" trigger: it only triggers __after__ the current admin logouts. This was designed to avoid multiple emails if the admin is making a lot of changes during the same login session. However, the expectation is not clear so it causes confusion. We will look into improving it.
>When we right click and choose "Test" we get the red "Error triggering automation stitch" message.
This is actually a known bug in 6.0.3 where the "test" action does not work from the GUI (M0506270). This has been fixed in 6.2.0 and we will fix it in 6.0 as well.
You can still test the automation stitch via CLI with the following command: diagnose automation test [stitch name] [log]
You need to provide a sample log to be used for the test. For example:diag automation test Configuration_Change_Notification "date=2019-05-23 time=20:49:51 logid=\"0100032102\" type=\"event\" subtype=\"system\" level=\"alert\" vd=\"root\" eventtime=1558669791 logdesc=\"Configuration changed\" user=\"thuynh\" ui=\"https(10.100.55.254)\" msg=\"Configuration is changed in the admin session\""automation test is done. stitch:Configuration_Change_Notification
In addition, you can use the following command to review the automation history:diagnose test application autod 1. Enable/disable log dumping2. Show automation settings.3. Show automation statistics.diagnose test application autod 3stitch: Configuration_Change_Notification local hit: 1 relayed to: 1 relayed from: 1 last trigger:Thu May 23 20:49:52 2019 last relay:Thu May 23 20:49:52 2019 actions: Configuration_Change_Notification_email: done: 1 relayed to: 1 relayed from: 1 last trigger:Thu May 23 20:49:52 2019 last relay:Thu May 23 20:49:52 2019
>The dependencies for automation are not well defined. What are we missing? I have telemetry enabled on the LAN interface but there is NO upstream Fortigate. As mentioned above traditional mail alerts work fine. Do we need to disable those?
No, what you have should work. This feature is independent of the traditional email alert.
>Some additional documentation on this feature and what you need to have enabled to support it in addition to any conflicts (does having existing email alerts via the traditional settings cause an issue?) would be nice.
Yes, we will look into improving the documentation here. In general the automation feature should work as long as you can configure them and any special dependency would be reflected on the GUI.
We do have some cookbook available for 6.0 and 6.2 automation. Please take a look and let us know if you have any feedbacks.https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/545415/automation-stitches