Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.2.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Fabric Normalization Reference

    Home FortiAnalyzer 7.2.0 Fabric Normalization Reference
    7.2.0
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0

    FortiNAC logs

    FortiNAC logs

    FortiAnalyzer supports normalizing FortiNAC logs as Fabric logs.

    The following field mapping applies:

    FortiNAC Log Field

    Normalized Fabric Log Field
    devid,device_id data_sourceid
    data_source_name data_sourcename
    data_timestamp data_timestamp
    sn app_name
    agentplat app_service
    mailstate app_state
    agentver,fwver app_ver
    action event_action
    msg event_message
    severity event_severity
    subtype event_subtype
    type event_type
    lastactivitytime file_accessetime
    createtime file_createtime
    imagetype file_ext
    element,label,host_classification host_classification
    vendorname,vendoroid,host_hwvendor host_hwvendor
    hwtype,host_hwver host_hwver
    ip,host_ip host_ip
    location host_location
    mac,host_mac host_mac
    hostname,name,host_name host_name
    os,host_osname host_osname
    fwver,host_osver host_osver
    owner host_owner
    endpointtype,devtype,cat,host_type host_type
    endpointid,vendoroid host_uid
    portid src_port
    usertype user_classification
    adminprofile user_domain
    email user_email
    userid,user user_id
    user_geo user_location
    user_username user_name
    org user_org
    user_phone user_phone
    position user_role
    user_social user_social
    Previous
    Next

    FortiNAC logs

    FortiNAC logs

    FortiAnalyzer supports normalizing FortiNAC logs as Fabric logs.

    The following field mapping applies:

    FortiNAC Log Field

    Normalized Fabric Log Field
    devid,device_id data_sourceid
    data_source_name data_sourcename
    data_timestamp data_timestamp
    sn app_name
    agentplat app_service
    mailstate app_state
    agentver,fwver app_ver
    action event_action
    msg event_message
    severity event_severity
    subtype event_subtype
    type event_type
    lastactivitytime file_accessetime
    createtime file_createtime
    imagetype file_ext
    element,label,host_classification host_classification
    vendorname,vendoroid,host_hwvendor host_hwvendor
    hwtype,host_hwver host_hwver
    ip,host_ip host_ip
    location host_location
    mac,host_mac host_mac
    hostname,name,host_name host_name
    os,host_osname host_osname
    fwver,host_osver host_osver
    owner host_owner
    endpointtype,devtype,cat,host_type host_type
    endpointid,vendoroid host_uid
    portid src_port
    usertype user_classification
    adminprofile user_domain
    email user_email
    userid,user user_id
    user_geo user_location
    user_username user_name
    org user_org
    user_phone user_phone
    position user_role
    user_social user_social
    Previous
    Next