Log types and subtypes
Log types each have a SQL table that can be specified when creating datasets.
Log types also include log subtypes, which are types of log messages that are within the main log type.
For more information on log types and subtypes, see the FortiAnalyzer and FortiGate Log Message Reference guides on the Fortinet Document Library.
Log types available in FortiAnalyzer datasets
Source |
Log type |
---|---|
FortiGate | Application |
Intrusion Prevention | |
Content | |
Data Leak Prevention | |
DNS | |
Email Filter | |
Event | |
FortiClient System Event |
|
FortiClient Security Event |
|
FortiClient Traffic |
|
File Filter |
|
GTP |
|
Vulnerability Scan |
|
Protocol |
|
SSH |
|
SSL |
|
Traffic |
|
Antivirus |
|
VoIP |
|
Web Application Firewall |
|
Web Filter |
|
Local Event |
|
FortiMail |
Email Filter |
Event |
|
History |
|
Antivirus |
|
FortiAnalyzer |
Application |
Event |
|
Local Event |
|
FortiWeb |
Attack |
Event |
|
Traffic |
|
FortiCache |
Application |
Intrusion Prevention |
|
Content |
|
Data Leak Prevention |
|
Email Filter |
|
Event |
|
Vulnerability Scan |
|
Traffic |
|
Antivirus |
|
VoIP |
|
Web Filter |
|
FortiClient |
FortiClient System Event |
FortiClient Security Event |
|
FortiClient Traffic |
|
Syslog |
Syslog |
FortiManager |
Application |
Event |
|
FortiSandbox |
Event |
Vulnerability Scan |
|
Antivirus |
|
FortiDDoS |
Intrusion Prevention |
Event |
|
FortiAuthenticator |
Event |
FortiProxy
|
Application |
Intrusion Prevention |
|
Data Leak Prevention |
|
DNS |
|
Email Filter |
|
Event |
|
SSH |
|
Traffic |
|
Antivirus |
|
VoIP |
|
Web Filter |
|
FortiNAC |
Asset |
Event |
|
FortiFirewall |
DNS |
Event |
|
File Filter |
|
GTP |
|
SSH |
|
SSL |
|
Traffic |
|
FortiSOAR |
Event |
FortiADC |
Intrusion Prevention |
Event |
|
Traffic |
|
FortiDeceptor |
Event |
FortiNDR |
Attack |
Event |
|
Fabric |
Normalized |