Fortinet black logo

Fabric Normalization Reference

Home FortiAnalyzer 7.2.1 Fabric Normalization Reference
7.2.1
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0

Fabric log field descriptions

Fabric log field descriptions

Normalized Fabric Log Field

Description
app_cat Application Category
app_id Application ID
app_proc Application Process
app_ref Application Reference
app_service Application Service
app_state Application State
app_ver Application Version
app_name Application Name
data_parsername Data Parser Name
data_sourceid Data Source ID
data_sourcename Data Source Name
data_sourcetype Data Source Type
data_sourceversion Data Source Version
data_timestamp Data Timestamp
dns_query DNS Query
dns_querytype DNS Query Type
dns_req DNS Request
dns_resp DNS Response
dns_response DNS Response
dst_domain Destination Domain
dst_geo Destination Geo
dst_intf Destination Interface
dst_mac Destination MAC
dst_natip Destination Nat IP
dst_natport Destination Nat Port
event_action Event Action
event_outcome Event Outcome
event_policy Event Policy
event_profile Event Profile
event_ref Event Ref
event_severity Event Severity
event_subtype Event Sub Type
event_type Event Type
event_message Event Message
file_accessetime File Accessed Time
file_createtime File Created Time
file_ext File Extension
file_hash File Hash
file_hashtype File Hash Type
file_name File Name
file_path File Path
file_size File Size
host_classification Host Classification
host_hwvendor Host Hardware Vendor
host_hwver Host Hardware Version
host_ip Host IP
host_location Host Location
host_mac Host MAC
host_name Host Name
host_osfamily Host OS Family
host_osname Host OS Name
host_osver Host OS Version
host_owner Host Owner
host_type Host Type
host_uid Host UID
http_cookie HTTP Cookie
http_referer HTTP Referrer
http_useragent HTTP User Agent
loguid Data UID
mail_from Mail From
mail_size Mail Size
mail_subject Mail Subject
mail_to Mail To
net_direction Net Direction
net_name Net Name
net_payloadid Net Payload ID
net_proto Net Protocol
net_rcvdpkts Net Received Packets
net_recvbytes Net Received Bytes
net_sentbytes Net Sent Bytes
net_sentpkts Net Sent Packets
net_sessionduration Net Session Duration
net_sessionid Net Session ID
net_ssid Net SSID
objectid Object ID
objectname Object Name
obj_name Object Name
obj_value Object Value
procid Process ID
procname Process Name
procowner Process Owner
servicename Service Name
src_domain Source Domain
src_geo Source Geo
src_intf Source Interface
src_mac Source MAC
src_natip Source Nat IP
src_natport Source Nat Port
src_ip Source IP
threat_action Threat Action
threat_direction Threat Direction
threat_hash Threat Hash
threat_id Threat ID
threat_name Threat Name
threat_pattern Threat Pattern
threat_ref Threat Ref
threat_score Threat score
threat_severity Threat Severity
threat_type Threat Type
user_authtype User Authentication Type
user_classification User Classification
user_domain User Domain
user_email User Email
user_group User Group
user_id User ID
user_location User Location
user_org User Organization
user_phone User Phone
user_role User Role
user_social User Social
Previous
Next

Fabric log field descriptions

Normalized Fabric Log Field

Description
app_cat Application Category
app_id Application ID
app_proc Application Process
app_ref Application Reference
app_service Application Service
app_state Application State
app_ver Application Version
app_name Application Name
data_parsername Data Parser Name
data_sourceid Data Source ID
data_sourcename Data Source Name
data_sourcetype Data Source Type
data_sourceversion Data Source Version
data_timestamp Data Timestamp
dns_query DNS Query
dns_querytype DNS Query Type
dns_req DNS Request
dns_resp DNS Response
dns_response DNS Response
dst_domain Destination Domain
dst_geo Destination Geo
dst_intf Destination Interface
dst_mac Destination MAC
dst_natip Destination Nat IP
dst_natport Destination Nat Port
event_action Event Action
event_outcome Event Outcome
event_policy Event Policy
event_profile Event Profile
event_ref Event Ref
event_severity Event Severity
event_subtype Event Sub Type
event_type Event Type
event_message Event Message
file_accessetime File Accessed Time
file_createtime File Created Time
file_ext File Extension
file_hash File Hash
file_hashtype File Hash Type
file_name File Name
file_path File Path
file_size File Size
host_classification Host Classification
host_hwvendor Host Hardware Vendor
host_hwver Host Hardware Version
host_ip Host IP
host_location Host Location
host_mac Host MAC
host_name Host Name
host_osfamily Host OS Family
host_osname Host OS Name
host_osver Host OS Version
host_owner Host Owner
host_type Host Type
host_uid Host UID
http_cookie HTTP Cookie
http_referer HTTP Referrer
http_useragent HTTP User Agent
loguid Data UID
mail_from Mail From
mail_size Mail Size
mail_subject Mail Subject
mail_to Mail To
net_direction Net Direction
net_name Net Name
net_payloadid Net Payload ID
net_proto Net Protocol
net_rcvdpkts Net Received Packets
net_recvbytes Net Received Bytes
net_sentbytes Net Sent Bytes
net_sentpkts Net Sent Packets
net_sessionduration Net Session Duration
net_sessionid Net Session ID
net_ssid Net SSID
objectid Object ID
objectname Object Name
obj_name Object Name
obj_value Object Value
procid Process ID
procname Process Name
procowner Process Owner
servicename Service Name
src_domain Source Domain
src_geo Source Geo
src_intf Source Interface
src_mac Source MAC
src_natip Source Nat IP
src_natport Source Nat Port
src_ip Source IP
threat_action Threat Action
threat_direction Threat Direction
threat_hash Threat Hash
threat_id Threat ID
threat_name Threat Name
threat_pattern Threat Pattern
threat_ref Threat Ref
threat_score Threat score
threat_severity Threat Severity
threat_type Threat Type
user_authtype User Authentication Type
user_classification User Classification
user_domain User Domain
user_email User Email
user_group User Group
user_id User ID
user_location User Location
user_org User Organization
user_phone User Phone
user_role User Role
user_social User Social
Previous
Next