Fortinet black logo

Fabric Normalization Reference

Home FortiAnalyzer 7.2.2 Fabric Normalization Reference
7.2.2
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0

Ubuntu logs

Ubuntu logs

FortiAnalyzer supports normalizing Ubuntu logs as Fabric logs.

The following field mapping applies:

Ubuntu Log Field

Normalized Fabric Log Field
data_sourcetype data_sourcetype
data_timestamp data_timestamp
app_name app_name
pid app_proc
service app_service
dst_info dst_intf
event_action event_action
message event_message
log_level event_severity
ext_eventsubtype event_subtype
ext_eventtype event_type
host_classification host_classification
host_hwvendor host_hwvendor
host_hwver host_hwver
host_ip host_ip
host_mac host_mac
hostname,host_name host_name
host_osname host_osname
host_osver host_osver
host_type host_type
host_uid host_uid
ip src_ip
srcmac src_mac
Previous
Next

Ubuntu logs

FortiAnalyzer supports normalizing Ubuntu logs as Fabric logs.

The following field mapping applies:

Ubuntu Log Field

Normalized Fabric Log Field
data_sourcetype data_sourcetype
data_timestamp data_timestamp
app_name app_name
pid app_proc
service app_service
dst_info dst_intf
event_action event_action
message event_message
log_level event_severity
ext_eventsubtype event_subtype
ext_eventtype event_type
host_classification host_classification
host_hwvendor host_hwvendor
host_hwver host_hwver
host_ip host_ip
host_mac host_mac
hostname,host_name host_name
host_osname host_osname
host_osver host_osver
host_type host_type
host_uid host_uid
ip src_ip
srcmac src_mac
Previous
Next