Fortinet black logo

Fabric Normalization Reference

Home FortiAnalyzer 7.2.2 Fabric Normalization Reference
7.2.2
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0

FortiIsolator logs

FortiIsolator logs

FortiAnalyzer supports normalizing FortiIsolator logs as Fabric logs.

The following field mapping applies:

FortiIsolator Log Field

Normalized Fabric Log Field
id, loguid loguid

epid

epid

euid

euid

devid

data_sourceid

data_sourcename

data_sourcename

data_sourcetype

dat_sourcetype

eventtime

data_timestamp

browsertype

app_name

pid

app_proc

browserver

app_ver

avaction, wfaction

event_action

msg

event_message

avresult

event_outcome

avblockreason

event_policy

avengine, wfprofile, icapprofile, iprofile, clicmd

event_profile

event_severity

event_severity

subtype

event_subtype

type

event_type

filepath

file_path

filesize

file_size

protocol

http_method

dsturl

http_url

sessionid

net_sessionid

clientip

src_ip

usertype

user_classification

user

user_id
Previous
Next

FortiIsolator logs

FortiAnalyzer supports normalizing FortiIsolator logs as Fabric logs.

The following field mapping applies:

FortiIsolator Log Field

Normalized Fabric Log Field
id, loguid loguid

epid

epid

euid

euid

devid

data_sourceid

data_sourcename

data_sourcename

data_sourcetype

dat_sourcetype

eventtime

data_timestamp

browsertype

app_name

pid

app_proc

browserver

app_ver

avaction, wfaction

event_action

msg

event_message

avresult

event_outcome

avblockreason

event_policy

avengine, wfprofile, icapprofile, iprofile, clicmd

event_profile

event_severity

event_severity

subtype

event_subtype

type

event_type

filepath

file_path

filesize

file_size

protocol

http_method

dsturl

http_url

sessionid

net_sessionid

clientip

src_ip

usertype

user_classification

user

user_id
Previous
Next