Fortinet black logo

FortiSOAR logs

FortiSOAR logs

FortiAnalyzer supports normalizing FortiSOAR logs as Fabric logs.

The following field mapping applies:

FortiSOAR Log Field

Normalized Fabric Log Field

loguid,id loguid
epid epid
euid euid
devid,device_id data_sourceid
data_source_name data_sourcename
data_sourcetype data_sourcetype
data_timestamp,dtime data_timestamp
FSR_NAME app_name
service_name app_service
FSR_VER app_ver
event_id event_id
event_message event_message
event_profile event_profile
event_severity event_severity
event_subtype event_subtype
event_type event_type
host_classification host_classification
host_name host_name
src_ip src_ip
user_id user_id
user_name user_name

FortiSOAR logs

FortiAnalyzer supports normalizing FortiSOAR logs as Fabric logs.

The following field mapping applies:

FortiSOAR Log Field

Normalized Fabric Log Field

loguid,id loguid
epid epid
euid euid
devid,device_id data_sourceid
data_source_name data_sourcename
data_sourcetype data_sourcetype
data_timestamp,dtime data_timestamp
FSR_NAME app_name
service_name app_service
FSR_VER app_ver
event_id event_id
event_message event_message
event_profile event_profile
event_severity event_severity
event_subtype event_subtype
event_type event_type
host_classification host_classification
host_name host_name
src_ip src_ip
user_id user_id
user_name user_name