Fortinet black logo

Syslog Message Reference

Home FortiEDR/XDR 5.2.0 Syslog Message Reference
5.2.0
6.2.0
6.0.0
5.2.0

Audit trail

Audit trail

The following table describes the fields in audit trails. The order that the fields are listed reflects the order of the fields in audit trails syslog messages.

Syslog Field

Description

Data Type

Length

Organization

Name of the organization the system event belongs to.

String

100

Date

Time of the occurrence of the audited action in UTC format: DD-MM-YYYY, hh:mm:ss. FortiEDR uses the Central Manager’s time when tracking audit trails.

Timestamp

18

Sub-system

Name of the FortiEDR module where the audited action was performed. For example: Administration, System, System Events.

String

25

User Name

Name of the user performing the audited action.

String

250

Description

Details of the audited action.

String

1500
Previous
Next

Audit trail

The following table describes the fields in audit trails. The order that the fields are listed reflects the order of the fields in audit trails syslog messages.

Syslog Field

Description

Data Type

Length

Organization

Name of the organization the system event belongs to.

String

100

Date

Time of the occurrence of the audited action in UTC format: DD-MM-YYYY, hh:mm:ss. FortiEDR uses the Central Manager’s time when tracking audit trails.

Timestamp

18

Sub-system

Name of the FortiEDR module where the audited action was performed. For example: Administration, System, System Events.

String

25

User Name

Name of the user performing the audited action.

String

250

Description

Details of the audited action.

String

1500
Previous
Next