Fortinet black logo

Syslog Message Reference

Home FortiEDR/XDR 5.2.0 Syslog Message Reference
5.2.0
6.2.0
6.0.0
5.2.0

Syslog information

Syslog information

Syslog types

Each syslog message contains a Type (type) field that indicates its source.

Type

Description

Security event

FortiEDR security events.

System event

System events regarding FortiEDR deployment health.

Audit trail

Audit records of the FortiEDR console audit log.

Syslog message format

The FortiEDR syslog messages contain the following sections:

  • Facility Code: All messages have the value 16 (Custom App).
  • Severity: All messages have the value 5 (Notice).
  • MessageType: Enables you to differentiate between syslog message categories – Security event, System event, or Audit trail.
  • Message Text: Contains the name and value of all the selected fields.

    For example, Device name: Laptop123. Each field is separated by a semi-colon (;).

  • Time: Syslog events time in UTC format.
Previous
Next

Syslog information

Syslog types

Each syslog message contains a Type (type) field that indicates its source.

Type

Description

Security event

FortiEDR security events.

System event

System events regarding FortiEDR deployment health.

Audit trail

Audit records of the FortiEDR console audit log.

Syslog message format

The FortiEDR syslog messages contain the following sections:

  • Facility Code: All messages have the value 16 (Custom App).
  • Severity: All messages have the value 5 (Notice).
  • MessageType: Enables you to differentiate between syslog message categories – Security event, System event, or Audit trail.
  • Message Text: Contains the name and value of all the selected fields.

    For example, Device name: Laptop123. Each field is separated by a semi-colon (;).

  • Time: Syslog events time in UTC format.
Previous
Next