Fortinet white logo
Fortinet white logo

FortiOS Log Message Reference

8968 - MESGID_SCAN_ARCHIVE_NESTED_WARNING

8968 - MESGID_SCAN_ARCHIVE_NESTED_WARNING

Message ID: 8968

Message Description: MESGID_SCAN_ARCHIVE_NESTED_WARNING

Message Meaning: File is a nested archived file

Type: AV

Category: SCANERROR

Severity: Warning

Log Field Name

Description

Data Type

Length

action

The security action performed by AV

string

16

agent

User agent - eg. agent="Mozilla/5.0"

string

64

analyticscksum

The checksum of the file submitted for analytics

string

64

analyticssubmit

The flag for analytics submission

string

10

checksum

The checksum of the scanned file

string

16

crlevel

Client Reputation Level

string

10

crscore

Client Reputation Score

uint32

10

date

Date

string

10

direction

Message/packets direction

string

8

dstintf

Destination Interface

string

32

dstintfrole

string

10

dstip

Destination IP Address

ip

39

dstport

Destination Port

uint16

5

dtype

Data type for virus category

string

32

eventtime

uint64

20

eventtype

Event type of AV

string

32

fctuid

string

32

filename

File name

string

256

from

Email address from the Email Headers (IMAP/POP3/SMTP)

string

128

group

Group name (authentication)

string

64

level

Log level

string

11

logid

Log ID

string

10

msg

Log message

string

policyid

Policy ID

uint32

10

profile

The name of the profile that was used to detect and take action

string

64

proto

Protocol number

uint8

3

quarskip

Quarantine skip explanation

string

46

recipient

Email addresses from the SMTP envelope

string

512

ref

The URL of the FortiGuard IPS database entry for the attack

string

512

sender

Email address from the SMTP envelope

string

128

service

Proxy service which scanned this traffic

string

5

sessionid

Session ID

uint32

10

srcintf

Source Interface

string

32

srcintfrole

string

10

srcip

Source IP Address

ip

39

srcport

Source Port

uint16

5

subtype

subtype of the virus log

string

20

time

Time

string

8

to

Email address(es) from the Email Headers (IMAP/POP3/SMTP)

string

512

type

Log type

string

16

unauthuser

string

66

unauthusersource

string

66

url

The url address

string

512

user

Username (authentication)

string

256

vd

VDOM name

string

32

virus

Virus Name

string

128

virusid

Virus ID (unique virus identifier)

uint32

10

vrf

uint8

3

8968 - MESGID_SCAN_ARCHIVE_NESTED_WARNING

8968 - MESGID_SCAN_ARCHIVE_NESTED_WARNING

Message ID: 8968

Message Description: MESGID_SCAN_ARCHIVE_NESTED_WARNING

Message Meaning: File is a nested archived file

Type: AV

Category: SCANERROR

Severity: Warning

Log Field Name

Description

Data Type

Length

action

The security action performed by AV

string

16

agent

User agent - eg. agent="Mozilla/5.0"

string

64

analyticscksum

The checksum of the file submitted for analytics

string

64

analyticssubmit

The flag for analytics submission

string

10

checksum

The checksum of the scanned file

string

16

crlevel

Client Reputation Level

string

10

crscore

Client Reputation Score

uint32

10

date

Date

string

10

direction

Message/packets direction

string

8

dstintf

Destination Interface

string

32

dstintfrole

string

10

dstip

Destination IP Address

ip

39

dstport

Destination Port

uint16

5

dtype

Data type for virus category

string

32

eventtime

uint64

20

eventtype

Event type of AV

string

32

fctuid

string

32

filename

File name

string

256

from

Email address from the Email Headers (IMAP/POP3/SMTP)

string

128

group

Group name (authentication)

string

64

level

Log level

string

11

logid

Log ID

string

10

msg

Log message

string

policyid

Policy ID

uint32

10

profile

The name of the profile that was used to detect and take action

string

64

proto

Protocol number

uint8

3

quarskip

Quarantine skip explanation

string

46

recipient

Email addresses from the SMTP envelope

string

512

ref

The URL of the FortiGuard IPS database entry for the attack

string

512

sender

Email address from the SMTP envelope

string

128

service

Proxy service which scanned this traffic

string

5

sessionid

Session ID

uint32

10

srcintf

Source Interface

string

32

srcintfrole

string

10

srcip

Source IP Address

ip

39

srcport

Source Port

uint16

5

subtype

subtype of the virus log

string

20

time

Time

string

8

to

Email address(es) from the Email Headers (IMAP/POP3/SMTP)

string

512

type

Log type

string

16

unauthuser

string

66

unauthusersource

string

66

url

The url address

string

512

user

Username (authentication)

string

256

vd

VDOM name

string

32

virus

Virus Name

string

128

virusid

Virus ID (unique virus identifier)

uint32

10

vrf

uint8

3