Fortinet Document Library

Version:


Table of Contents

Technical Tip: Event time display in the logs

6.2.0
Copy Link
Technical Tip: Event time display in the logs
Products
FortiGate v6.2
 
Description
This article describes event time log stamp display in the event logs.
Solution
In 6.0.x ver and below versions event time view was in seconds.
In 6.2.x versions the display has been changed to Nano seconds.


Refer to the below forward traffic logs(CLI and GUI):

In the CLI, the eventtime field shows the nanosecond epoch timestamp.
See the sample logs below.
          1: date=2019-05-06 time=18:10:42 logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1557191442762142681 srcip=10.1.100.11 identifier=19586 srcintf="port1" srcintfrole="lan" dstip=172.16.200.44 dstintf="to_Server" dstintfrole="undefined" poluuid="3eee2894-6ba6-51e9-701a-3e36040a7691" sessionid=18577 proto=1 action="accept" policyid=5 policytype="policy" service="PING" dstcountry="Reserved" srccountry="Reserved" trandisp="noop" duration=132 sentbyte=6132 rcvdbyte=6132 sentpkt=73 rcvdpkt=73 vpn="to_Server" vpntype="ipsec-static" appcat="unscanned" devtype="Linux PC" devcategory="None" osname="Linux" osversion="Debian" mastersrcmac="00:0c:29:8d:4b:85" srcmac="00:0c:29:8d:4b:85" srcserver=0
          2: date=2019-05-06 time=17:59:54 logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1557190793962136380 srcip=10.1.100.11 identifier=19504 srcintf="port1" srcintfrole="lan" dstip=172.16.200.55 dstintf="port2" dstintfrole="lan" poluuid="4756c21c-66d2-51e9-1813-5ac7998004b1" sessionid=17902 proto=1 action="accept" policyid=3 policytype="policy" service="PING" dstcountry="Reserved" srccountry="Reserved" trandisp="snat" transip=172.16.200.5 transport=0 duration=62 sentbyte=168 rcvdbyte=168 sentpkt=2 rcvdpkt=2 appcat="unscanned" devtype="Linux PC" devcategory="None" osname="Linux" osversion="Debian" mastersrcmac="00:0c:29:8d:4b:85" srcmac="00:0c:29:8d:4b:85" srcserver=0
 
 
Technical Tip: Event time display in the logs
Products
FortiGate v6.2
 
Description
This article describes event time log stamp display in the event logs.
Solution
In 6.0.x ver and below versions event time view was in seconds.
In 6.2.x versions the display has been changed to Nano seconds.


Refer to the below forward traffic logs(CLI and GUI):

In the CLI, the eventtime field shows the nanosecond epoch timestamp.
See the sample logs below.
          1: date=2019-05-06 time=18:10:42 logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1557191442762142681 srcip=10.1.100.11 identifier=19586 srcintf="port1" srcintfrole="lan" dstip=172.16.200.44 dstintf="to_Server" dstintfrole="undefined" poluuid="3eee2894-6ba6-51e9-701a-3e36040a7691" sessionid=18577 proto=1 action="accept" policyid=5 policytype="policy" service="PING" dstcountry="Reserved" srccountry="Reserved" trandisp="noop" duration=132 sentbyte=6132 rcvdbyte=6132 sentpkt=73 rcvdpkt=73 vpn="to_Server" vpntype="ipsec-static" appcat="unscanned" devtype="Linux PC" devcategory="None" osname="Linux" osversion="Debian" mastersrcmac="00:0c:29:8d:4b:85" srcmac="00:0c:29:8d:4b:85" srcserver=0
          2: date=2019-05-06 time=17:59:54 logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1557190793962136380 srcip=10.1.100.11 identifier=19504 srcintf="port1" srcintfrole="lan" dstip=172.16.200.55 dstintf="port2" dstintfrole="lan" poluuid="4756c21c-66d2-51e9-1813-5ac7998004b1" sessionid=17902 proto=1 action="accept" policyid=3 policytype="policy" service="PING" dstcountry="Reserved" srccountry="Reserved" trandisp="snat" transip=172.16.200.5 transport=0 duration=62 sentbyte=168 rcvdbyte=168 sentpkt=2 rcvdpkt=2 appcat="unscanned" devtype="Linux PC" devcategory="None" osname="Linux" osversion="Debian" mastersrcmac="00:0c:29:8d:4b:85" srcmac="00:0c:29:8d:4b:85" srcserver=0