Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiOS Log Message Reference

    Home FortiGate / FortiOS 6.2.13 FortiOS Log Message Reference
    6.2.13
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.18
    6.0.17
    6.0.16
    6.0.15
    6.0.14
    6.0.13
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.14
    5.6.13
    5.6.12
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.4.13
    5.4.12
    5.4.11
    5.4.9
    5.4.8
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.15
    5.2.14
    5.2.13
    5.2.12
    5.2.11
    5.2.10
    5.2.8
    5.2.7
    5.2.6
    5.2.5
    5.2.4
    5.2.3
    5.2.2
    5.2.1

    16399 - LOGID_ATTACK_MALICIOUS_URL

    16399 - LOGID_ATTACK_MALICIOUS_URL

    Message ID: 16399

    Message Description: LOGID_ATTACK_MALICIOUS_URL

    Message Meaning: Attack detected by a malicious URL

    Type: IPS

    Category: MALICIOUS-URL

    Severity: Alert

    Log Field Name

    Description

    Data Type

    Length

    action

    string

    16

    attack

    string

    256

    attackcontext

    string

    2040

    attackcontextid

    string

    10

    authserver

    string

    32

    craction

    uint32

    10

    crlevel

    string

    10

    crscore

    uint32

    10

    date

    string

    10

    devid

    string

    16

    direction

    string

    8

    dstintf

    string

    64

    dstintfrole

    string

    10

    dstip

    ip

    39

    dstport

    uint16

    5

    eventtime

    uint64

    20

    eventtype

    string

    32

    fctuid

    string

    32

    forwardedfor

    string

    128

    hostname

    string

    256

    level

    string

    11

    logid

    string

    10

    msg

    string

    518

    policyid

    uint32

    10

    profile

    string

    64

    proto

    uint8

    3

    rawdata

    string

    20480

    rawdataid

    string

    10

    service

    string

    80

    sessionid

    uint32

    10

    severity

    string

    8

    srccountry

    string

    64

    srcdomain

    string

    255

    srcintf

    string

    64

    srcintfrole

    string

    10

    srcip

    ip

    39

    srcport

    uint16

    5

    subtype

    string

    20

    time

    string

    8

    trueclntip

    ip

    39

    type

    string

    16

    tz

    string

    5

    unauthuser

    string

    66

    unauthusersource

    string

    66

    url

    string

    512

    user

    string

    256

    vd

    string

    32

    vrf

    uint8

    3
    Previous
    Next

    16399 - LOGID_ATTACK_MALICIOUS_URL

    16399 - LOGID_ATTACK_MALICIOUS_URL

    Message ID: 16399

    Message Description: LOGID_ATTACK_MALICIOUS_URL

    Message Meaning: Attack detected by a malicious URL

    Type: IPS

    Category: MALICIOUS-URL

    Severity: Alert

    Log Field Name

    Description

    Data Type

    Length

    action

    string

    16

    attack

    string

    256

    attackcontext

    string

    2040

    attackcontextid

    string

    10

    authserver

    string

    32

    craction

    uint32

    10

    crlevel

    string

    10

    crscore

    uint32

    10

    date

    string

    10

    devid

    string

    16

    direction

    string

    8

    dstintf

    string

    64

    dstintfrole

    string

    10

    dstip

    ip

    39

    dstport

    uint16

    5

    eventtime

    uint64

    20

    eventtype

    string

    32

    fctuid

    string

    32

    forwardedfor

    string

    128

    hostname

    string

    256

    level

    string

    11

    logid

    string

    10

    msg

    string

    518

    policyid

    uint32

    10

    profile

    string

    64

    proto

    uint8

    3

    rawdata

    string

    20480

    rawdataid

    string

    10

    service

    string

    80

    sessionid

    uint32

    10

    severity

    string

    8

    srccountry

    string

    64

    srcdomain

    string

    255

    srcintf

    string

    64

    srcintfrole

    string

    10

    srcip

    ip

    39

    srcport

    uint16

    5

    subtype

    string

    20

    time

    string

    8

    trueclntip

    ip

    39

    type

    string

    16

    tz

    string

    5

    unauthuser

    string

    66

    unauthusersource

    string

    66

    url

    string

    512

    user

    string

    256

    vd

    string

    32

    vrf

    uint8

    3
    Previous
    Next