Fortinet black logo

FortiOS Log Message Reference

16385 - LOGID_ATTCK_SIGNATURE_ICMP

Message ID: 16385

Message Description: LOGID_ATTCK_SIGNATURE_ICMP

Message Meaning: Attack detected by ICMP signature

Type: IPS

Category: SIGNATURE

Severity: Alert

Log Field Name

Description

Data Type

Length

action

Security action performed by IPS

string

16

attack

Attack Name

string

256

attackcontext

the trigger patterns and the packetdata with base64 encoding

string

2040

attackcontextid

attack context id / total

string

10

attackid

Attack ID

uint32

10

authserver

string

32

craction

uint32

10

crlevel

Client Reputation Level

string

10

crscore

Client Reputation Score

uint32

10

date

Date

string

10

devid

string

16

direction

string

8

dstintf

Destination Interface

string

64

dstintfrole

string

10

dstip

Destination IP

ip

39

eventtime

uint64

20

eventtype

IPS Event Type

string

32

fctuid

string

32

forwardedfor

string

128

group

User group name

string

64

icmpcode

Destination Port of the ICMP message

string

6

icmpid

Source port of the ICMP message

string

8

icmptype

The type of ICMP message

string

6

incidentserialno

Incident serial number

uint32

10

level

Log Level

string

11

logid

Log ID

string

10

msg

Log message for the attack

string

518

policyid

Policy ID

uint32

10

profile

Profile name for IPS

string

64

proto

Protocol number

uint8

3

rawdata

string

20480

rawdataid

string

10

ref

URL of the FortiGuard IPS database entry for the attack.

string

4096

service

Service name

string

80

sessionid

Session ID

uint32

10

severity

Severity of the attack

string

8

srccountry

string

64

srcdomain

string

255

srcintf

Source Interface

string

64

srcintfrole

string

10

srcip

Source IP

ip

39

subtype

Log Subtype

string

20

time

Time

string

8

trueclntip

ip

39

type

Log type

string

16

tz

string

5

unauthuser

string

66

unauthusersource

string

66

user

User name

string

256

vd

Virtual domain name

string

32

vrf

uint8

3

Message ID: 16385

Message Description: LOGID_ATTCK_SIGNATURE_ICMP

Message Meaning: Attack detected by ICMP signature

Type: IPS

Category: SIGNATURE

Severity: Alert

Log Field Name

Description

Data Type

Length

action

Security action performed by IPS

string

16

attack

Attack Name

string

256

attackcontext

the trigger patterns and the packetdata with base64 encoding

string

2040

attackcontextid

attack context id / total

string

10

attackid

Attack ID

uint32

10

authserver

string

32

craction

uint32

10

crlevel

Client Reputation Level

string

10

crscore

Client Reputation Score

uint32

10

date

Date

string

10

devid

string

16

direction

string

8

dstintf

Destination Interface

string

64

dstintfrole

string

10

dstip

Destination IP

ip

39

eventtime

uint64

20

eventtype

IPS Event Type

string

32

fctuid

string

32

forwardedfor

string

128

group

User group name

string

64

icmpcode

Destination Port of the ICMP message

string

6

icmpid

Source port of the ICMP message

string

8

icmptype

The type of ICMP message

string

6

incidentserialno

Incident serial number

uint32

10

level

Log Level

string

11

logid

Log ID

string

10

msg

Log message for the attack

string

518

policyid

Policy ID

uint32

10

profile

Profile name for IPS

string

64

proto

Protocol number

uint8

3

rawdata

string

20480

rawdataid

string

10

ref

URL of the FortiGuard IPS database entry for the attack.

string

4096

service

Service name

string

80

sessionid

Session ID

uint32

10

severity

Severity of the attack

string

8

srccountry

string

64

srcdomain

string

255

srcintf

Source Interface

string

64

srcintfrole

string

10

srcip

Source IP

ip

39

subtype

Log Subtype

string

20

time

Time

string

8

trueclntip

ip

39

type

Log type

string

16

tz

string

5

unauthuser

string

66

unauthusersource

string

66

user

User name

string

256

vd

Virtual domain name

string

32

vrf

uint8

3