Fortinet black logo

FortiOS Log Message Reference

17 - LOG_ID_TRAFFIC_SNIFFER

Message ID: 17

Message Description: LOG_ID_TRAFFIC_SNIFFER

Message Meaning: Sniffer traffic

Type: Traffic

Category: SNIFFER

Severity: Notice

Log Field Name

Description

Data Type

Length

action

string

16

agent

string

64

ap

string

36

app

string

96

appact

string

16

appcat

string

64

appid

uint32

10

applist

string

64

apprisk

string

16

apsn

string

36

authserver

string

32

centralnatid

uint32

10

channel

uint32

10

comment

string

1024

countapp

uint32

10

countav

uint32

10

countcifs

uint32

10

countdlp

uint32

10

countdns

uint32

10

countemail

uint32

10

countff

uint32

10

countips

uint32

10

countssh

uint32

10

countssl

uint32

10

countwaf

uint32

10

countweb

uint32

10

craction

uint32

10

crlevel

string

10

crscore

uint32

10

date

string

10

devid

string

16

devtype

string

66

dstcountry

string

64

dstdevtype

string

66

dstfamily

string

66

dsthwvendor

string

66

dsthwversion

string

66

dstinetsvc

string

64

dstintf

string

32

dstintfrole

string

10

dstip

ip

39

dstmac

string

17

dstname

string

66

dstosname

string

66

dstport

uint16

5

dstserver

uint8

3

dstssid

string

33

dstswversion

string

66

dstunauthuser

string

66

dstunauthusersource

string

66

dstuuid

string

37

duration

uint32

10

eventtime

uint64

20

fctuid

string

32

group

string

64

identifier

uint16

5

lanin

uint64

20

lanout

uint64

20

level

string

11

logid

string

10

masterdstmac

string

17

mastersrcmac

string

17

msg

string

64

osname

string

66

policyid

uint32

10

policyname

string

36

policytype

string

24

poluuid

string

37

proto

uint8

3

radioband

string

64

rcvdbyte

uint64

20

rcvddelta

uint64

20

rcvdpkt

uint32

10

sentbyte

uint64

20

sentdelta

uint64

20

sentpkt

uint32

10

service

string

80

sessionid

uint32

10

shaperdroprcvdbyte

uint32

10

shaperdropsentbyte

uint32

10

shaperperipdropbyte

uint32

10

shaperperipname

string

36

shaperrcvdname

string

36

shapersentname

string

36

shapingpolicyid

uint32

10

srccountry

string

64

srcdomain

string

255

srcfamily

string

66

srchwvendor

string

66

srchwversion

string

66

srcinetsvc

string

64

srcintf

string

32

srcintfrole

string

10

srcip

ip

39

srcmac

string

17

srcname

string

66

srcport

uint16

5

srcserver

uint8

3

srcssid

string

33

srcswversion

string

66

srcuuid

string

37

sslaction

string

26

subtype

string

20

time

string

8

trandisp

string

16

tranip

ip

39

tranport

uint16

5

transip

ip

39

transport

uint16

5

type

string

16

tz

string

5

unauthuser

string

66

unauthusersource

string

66

url

string

512

user

string

256

utmaction

string

32

vd

string

32

vpn

string

32

vpntype

string

14

vrf

uint8

3

vwlid

uint32

10

vwlquality

string

320

vwlservice

string

64

vwpvlanid

uint32

10

wanin

uint64

20

wanoptapptype

string

9

wanout

uint64

20

Message ID: 17

Message Description: LOG_ID_TRAFFIC_SNIFFER

Message Meaning: Sniffer traffic

Type: Traffic

Category: SNIFFER

Severity: Notice

Log Field Name

Description

Data Type

Length

action

string

16

agent

string

64

ap

string

36

app

string

96

appact

string

16

appcat

string

64

appid

uint32

10

applist

string

64

apprisk

string

16

apsn

string

36

authserver

string

32

centralnatid

uint32

10

channel

uint32

10

comment

string

1024

countapp

uint32

10

countav

uint32

10

countcifs

uint32

10

countdlp

uint32

10

countdns

uint32

10

countemail

uint32

10

countff

uint32

10

countips

uint32

10

countssh

uint32

10

countssl

uint32

10

countwaf

uint32

10

countweb

uint32

10

craction

uint32

10

crlevel

string

10

crscore

uint32

10

date

string

10

devid

string

16

devtype

string

66

dstcountry

string

64

dstdevtype

string

66

dstfamily

string

66

dsthwvendor

string

66

dsthwversion

string

66

dstinetsvc

string

64

dstintf

string

32

dstintfrole

string

10

dstip

ip

39

dstmac

string

17

dstname

string

66

dstosname

string

66

dstport

uint16

5

dstserver

uint8

3

dstssid

string

33

dstswversion

string

66

dstunauthuser

string

66

dstunauthusersource

string

66

dstuuid

string

37

duration

uint32

10

eventtime

uint64

20

fctuid

string

32

group

string

64

identifier

uint16

5

lanin

uint64

20

lanout

uint64

20

level

string

11

logid

string

10

masterdstmac

string

17

mastersrcmac

string

17

msg

string

64

osname

string

66

policyid

uint32

10

policyname

string

36

policytype

string

24

poluuid

string

37

proto

uint8

3

radioband

string

64

rcvdbyte

uint64

20

rcvddelta

uint64

20

rcvdpkt

uint32

10

sentbyte

uint64

20

sentdelta

uint64

20

sentpkt

uint32

10

service

string

80

sessionid

uint32

10

shaperdroprcvdbyte

uint32

10

shaperdropsentbyte

uint32

10

shaperperipdropbyte

uint32

10

shaperperipname

string

36

shaperrcvdname

string

36

shapersentname

string

36

shapingpolicyid

uint32

10

srccountry

string

64

srcdomain

string

255

srcfamily

string

66

srchwvendor

string

66

srchwversion

string

66

srcinetsvc

string

64

srcintf

string

32

srcintfrole

string

10

srcip

ip

39

srcmac

string

17

srcname

string

66

srcport

uint16

5

srcserver

uint8

3

srcssid

string

33

srcswversion

string

66

srcuuid

string

37

sslaction

string

26

subtype

string

20

time

string

8

trandisp

string

16

tranip

ip

39

tranport

uint16

5

transip

ip

39

transport

uint16

5

type

string

16

tz

string

5

unauthuser

string

66

unauthusersource

string

66

url

string

512

user

string

256

utmaction

string

32

vd

string

32

vpn

string

32

vpntype

string

14

vrf

uint8

3

vwlid

uint32

10

vwlquality

string

320

vwlservice

string

64

vwpvlanid

uint32

10

wanin

uint64

20

wanoptapptype

string

9

wanout

uint64

20