Fortinet black logo

FortiOS Log Message Reference

16401 - LOGID_ATTACK_BOTNET_NOTIF

16401 - LOGID_ATTACK_BOTNET_NOTIF

Message ID: 16401

Message Description: LOGID_ATTACK_BOTNET_NOTIF

Message Meaning: Botnet C&C Communication (notice)

Type: IPS

Category: BOTNET

Severity: Notice

Log Field Name

Description

Data Type

Length

action

string

16

attack

string

256

attackcontext

string

2040

attackcontextid

string

10

attackid

uint32

10

authserver

string

32

craction

uint32

10

crlevel

string

10

crscore

uint32

10

date

string

10

devid

string

16

direction

string

8

dstintf

string

64

dstintfrole

string

10

dstip

ip

39

dstport

uint16

5

eventtime

uint64

20

eventtype

string

32

fctuid

string

32

forwardedfor

string

128

group

string

64

level

string

11

logid

string

10

msg

string

518

policyid

uint32

10

profile

string

64

proto

uint8

3

rawdata

string

20480

rawdataid

string

10

ref

string

4096

service

string

80

sessionid

uint32

10

severity

string

8

srccountry

string

64

srcdomain

string

255

srcintf

string

64

srcintfrole

string

10

srcip

ip

39

srcport

uint16

5

subtype

string

20

time

string

8

trueclntip

ip

39

type

string

16

tz

string

5

unauthuser

string

66

unauthusersource

string

66

user

string

256

vd

string

32

vrf

uint8

3

16401 - LOGID_ATTACK_BOTNET_NOTIF

Message ID: 16401

Message Description: LOGID_ATTACK_BOTNET_NOTIF

Message Meaning: Botnet C&C Communication (notice)

Type: IPS

Category: BOTNET

Severity: Notice

Log Field Name

Description

Data Type

Length

action

string

16

attack

string

256

attackcontext

string

2040

attackcontextid

string

10

attackid

uint32

10

authserver

string

32

craction

uint32

10

crlevel

string

10

crscore

uint32

10

date

string

10

devid

string

16

direction

string

8

dstintf

string

64

dstintfrole

string

10

dstip

ip

39

dstport

uint16

5

eventtime

uint64

20

eventtype

string

32

fctuid

string

32

forwardedfor

string

128

group

string

64

level

string

11

logid

string

10

msg

string

518

policyid

uint32

10

profile

string

64

proto

uint8

3

rawdata

string

20480

rawdataid

string

10

ref

string

4096

service

string

80

sessionid

uint32

10

severity

string

8

srccountry

string

64

srcdomain

string

255

srcintf

string

64

srcintfrole

string

10

srcip

ip

39

srcport

uint16

5

subtype

string

20

time

string

8

trueclntip

ip

39

type

string

16

tz

string

5

unauthuser

string

66

unauthusersource

string

66

user

string

256

vd

string

32

vrf

uint8

3