What's new
This section identifies major changes in the Log Reference from version 6.4.0 and later.
FortiOS 6.4.0
For more information about new features, please see the 6.4.0 New Features Guide.
Log type and subtype changes
- Internet Content Adaptation Protocol (ICAP) is added as a new log type with a log category ID of 20.
- SD-WAN is added as a new Event log subtype.
Log field values
The following log field values are changed.
Event logs:
| Field | Change |
|---|---|
| auditreporttype | Field Added |
| bibandwidth | Field Added |
| checksum | Field Removed |
| created | Field Added |
| eventtype | Field Added |
| hbdn_reason | Field Removed |
| healthcheck | Field Added |
| inbandwidth | Field Added |
| infected | Field Removed |
| jitter | Field Added |
| latency | Field Added |
| member | Field Added |
| msgproto | Field Removed |
| neighbor | Field Added |
| newvalue | Field Added |
| nf_type | Field Removed |
| numpassmember | Field Added |
| oldvalue | Field Added |
| outbandwidth | Field Added |
| packetloss | Field Added |
| profile_vd | Field Removed |
| profilegroup | Field Removed |
| profiletype | Field Removed |
| scanned | Field Removed |
| serviceid | Field Added |
| sess_duration | Field Removed |
| slamap | Field Added |
| slatargetid | Field Added |
| stitchaction | Field Added |
| suspicious | Field Removed |
| to | Field Removed |
| virus | Field Removed |
| waninfo | Field Added |
ICAP logs:
|
Field |
Change |
|---|---|
|
action |
Field Added |
|
date |
Field Added |
|
devid |
Field Added |
|
dstintf |
Field Added |
|
dstintfrole |
Field Added |
|
dstip |
Field Added |
|
dstport |
Field Added |
|
eventtime |
Field Added |
|
eventtype |
Field Added |
|
level |
Field Added |
|
logid |
Field Added |
|
msg |
Field Added |
|
policyid |
Field Added |
|
profile |
Field Added |
|
proto |
Field Added |
|
service |
Field Added |
|
sessionid |
Field Added |
|
srcintf |
Field Added |
|
srcintfrole |
Field Added |
|
srcip |
Field Added |
|
srcport |
Field Added |
|
subtype |
Field Added |
|
time |
Field Added |
|
type |
Field Added |
|
tz |
Field Added |
|
url |
Field Added |
|
vd |
Field Added |
SSL logs:
|
Field |
Change |
|---|---|
|
certdesc |
Field Added |
|
eventsubtype |
Field Added |
|
reason |
Field Removed |
|
vrf |
Field Added |
Traffic logs:
|
Field |
Change |
|---|---|
|
counticap |
Field Added |
|
dstcity |
Field Added |
|
dstregion |
Field Added |
|
srccity |
Field Added |
|
srcregion |
Field Added |
Web logs:
|
Field |
Change |
|---|---|
|
antiphishdc |
Field Added |
|
antiphishrule |
Field Added |
Log ID changes
The following log IDs are changed.
AV logs:
|
Log ID |
Message |
Change |
|---|---|---|
|
8457 |
MESGID_MMS_CHECKSUM |
Log ID Removed |
|
8458 |
MESGID_MMS_CHECKSUM_NOTIF |
Log ID Removed |
CIFS logs:
|
Log ID |
Message |
Change |
|---|---|---|
|
63002 |
LOG_ID_CIFS_CONN_FAIL |
Log ID Added |
|
63003 |
LOG_ID_CIFS_AUTH_FAIL |
Log ID Added |
|
63004 |
LOG_ID_CIFS_AUTH_INTERNAL_ERROR |
Log ID Added |
|
63005 |
LOG_ID_CIFS_AUTH_KRB_ERROR |
Log ID Added |
Email logs:
|
LogID |
Message |
Change |
|---|---|---|
|
20485 |
LOGID_ANTISPAM_ENDPOINT_FILTER_WARNING |
Log ID Removed |
|
20486 |
LOGID_ANTISPAM_ENDPOINT_FILTER_NOTIF |
Log ID Removed |
|
20487 |
LOGID_ANTISPAM_ENDPOINT_MM7_WARNING |
Log ID Removed |
|
20488 |
LOGID_ANTISPAM_ENDPOINT_MM7_NOTIF |
Log ID Removed |
|
20489 |
LOGID_ANTISPAM_ENDPOINT_MM1_WARNING |
Log ID Removed |
|
20490 |
LOGID_ANTISPAM_ENDPOINT_MM1_NOTIF |
Log ID Removed |
|
20492 |
LOGID_ANTISPAM_MM1_FLOOD_WARNING |
Log ID Removed |
|
20493 |
LOGID_ANTISPAM_MM1_FLOOD_NOTIF |
Log ID Removed |
|
20494 |
LOGID_ANTISPAM_MM4_FLOOD_WARNING |
Log ID Removed |
|
20495 |
LOGID_ANTISPAM_MM4_FLOOD_NOTIF |
Log ID Removed |
|
20496 |
LOGID_ANTISPAM_MM1_DUPE_WARNING |
Log ID Removed |
|
20497 |
LOGID_ANTISPAM_MM1_DUPE_NOTIF |
Log ID Removed |
|
20498 |
LOGID_ANTISPAM_MM4_DUPE_WARNING |
Log ID Removed |
|
20499 |
LOGID_ANTISPAM_MM4_DUPE_NOTIF |
Log ID Removed |
Event logs:
|
LogID |
Message |
Change |
|---|---|---|
|
20079 |
LOG_ID_RAD_READY |
Log ID Removed |
|
22033 |
LOG_ID_FAIL_CSF_LOG_SYNC_NO_VALID_FSA |
Log ID Removed |
|
22050 |
LOG_ID_IPAMD_ADDRESS_ALLOCATED |
Log ID Added |
|
22051 |
LOG_ID_IPAMD_ADDRESS_SET_FAILED |
Log ID Added |
|
22052 |
LOG_ID_IPAMD_ADDRESS_INVALIDATED |
Log ID Added |
|
22053 |
LOG_ID_IPAMD_VALIDATION_COMPLETE |
Log ID Added |
|
22220 |
LOG_ID_EXT_RESOURCE |
Log ID Added |
|
22221 |
LOG_ID_EXT_RESOURCE_FAIL |
Log ID Added |
|
22222 |
LOG_ID_EXT_RESOURCE_LOAD |
Log ID Added |
|
22223 |
LOG_ID_EXT_RESOURCE_DEBUG |
Log ID Added |
|
22897 |
LOG_ID_FLCFGD_NAC_ADD |
Log ID Added |
|
22898 |
LOG_ID_FLCFGD_NAC_DELETE |
Log ID Added |
|
22899 |
LOG_ID_FLCFGD_NAC_MODIFY |
Log ID Added |
|
22919 |
LOG_ID_SVR_LOG_STATUS_CHANGED |
Log ID Added |
|
37910 |
MESGID_HB_PACKET_LOST |
Log ID Added |
|
38400 |
LOGID_EVENT_NOTIF_SEND_SUCC |
Log ID Removed |
|
38401 |
LOGID_EVENT_NOTIF_SEND_FAIL |
Log ID Removed |
|
38402 |
LOGID_EVENT_NOTIF_DNS_FAIL |
Log ID Removed |
|
43264 |
LOGID_MMS_STATS |
Log ID Removed |
|
43688 |
LOG_ID_EVENT_WIRELESS_APCFG_RECEIVE |
Log ID Added |
|
43689 |
LOG_ID_EVENT_WIRELESS_APCFG_VALIDATING |
Log ID Added |
|
43690 |
LOG_ID_EVENT_WIRELESS_APCFG_APPLY |
Log ID Added |
|
43691 |
LOG_ID_EVENT_WIRELESS_APCFG_REJECT |
Log ID Added |
|
45109 |
LOG_ID_EC_FTCL_LOGOFF |
Log ID Removed |
|
45119 |
LOG_ID_EC_FTCL_DISCONN |
Log ID Removed |
|
45120 |
LOG_ID_EC_INVALID_EMS_TAG_REFERENCED |
Log ID Added |
|
48300 |
LOG_ID_WRG_SVR_FGT_CONF |
Log ID Removed |
ICAP logs:
|
Log ID |
Message |
Change |
|---|---|---|
|
60000 |
LOG_ID_ICAP_SERVER_ERROR |
Log ID Added |
SSL logs:
|
Log ID |
Message |
Change |
|---|---|---|
|
62000 |
LOG_ID_SSL_CERT_BLACKLISTED |
Log ID Removed |
|
62001 |
LOG_ID_SSL_CERT_PASS |
Log ID Removed |
|
62002 |
LOG_ID_SSL_CERT_BLOCK |
Log ID Removed |
|
62003 |
LOG_ID_SSL_EXEMPT |
Log ID Removed |
|
62004 |
LOG_ID_SSL_EXEMPT_ADDR |
Log ID Added |
|
62005 |
LOG_ID_SSL_EXEMPT_CATEGORY |
Log ID Added |
|
62006 |
LOG_ID_SSL_EXEMPT_WHITELIST |
Log ID Added |
|
62050 |
LOG_ID_SSL_HS_CERT_REQ_EXEMPT |
Log ID Removed |
|
62051 |
LOG_ID_SSL_HS_CERT_REQ_BLOCK |
Log ID Removed |
|
62052 |
LOG_ID_SSL_HS_UNSUPPROTED_EXEMPT |
Log ID Removed |
|
62053 |
LOG_ID_SSL_HS_UNSUPPORTED_BLOCK |
Log ID Removed |
|
62100 |
LOG_ID_SSL_NEGOTIATION_INSPECT |
Log ID Added |
|
62101 |
LOG_ID_SSL_NEGOTIATION_BLOCK |
Log ID Added |
|
62102 |
LOG_ID_SSL_NEGOTIATION_BYPASS |
Log ID Added |
|
62200 |
LOG_ID_SSL_EXEMPT_ADDR |
Log ID Removed |
|
62202 |
LOG_ID_SSL_EXEMPT_FTGD_CAT |
Log ID Removed |
|
62300 |
LOG_ID_SSL_ANOMALY_CERT_BLACKLISTED |
Log ID Added |
|
62301 |
LOG_ID_SSL_ANOMALY_CERT_RESIGN_TRUSTED |
Log ID Added |
|
62302 |
LOG_ID_SSL_ANOMALY_CERT_RESIGN_UNTRUSTED |
Log ID Added |
|
62303 |
LOG_ID_SSL_ANOMALY_CERT_BLOCKED |
Log ID Added |
|
62304 |
LOG_ID_SSL_ANOMALY_CERT_SNI_MISMATCHED |
Log ID Added |
Web logs:
|
Log ID |
Message |
Change |
|---|---|---|
|
12289 |
LOG_ID_WEB_CONTENT_MMS_BANWORD |
Log ID Removed |
|
12291 |
LOG_ID_WEB_CONTENT_MMS_EXEMPTWORD |
Log ID Removed |
|
12305 |
LOG_ID_WEB_CONTENT_MMS_BANWORD_NOTIF |
Log ID Removed |
|
13648 |
LOG_ID_WEB_WF_ANTIPHISH_MATCH_URL_ALLOW |
Log ID Added |
|
13649 |
LOG_ID_WEB_WF_ANTIPHISH_MATCH_FTGD_ALLOW |
Log ID Added |
|
13650 |
LOG_ID_WEB_WF_ANTIPHISH_MATCH_DEFAULT_ALLOW |
Log ID Added |
|
13651 |
LOG_ID_WEB_WF_ANTIPHISH_MATCH_URL_BLOCK |
Log ID Added |
|
13652 |
LOG_ID_WEB_WF_ANTIPHISH_MATCH_FTGD_BLOCK |
Log ID Added |
|
13653 |
LOG_ID_WEB_WF_ANTIPHISH_MATCH_DEFAULT_BLOCK |
Log ID Added |