List of log types and subtypes
FortiGate devices can record the following types and subtypes of log entry information:
Type |
Description |
Subtype |
---|---|---|
traffic |
Records traffic flow information, such as an HTTP/HTTPS request and its response, if any. |
|
event |
Records system and administrative events, such as downloading a backup copy of the configuration, or daemon activities. |
|
UTM |
Records UTM events. |
See list of UTM log subtypes below |
UTM log subtypes
UTM Log Subtypes |
Description |
Event Type |
---|---|---|
virus |
Records virus attacks. |
|
webfilter |
Records web filter events. |
|
ips |
Records intrusion prevention events. |
|
emailfilter |
Records email filter events. |
|
anomaly |
Records intrusion attempts. |
|
voip |
Records voice over IP events. |
|
dlp |
Records data loss prevention events. |
|
app-ctrl |
Records intrusion attempts. Application control log is output when a signature matches an application pattern. |
|
waf |
Records web application firewall information for FortiWeb appliances and virtual appliances. |
|
gtp |
Records GTP events. |
|
dns |
Records domain name server events. |
|
ssh |
Records Secure Socket Shell events. |
|
ssl |
Records detected/blocked malicious SSL connections. |
|
cifs |
Records CIFS file filter events. |
|
file-filter |
Records file filter events. |
|
icap |
Records ICAP events. |
|