Source and destination UUID logging

The log-uuid setting in system global is split into two settings: log-uuid-address and log-uuid policy.

The traffic log includes two internet-service name fields: Source Internet Service (srcinetsvc) and Destination Internet Service (dstinetsvc).


UUIDs can be matched for each source and destination that match a policy that is added to the traffic log. This allows the address objects to be referenced in log analysis and reporting.

As this may consume a significant amount of storage space, this feature is optional. By default, policy UUID insertion is enabled and address UUID insertion is disabled.

To enable address and policy UUID insertion in traffic logs using the GUI:
  1. Go to Log & Report > Log Settings.
  2. Under UUIDs in Traffic Log, enable Policy and/or Address.
  3. Click Apply.

To enable address and policy UUID insertion in traffic logs using the CLI:
config system global	
   set log-uuid-address enable
   set log-uuid-policy enable
Sample log
date=2019-01-25 time=11:32:55 logid="0000000013" type="traffic" subtype="forward" level="notice" vd="vdom1" eventtime=1528223575srcip= srcname="PC24" srcport=33709 srcintf="lan" srcintfrole="lan" dstip= dstport=80 dstintf="wan1" dstintfrole="wan" srcuuid="27dd503e‑883c‑51e7‑ade1‑7e015d46494f" dstuuid="27dd503e-883c-51e7-ade1-7e015d46494f" poluuid="9e0fe24c‑1808‑51e8‑1257‑68ce4245572c" sessionid=5181 proto=6 action="client-