Fortinet black logo

FortiOS Log Message Reference

13649 - LOG_ID_WEB_WF_ANTIPHISH_MATCH_FTGD_ALLOW

13649 - LOG_ID_WEB_WF_ANTIPHISH_MATCH_FTGD_ALLOW

Message ID: 13649

Message Description: LOG_ID_WEB_WF_ANTIPHISH_MATCH_FTGD_ALLOW

Message Meaning: Antiphishing matched a Fortiguard category rule without blocking the request.

Type: Web

Category: ANTIPHISHING

Severity: Warning

Log Field Name

Description

Data Type

Length

action

Security action performed by WF: blocked - url is blocked by webfilter passthrough - url is allowed by webfilter

string

11

antiphishdc

string

64

antiphishrule

string

64

authserver

Authentication server for the user

string

64

cat

Web category ID

uint8

3

catdesc

Web category description

string

64

craction

Client Reputation Action

uint32

10

crlevel

Client Reputation level

string

10

crscore

Client Reputation Score

uint32

10

date

Date

string

10

devid

Device ID

string

16

direction

Direction of the web traffic

string

8

dstintf

Destination Interface

string

32

dstintfrole

Destination Interface's assigned role (LAN, WAN, etc.)

string

10

dstip

Destination IP

ip

39

dstport

Destination Port

uint16

5

dstuuid

string

64

eventtime

Web Filter event time

uint64

20

eventtype

Web Filter event type

string

32

fctuid

FortiClient UID

string

32

forwardedfor

X-Forwarded-For HTTP header

string

128

group

User group name

string

64

hostname

The host name of a URL

string

256

initiator

The initiator user for override

string

64

level

Log Level

string

11

logid

Log ID

string

10

method

Rating override method by URL domain name or IP address

string

6

msg

Log message

string

512

policyid

Policy ID

uint32

10

policymode

string

8

profile

Web Filter profile name

string

64

proto

Protocol number

uint8

3

rawdata

Extended logging data including HTTP method, URL, client content type, server content type, user agent, referer, x-forwarded-for

string

1024

rcvdbyte

Received Bytes

uint64

20

referralurl

Referrer URI

string

512

reqtype

Request type

string

8

sentbyte

Sent Bytes

uint64

20

service

Service name

string

36

sessionid

Session ID

uint32

10

srcdomain

string

255

srcintf

Source Interface

string

32

srcintfrole

Source Interface's assigned role (LAN, WAN, etc.)

string

10

srcip

Source IP

ip

39

srcport

Source Port

uint16

5

srcuuid

string

64

subtype

Log subtype

string

20

time

Time

string

8

trueclntip

True-Client-IP HTTP header

ip

39

type

Log type

string

16

tz

Time Zone

string

5

unauthuser

Unauthenticated user

string

66

unauthusersource

Unauthenticated user source

string

66

url

The URL address

string

512

user

User name

string

256

vd

Virtual domain name

string

32

vrf

Virtual router forwarding

uint8

3

13649 - LOG_ID_WEB_WF_ANTIPHISH_MATCH_FTGD_ALLOW

Message ID: 13649

Message Description: LOG_ID_WEB_WF_ANTIPHISH_MATCH_FTGD_ALLOW

Message Meaning: Antiphishing matched a Fortiguard category rule without blocking the request.

Type: Web

Category: ANTIPHISHING

Severity: Warning

Log Field Name

Description

Data Type

Length

action

Security action performed by WF: blocked - url is blocked by webfilter passthrough - url is allowed by webfilter

string

11

antiphishdc

string

64

antiphishrule

string

64

authserver

Authentication server for the user

string

64

cat

Web category ID

uint8

3

catdesc

Web category description

string

64

craction

Client Reputation Action

uint32

10

crlevel

Client Reputation level

string

10

crscore

Client Reputation Score

uint32

10

date

Date

string

10

devid

Device ID

string

16

direction

Direction of the web traffic

string

8

dstintf

Destination Interface

string

32

dstintfrole

Destination Interface's assigned role (LAN, WAN, etc.)

string

10

dstip

Destination IP

ip

39

dstport

Destination Port

uint16

5

dstuuid

string

64

eventtime

Web Filter event time

uint64

20

eventtype

Web Filter event type

string

32

fctuid

FortiClient UID

string

32

forwardedfor

X-Forwarded-For HTTP header

string

128

group

User group name

string

64

hostname

The host name of a URL

string

256

initiator

The initiator user for override

string

64

level

Log Level

string

11

logid

Log ID

string

10

method

Rating override method by URL domain name or IP address

string

6

msg

Log message

string

512

policyid

Policy ID

uint32

10

policymode

string

8

profile

Web Filter profile name

string

64

proto

Protocol number

uint8

3

rawdata

Extended logging data including HTTP method, URL, client content type, server content type, user agent, referer, x-forwarded-for

string

1024

rcvdbyte

Received Bytes

uint64

20

referralurl

Referrer URI

string

512

reqtype

Request type

string

8

sentbyte

Sent Bytes

uint64

20

service

Service name

string

36

sessionid

Session ID

uint32

10

srcdomain

string

255

srcintf

Source Interface

string

32

srcintfrole

Source Interface's assigned role (LAN, WAN, etc.)

string

10

srcip

Source IP

ip

39

srcport

Source Port

uint16

5

srcuuid

string

64

subtype

Log subtype

string

20

time

Time

string

8

trueclntip

True-Client-IP HTTP header

ip

39

type

Log type

string

16

tz

Time Zone

string

5

unauthuser

Unauthenticated user

string

66

unauthusersource

Unauthenticated user source

string

66

url

The URL address

string

512

user

User name

string

256

vd

Virtual domain name

string

32

vrf

Virtual router forwarding

uint8

3