Fortinet white logo
Fortinet white logo

FortiOS Log Message Reference

What's new

What's new

This section identifies major changes in the Log Reference from version 7.0.0 and later. For more information about new features, please see the FortiOS 7.0 New Features Guide.

FortiOS 7.0.15

There are no major log changes between FortiOS 7.0.14 and 7.0.15.

FortiOS 7.0.14

The following log field values are changed:

Event logs:

Field

Change

unit

Field Removed

Log ID changes

The following log IDs are changed:

Event logs:

Log ID

Message

Change

22104

LOG_ID_POWER_RESTORE

Log ID Removed

22105

LOG_ID_POWER_FAILURE

Log ID Removed

FortiOS 7.0.13

Log ID changes

The following log IDs are changed:

Event logs:

Log ID

Message

Change

20235

LOG_ID_SYS_SECURITY_MOUNT_VIOLATION

Log ID Added

32263

LOG_ID_BLE_FIRMWARE_CHECK

Log ID Added

32264

LOG_ID_BLE_FIRMWARE_UPDATE

Log ID Added

FortiOS 7.0.12

Log ID changes

The following log IDs are changed:

Event logs:

Log ID

Message

Change

20230

LOG_ID_SYS_SECURITY_WRITE_VIOLATION

Log ID Added

20231

LOG_ID_SYS_SECURITY_HARDLINK_VIOLATION

Log ID Added

20232

LOG_ID_SYS_SECURITY_LOAD_MODULE_VIOLATION

Log ID Added

20233

LOG_ID_SYS_SECURITY_FILE_HASH_MISSING

Log ID Added

20234

LOG_ID_SYS_SECURITY_FILE_HASH_MISMATCH

Log ID Added

41009

LOG_ID_UPD_DB_SIGN_INVALID

Log ID Added

41011

LOG_ID_UPD_DB_UNSIGNED_INSTALLED

Log ID Added

FortiOS 7.0.11

There are no major log changes between FortiOS 7.0.10 and 7.0.11.

FortiOS 7.0.10

There are no major log changes between FortiOS 7.0.9 and 7.0.10.

FortiOS 7.0.9

There are no major log changes between FortiOS 7.0.8 and 7.0.9.

FortiOS 7.0.8

Log field values

The following log field values are changed:

AV logs:

Field Change

epoch

Field Added

eventid

Field Added

faiaction

Field Removed

faiconfidence

Field Removed

faifileid

Field Removed

faifiletype

Field Removed

faiseverity

Field Removed

fndraction

Field Added

fndrconfidence

Field Added

fndrfileid

Field Added

fndrfiletype

Field Added

fndrseverity

Field Added

Event logs:

Field

Change

alert

Field Removed

expectedsignature

Field Removed

handshake

Field Removed

received

Field Removed

receivedsignature

Field Removed

remotetunnelid

Field Added

ssllocal

Field Removed

sslremote

Field Removed

wanin

Field Added

wanout

Field Added

Log ID changes

The following log IDs are changed:

Event logs:

Log ID

Message

Change

37912

MESGID_FGSP_MEMBER_JOIN

Log ID Added

37913

MESGID_FGSP_MEMBER_LEAVE

Log ID Added

48000

LOG_ID_WAD_SSL_RCV_HS

Log ID Removed

48001

LOG_ID_WAD_SSL_RCV_WRG_HS

Log ID Removed

48002

LOG_ID_WAD_SSL_SENT_HS

Log ID Removed

48003

LOG_ID_WAD_SSL_WRG_HS_LEN

Log ID Removed

48004

LOG_ID_WAD_SSL_RCV_CCS

Log ID Removed

48005

LOG_ID_WAD_SSL_RSA_DH_FAIL

Log ID Removed

48006

LOG_ID_WAD_SSL_SENT_CCS

Log ID Removed

48007

LOG_ID_WAD_SSL_BAD_HASH

Log ID Removed

48009

LOG_ID_WAD_SSL_DECRY_FAIL

Log ID Removed

48011

LOG_ID_WAD_SSL_LESS_MINOR

Log ID Removed

48013

LOG_ID_WAD_SSL_NOT_SUPPORT_CS

Log ID Removed

48016

LOG_ID_WAD_SSL_HS_FIN

Log ID Removed

48017

LOG_ID_WAD_SSL_HS_TOO_LONG

Log ID Removed

48018

LOG_ID_WAD_SSL_MORE_MINOR

Log ID Removed

48019

LOG_ID_WAD_SSL_SENT_ALERT

Log ID Removed

48023

LOG_ID_WAD_SSL_RCV_ALERT

Log ID Removed

48027

LOG_ID_WAD_SSL_INVALID_CONT_TYPE

Log ID Removed

48029

LOG_ID_WAD_SSL_BAD_CCS_LEN

Log ID Removed

48031

LOG_ID_WAD_SSL_BAD_DH

Log ID Removed

48032

LOG_ID_WAD_SSL_PUB_KEY_TOO_BIG

Log ID Removed

48034

LOG_ID_WAD_SSL_SERVER_KEY_HASH_ALGORITHM_MISMATCH

Log ID Removed

48035

LOG_ID_WAD_SSL_SERVER_KEY_SIGNATURE_ALGORITHM_MISMATCH

Log ID Removed

48038

LOG_ID_WAD_SSL_RCV_FATAL_ALERT

Log ID Removed

48039

LOG_ID_WAD_SSL_SENT_FATAL_ALERT

Log ID Removed

48040

LOG_ID_WAD_WANOPT_TUNNEL_CREATE

Log ID Added

48041

LOG_ID_WAD_WANOPT_TUNNEL_CLOSED

Log ID Added

FortiOS 7.0.7

There are no major log changes between FortiOS 7.0.6 and 7.0.7.

FortiOS 7.0.6

Log field values

The following log field values are changed:

WAF logs:

Field

Change

poluuid

Field Added

Web logs:

Field

Change

videocategoryname

Field Added

Log ID changes

The following log IDs are changed:

Event logs:

Log ID

Message

Change

22116 LOG_ID_POWER_REDUNDANCY_DEGRADE Log ID Added
22117 LOG_ID_POWER_REDUNDANCY_FAILURE Log ID Added

32180

LOG_ID_GEOIP_DB_INIT_FAIL

Log ID Added

32262

LOG_ID_RESTORE_IMG_CONFIRM

Log ID Added

34428

LOG_ID_NP7_HPE_PACKET_DROP

Log ID Added

34430

LOG_ID_NP7_HPE_PACKET_FLOOD

Log ID Added

46517

LOG_ID_INTERNAL_LTE_MODEM_WRONG_PIN

Log ID Added

53311

LOG_ID_NPU_PER_MAPPING_ALLOCATION

Log ID Added

53315

LOG_ID_LPM_ERROR

Log ID Added

53316

LOG_ID_LPM_INFO

Log ID Added

FortiOS 7.0.5

There are no major log changes between FortiOS 7.0.4 and 7.0.5.

FortiOS 7.0.4

Log type and subtype changes

  • The ZTNA log type is removed.

  • LOG_ID_TRAFFIC_ZTNA is added as a new Traffic log subtype.

Log field values

The following log field values are changed:

Anomaly logs:

Field

Change

dstcountry

Field Added

App logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

AV logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

DLP logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

DNS logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

Email logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

srccountry

Field Added

FILE-FILTER logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

ICAP logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

srccountry

Field Added

IPS logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

SSH logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

srccountry

Field Added

SSL logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

Traffic logs:

Field

Change

accessproxy

Field Added

clientdeviceid

Field Added

clientdeviceowner

Field Added

clientdevicetags

Field Added

countztna

Field Removed

dstreputation

Field Added

gatewayid

Field Added

srcreputation

Field Added

vip

Field Added

WAF logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

srccountry

Field Added

Web logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

Log ID changes

The following log IDs are changed:

Event logs:

Log ID

Message

Change

20120

LOG_ID_FMGC_LIC_EXPIRE

Log ID Added

20121

LOG_ID_FAZC_LIC_EXPIRE

Log ID Added

20122

LOG_ID_SWNO_LIC_EXPIRE

Log ID Added

20123

LOG_ID_SWNM_LIC_EXPIRE

Log ID Added

20124

LOG_ID_VMLS_LIC_EXPIRE

Log ID Added

20125

LOG_ID_SFAS_LIC_EXPIRE

Log ID Added

20126

LOG_ID_IPMC_LIC_EXPIRE

Log ID Added

20127

LOG_ID_IOTH_LIC_EXPIRE

Log ID Added

20128

LOG_ID_FSAC_LIC_EXPIRE

Log ID Added

20129

LOG_ID_AFAC_LIC_EXPIRE

Log ID Added

20130

LOG_ID_EMSC_ACC_LIC_EXPIRE

Log ID Added

20131

LOG_ID_FMGC_ACC_LIC_EXPIRE

Log ID Added

20132

LOG_ID_FSAP_ACC_LIC_EXPIRE

Log ID Added

22040

LOG_ID_CSF_DEVICE_JOIN

Log ID Added

22041

LOG_ID_CSF_DEVICE_LEAVE

Log ID Added

22042

LOG_ID_CSF_DEVICE_UPDATE

Log ID Added

22043

LOG_ID_CSF_NEW_AUTH_REQ

Log ID Added

22044

LOG_ID_CSF_UPDATE_AUTH_REQ

Log ID Added

22045

LOG_ID_CSF_REMOVE_AUTH_REQ

Log ID Added

22046

LOG_ID_CSF_ROLE_CHANGE

Log ID Added

43715

LOG_ID_EVENT_WIRELESS_WTPR_BSS_COLOR_COLLISION

Log ID Added

45124

LOG_ID_EC_VPND_CONNECT

Log ID Added

45125

LOG_ID_EC_VPND_DISCONNECT

Log ID Added

47301

LOG_ID_EVENT_REST_API_OK

Log ID Added

47302

LOG_ID_EVENT_REST_API_ERR

Log ID Added

SSL logs:

Log ID

Message

Change

62200

LOG_ID_SSL_SERVER_CERT_INFO

Log ID Added

62220

LOG_ID_SSL_HANDSHAKE_INFO

Log ID Added

FortiOS 7.0.3

There are no major log changes between FortiOS 7.0.2 and 7.0.3.

FortiOS 7.0.2

Log field values

The following log field values are changed:

App logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

AV logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

DLP logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

DNS logs:

Field

Change

dstuser

Field Added

Email logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

FILE-FILTER logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

IPS logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

SSH logs:

Field

Change

dstuser

Field Added

hostkeystatus

Field Added

SSL logs:

Field

Change

dstuser

Field Added

Traffic logs:

Field

Change

countsctpf

Field Added

WAF logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

Web logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

ZTNA logs:

Field

Change

dstuser

Field Added

Log ID changes

The following log IDs are changed:

AV logs:

Log ID

Message

Change

8977

MESGID_SCAN_ARCHIVE_FILESLIMIT_WARNING

Log ID Removed

8978

MESGID_SCAN_ARCHIVE_FILESLIMIT_NOTIF

Log ID Removed

8985

MESGID_FORTIAI_TIMEOUT_WARNING

Log ID Added

8986

MESGID_FORTIAI_TIMEOUT_NOTIF

Log ID Added

Event logs:

Log ID

Message

Change

22060

LOG_ID_IPAMSD_ADDRESS_ALLOCATED

Log ID Added

22061

LOG_ID_IPAMSD_ADDRESS_FREED

Log ID Added

22807

LOG_ID_VDOM_LIC

Log ID Added

22871

LOG_ID_FLPOLD_NAC_MAC_CACHE_SYNC

Log ID Added

22936

LOG_ID_EVENT_VWL_INET_SVC_PQTY_STATUS_INFO

Log ID Added

43714

LOG_ID_EVENT_WIRELESS_WTP_PARTIAL_PASSWD

Log ID Added

53312

LOG_ID_NPD_INFO

Log ID Added

53313

LOG_ID_NPD_WARNING

Log ID Added

53314

LOG_ID_NPD_ERROR

Log ID Added

SSH logs:

Log ID

Message

Change

61012

LOG_ID_SSH_HOST_KEY_WARNING

Log ID Added

61013

LOG_ID_SSH_HOST_KEY_NOTIF

Log ID Added

Traffic logs:

Log ID

Message

Change

25

LOG_ID_TRAFFIC_SFLOW

Log ID Added

FortiOS 7.0.1

Log type and subtype changes

  • The ZTNA log type is added.

Log field values

The following log field values are changed:

AV logs:

Field

Change

dstuuid

Field Added

faiaction

Field Added

faiconfidence

Field Added

faifileid

Field Added

faifiletype

Field Added

faiseverity

Field Added

pathname

Field Added

sharename

Field Added

srcuuid

Field Added

viruscat

Field Added

DLP logs:

Field

Change

dstuuid

Field Added

srcuuid

Field Added

Email logs:

Field

Change

dstuuid

Field Added

srcuuid

Field Added

Event logs:

Field

Change

fctemsname

Field Added

httpcode

Field Added

wscode

Field Added

FILE-FILTER logs:

Field

Change

dstuuid

Field Added

srcuuid

Field Added

GTP logs:

Field

Change

cfseid

Field Added

cfseidaddr

Field Added

hseid

Field Added

nai

Field Added

sessionid

Field Added

ufseid

Field Added

ufseidaddr

Field Added

ICAP logs:

Field

Change

dstuuid

Field Added

infection

Field Added

srcuuid

Field Added

virusid

Field Added

SSH logs:

Field

Change

dstuuid

Field Added

srcuuid

Field Added

SSL logs:

Field

Change

authalgo

Field Added

cipher

Field Added

cn

Field Added

dstuuid

Field Added

handshake

Field Added

issuer

Field Added

keyalgo

Field Added

keysize

Field Added

kxcurve

Field Added

kxproto

Field Added

mitm

Field Added

notafter

Field Added

notbefore

Field Added

san

Field Added

ski

Field Added

sn

Field Added

sni

Field Added

srcuuid

Field Added

tlsver

Field Added

Traffic logs:

Field

Change

countztna

Field Added

vpn

Field Removed

WAF logs:

Field

Change

dstuuid

Field Added

srcuuid

Field Added

Web logs:

Field

Change

dstuuid

Field Added

srcuuid

Field Added

ZTNA logs:

Field

Change

accessproxy

Field Added

action

Field Added

clientdeviceid

Field Added

clientdeviceowner

Field Added

clientdevicetags

Field Added

date

Field Added

desc

Field Added

devid

Field Added

dstintf

Field Added

dstintfrole

Field Added

dstip

Field Added

dstport

Field Added

eventtime

Field Added

eventtype

Field Added

gatewayid

Field Added

group

Field Added

level

Field Added

logid

Field Added

msg

Field Added

policyid

Field Added

proto

Field Added

service

Field Added

sessionid

Field Added

srcintf

Field Added

srcintfrole

Field Added

srcip

Field Added

srcport

Field Added

subtype

Field Added

time

Field Added

type

Field Added

tz

Field Added

user

Field Added

vd

Field Added

vip

Field Added

vrf

Field Added

Log ID changes

The following log IDs are changed:

AV logs:

Log ID

Message

Change

8220

MESGID_FAI_WARNING

Log ID Added

8221

MESGID_FAI_NOTIF

Log ID Added

8222

MESGID_MIME_FAI_WARNING

Log ID Added

8223

MESGID_MIME_FAI_NOTIF

Log ID Added

8983

MESGID_FORTIAI_FAILURE_WARNING

Log ID Added

8984

MESGID_FORTIAI_FAILURE_NOTIF

Log ID Added

DNS logs:

Log ID

Message

Change

54805

LOG_ID_DNS_LOCAL

Log ID Added

Event logs:

LogID

Message

Change

20304

LOG_ID_VZ_LOG_WARNING

Log ID Added

20305

LOG_ID_VZ_LOG_CRITICAL

Log ID Added

20306

LOG_ID_VZ_LOG_ERROR

Log ID Added

22114

LOG_ID_POWER_FAILURE_WARNING

Log ID Added

22115

LOG_ID_POWER_RESTORE_NOTIF

Log ID Added

22867

LOG_ID_FLPOLD_DPP_INTF_TAGS_ADD

Log ID Added

22868

LOG_ID_FLPOLD_DPP_INTF_TAGS_DELETE

Log ID Added

22869

LOG_ID_FLPOLD_NAC_DYNAMIC_ADDRESS_ADD

Log ID Added

22870

LOG_ID_FLPOLD_NAC_DYNAMIC_ADDRESS_DELETE

Log ID Added

22930

LOG_ID_EVENT_VWL_LQTY_STATUS_WARNING

Log ID Added

22931

LOG_ID_EVENT_VWL_SLA_INFO_WARNING

Log ID Added

22932

LOG_ID_EVENT_LINK_MONITOR_STATUS_WARNING

Log ID Added

22933

LOG_ID_EVENT_VWL_SLA_INFO_NOTIF

Log ID Added

22934

LOG_ID_EVENT_VWL_LQTY_STATUS_INFO

Log ID Added

22935

LOG_ID_EVENT_VWL_LQTY_STATUS_DEBUG

Log ID Added

29004

LOG_ID_PPPD_MSG_ERROR

Log ID Added

29005

LOG_ID_PPPD_MSG_DEBUG

Log ID Added

32099

LOG_ID_CHG_CONFIG_INFO

Log ID Added

32260

LOG_ID_RESTORE_IMG_FORTIGUARD_NOTIF

Log ID Added

32261

LOG_ID_RESTORE_SCRIPT_NOTIF

Log ID Added

32571

LOG_ID_RESTORE_CONF_FAIL_WARNING

Log ID Added

32700

LOG_ID_DPDK_EARLY_INIT_FAIL

Log ID Removed

37911

MESGID_HA_ACTIVITY_INFO

Log ID Added

43713

LOG_ID_EVENT_WIRELESS_SAM_CWP_AUTH_FAILED

Log ID Added

44553

LOGID_EVENT_CONFIG_FIXEDPORT_DIS

Log ID Removed

44554

LOGID_EVENT_CONFIG_POL_CHANGED

Log ID Removed

45121

LOG_ID_EC_EMS_WS_NOTIFICATION

Log ID Added

45122

LOG_ID_EC_EMS_REST_API_ERROR

Log ID Added

45123

LOG_ID_EC_EMS_WS_CONN_ERROR

Log ID Added

48018

LOG_ID_WAD_SSL_MORE_MINOR

Log ID Added

GTP logs:

Log ID

Message

Change

41231

LOGID_PFCP_FORWARD

Log ID Added

41232

LOGID_PFCP_DENY

Log ID Added

41233

LOGID_PFCP_TRAFFIC_COUNT

Log ID Added

ICAP logs:

LogID

Message

Change

60001

LOG_ID_ICAP_INFECTION_BLOCK

Log ID Added

60002

LOG_ID_ICAP_SERVER_CLOSE_CONN

Log ID Added

SSL logs:

Log ID

Message

Change

62103

LOG_ID_SSL_NEGOTIATION_INFO

Log ID Added

Traffic logs:

Log ID

Message

Change

24

LOG_ID_TRAFFIC_ZTNA

Log ID Added

ZTNA logs:

LogID

Message

Change

60500

LOG_ID_ZTNA_EMPTY_CLT_CERT

Log ID Added

60501

LOG_ID_ZTNA_CLT_CERT_FAILURE

Log ID Added

60510

LOG_ID_ZTNA_POLICY_MATCH_FAILURE

Log ID Added

60511

LOG_ID_ZTNA_POLICY_DENIED

Log ID Added

60520

LOG_ID_ZTNA_NO_VHOST

Log ID Added

60521

LOG_ID_ZTNA_VHOST_MISMATCH

Log ID Added

60522

LOG_ID_ZTNA_GWY_MATCH_FAILURE

Log ID Added

60523

LOG_ID_ZTNA_SERVER_ERR

Log ID Added

FortiOS 7.0.0

Log type and subtype changes

  • The CIFS log type is removed.
  • CIFS-AUTH-FAIL is added as a new Event log subtype.

Log field values

The following log field values are changed:

App logs:

Field

Change

pdstport

Field Added

policymode

Field Added

psrcport

Field Added

AV logs:

Field

Change

pdstport

Field Added

policymode

Field Added

psrcport

Field Added

DLP logs:

Field

Change

pdstport

Field Added

policymode

Field Added

psrcport

Field Added

Email logs:

Field

Change

policymode

Field Added

Event logs:

Field

Change

bibandwidth

Field Removed

bibandwidthavailable

Field Added

cmdbpathname

Field Removed

cmdbtablename

Field Removed

conflictcount

Field Removed

created

Field Removed

domainctrlauthstate

Field Added

domainctrlauthtype

Field Added

domainctrldomain

Field Added

domainctrlip

Field Added

domainctrlname

Field Added

domainctrlprotocoltype

Field Added

domainctrlusername

Field Added

dstintfrole

Field Added

errorcount

Field Removed

inbandwidth

Field Removed

inbandwidthavailable

Field Added

outbandwidth

Field Removed

outbandwidthavailable

Field Added

srcintfrole

Field Added

successcount

Field Removed

FILE-FILTER logs:

Field

Change

pathname

Field Added

policymode

Field Added

sharename

Field Added

GTP logs:

Field

Change

upteid

Field Added

ICAP logs:

Field

Change

vrf

Field Added

IPS logs:

Field

Change

pdstport

Field Added

policymode

Field Added

psrcport

Field Added

Traffic logs:

Field

Change

dstthreatfeed

Field Added

pdstport

Field Added

policymode

Field Added

psrcport

Field Added

srcthreatfeed

Field Added

VoIP logs:

Field

Change

attack

Field Added

attackid

Field Added

Web logs:

Field

Change

policymode

Field Added

videocategoryid

Field Added

videochannelid

Field Added

videoid

Field Added

videoinfosource

Field Added

Log ID changes

The following log IDs are changed:

AV logs:

Log ID

Message

Change

8216

MESGID_FILE_HASH_EMS_WARNING

Log ID Added

8217

MESGID_FILE_HASH_EMS_NOTIF

Log ID Added

8218

MESGID_MIME_FILE_HASH_EMS_WARNING

Log ID Added

8219

MESGID_MIME_FILE_HASH_EMS_NOTIF

Log ID Added

8706

MESGID_OVERSIZE_MIME_WARNING

Log ID Removed

8707

MESGID_OVERSIZE_MIME_NOTIF

Log ID Removed

Event logs:

LogID

Message

Change

20027

LOG_ID_REPORT_DEL_OLD_REC

Log ID Removed

22090

LOG_ID_FEDERATED_UPGRADE_CANCELLED

Log ID Added

22091

LOG_ID_FEDERATED_UPGRADE_SUCCEEDED

Log ID Added

22092

LOG_ID_FEDERATED_UPGRADE_FAILED

Log ID Added

22861

LOG_ID_FLPOLD_NAC_ADD

Log ID Added

22862

LOG_ID_FLPOLD_NAC_DELETE

Log ID Added

22863

LOG_ID_FLPOLD_NAC_MODIFY

Log ID Added

22864

LOG_ID_FLPOLD_DPP_ADD

Log ID Added

22865

LOG_ID_FLPOLD_DPP_DELETE

Log ID Added

22866

LOG_ID_FLPOLD_DPP_MODIFY

Log ID Added

22897

LOG_ID_FLCFGD_NAC_ADD

Log ID Removed

22898

LOG_ID_FLCFGD_NAC_DELETE

Log ID Removed

22899

LOG_ID_FLCFGD_NAC_MODIFY

Log ID Removed

22953

LOG_ID_IOC_DETECTED

Log ID Removed

29012

LOG_ID_PPP_OPT_ERR

Log ID Removed

29017

LOG_ID_PPP_OPT_NOTIF

Log ID Removed

32120

LOG_ID_RPT_ADD_DATASET

Log ID Removed

32122

LOG_ID_RPT_DEL_DATASET

Log ID Removed

32125

LOG_ID_RPT_ADD_CHART

Log ID Removed

32126

LOG_ID_RPT_DEL_CHART

Log ID Removed

34418

LOG_ID_NP6_HPE_PACKET_DROP

Log ID Added

34419

LOG_ID_NP6_HPE_PACKET_FLOOD

Log ID Added

36883

LOG_ID_EVENT_SYSTEM_CLEAR_ACTIVE_SESSION

Log ID Added

43707

LOG_ID_EVENT_WIRELESS_WTPR_SSID_UP

Log ID Added

43708

LOG_ID_EVENT_WIRELESS_WTPR_SSID_DOWN

Log ID Added

43709

LOG_ID_EVENT_WIRELESS_STA_DHCP_ENFORCEMENT

Log ID Added

43710

LOG_ID_EVENT_WIRELESS_SAM_IPERF

Log ID Added

43711

LOG_ID_EVENT_WIRELESS_SAM_PING

Log ID Added

43712

LOG_ID_EVENT_WIRELESS_SAM_AUTH_FAILED

Log ID Added

47002

LOG_ID_FILE_HASH_EMS_LIST_TRUNCATED_ENTER

Log ID Added

47003

LOG_ID_FILE_HASH_EMS_LIST_TRUNCATED_EXIT

Log ID Added

47004

LOG_ID_FILE_HASH_EMS_LIST_LOAD

Log ID Added

53400

LOG_ID_FMG_TUNNEL_UP

Log ID Added

53401

LOG_ID_FMG_TUNNEL_DOWN

Log ID Added

63002

LOG_ID_CIFS_CONN_FAIL

Log ID Added

63003

LOG_ID_CIFS_AUTH_FAIL

Log ID Added

63004

LOG_ID_CIFS_AUTH_INTERNAL_ERROR

Log ID Added

63005

LOG_ID_CIFS_AUTH_KRB_ERROR

Log ID Added

SSL logs:

Log ID

Message

Change

62305

LOG_ID_SSL_ANOMALY_CERT_PROBE_FAILURE_BLOCK

Log ID Added

62306

LOG_ID_SSL_ANOMALY_CERT_PROBE_FAILURE_PASS

Log ID Added

Web logs:

Log ID

Message

Change

13664

LOG_ID_VIDEOFILTER_CATEGORY_BLOCK

Log ID Added

13665

LOG_ID_VIDEOFILTER_CATEGORY_MONITOR

Log ID Added

13666

LOG_ID_VIDEOFILTER_CATEGORY_ALLOW

Log ID Added

13680

LOG_ID_VIDEOFILTER_CHANNEL_BLOCK

Log ID Added

13681

LOG_ID_VIDEOFILTER_CHANNEL_MONITOR

Log ID Added

13682

LOG_ID_VIDEOFILTER_CHANNEL_ALLOW

Log ID Added

What's new

What's new

This section identifies major changes in the Log Reference from version 7.0.0 and later. For more information about new features, please see the FortiOS 7.0 New Features Guide.

FortiOS 7.0.15

There are no major log changes between FortiOS 7.0.14 and 7.0.15.

FortiOS 7.0.14

The following log field values are changed:

Event logs:

Field

Change

unit

Field Removed

Log ID changes

The following log IDs are changed:

Event logs:

Log ID

Message

Change

22104

LOG_ID_POWER_RESTORE

Log ID Removed

22105

LOG_ID_POWER_FAILURE

Log ID Removed

FortiOS 7.0.13

Log ID changes

The following log IDs are changed:

Event logs:

Log ID

Message

Change

20235

LOG_ID_SYS_SECURITY_MOUNT_VIOLATION

Log ID Added

32263

LOG_ID_BLE_FIRMWARE_CHECK

Log ID Added

32264

LOG_ID_BLE_FIRMWARE_UPDATE

Log ID Added

FortiOS 7.0.12

Log ID changes

The following log IDs are changed:

Event logs:

Log ID

Message

Change

20230

LOG_ID_SYS_SECURITY_WRITE_VIOLATION

Log ID Added

20231

LOG_ID_SYS_SECURITY_HARDLINK_VIOLATION

Log ID Added

20232

LOG_ID_SYS_SECURITY_LOAD_MODULE_VIOLATION

Log ID Added

20233

LOG_ID_SYS_SECURITY_FILE_HASH_MISSING

Log ID Added

20234

LOG_ID_SYS_SECURITY_FILE_HASH_MISMATCH

Log ID Added

41009

LOG_ID_UPD_DB_SIGN_INVALID

Log ID Added

41011

LOG_ID_UPD_DB_UNSIGNED_INSTALLED

Log ID Added

FortiOS 7.0.11

There are no major log changes between FortiOS 7.0.10 and 7.0.11.

FortiOS 7.0.10

There are no major log changes between FortiOS 7.0.9 and 7.0.10.

FortiOS 7.0.9

There are no major log changes between FortiOS 7.0.8 and 7.0.9.

FortiOS 7.0.8

Log field values

The following log field values are changed:

AV logs:

Field Change

epoch

Field Added

eventid

Field Added

faiaction

Field Removed

faiconfidence

Field Removed

faifileid

Field Removed

faifiletype

Field Removed

faiseverity

Field Removed

fndraction

Field Added

fndrconfidence

Field Added

fndrfileid

Field Added

fndrfiletype

Field Added

fndrseverity

Field Added

Event logs:

Field

Change

alert

Field Removed

expectedsignature

Field Removed

handshake

Field Removed

received

Field Removed

receivedsignature

Field Removed

remotetunnelid

Field Added

ssllocal

Field Removed

sslremote

Field Removed

wanin

Field Added

wanout

Field Added

Log ID changes

The following log IDs are changed:

Event logs:

Log ID

Message

Change

37912

MESGID_FGSP_MEMBER_JOIN

Log ID Added

37913

MESGID_FGSP_MEMBER_LEAVE

Log ID Added

48000

LOG_ID_WAD_SSL_RCV_HS

Log ID Removed

48001

LOG_ID_WAD_SSL_RCV_WRG_HS

Log ID Removed

48002

LOG_ID_WAD_SSL_SENT_HS

Log ID Removed

48003

LOG_ID_WAD_SSL_WRG_HS_LEN

Log ID Removed

48004

LOG_ID_WAD_SSL_RCV_CCS

Log ID Removed

48005

LOG_ID_WAD_SSL_RSA_DH_FAIL

Log ID Removed

48006

LOG_ID_WAD_SSL_SENT_CCS

Log ID Removed

48007

LOG_ID_WAD_SSL_BAD_HASH

Log ID Removed

48009

LOG_ID_WAD_SSL_DECRY_FAIL

Log ID Removed

48011

LOG_ID_WAD_SSL_LESS_MINOR

Log ID Removed

48013

LOG_ID_WAD_SSL_NOT_SUPPORT_CS

Log ID Removed

48016

LOG_ID_WAD_SSL_HS_FIN

Log ID Removed

48017

LOG_ID_WAD_SSL_HS_TOO_LONG

Log ID Removed

48018

LOG_ID_WAD_SSL_MORE_MINOR

Log ID Removed

48019

LOG_ID_WAD_SSL_SENT_ALERT

Log ID Removed

48023

LOG_ID_WAD_SSL_RCV_ALERT

Log ID Removed

48027

LOG_ID_WAD_SSL_INVALID_CONT_TYPE

Log ID Removed

48029

LOG_ID_WAD_SSL_BAD_CCS_LEN

Log ID Removed

48031

LOG_ID_WAD_SSL_BAD_DH

Log ID Removed

48032

LOG_ID_WAD_SSL_PUB_KEY_TOO_BIG

Log ID Removed

48034

LOG_ID_WAD_SSL_SERVER_KEY_HASH_ALGORITHM_MISMATCH

Log ID Removed

48035

LOG_ID_WAD_SSL_SERVER_KEY_SIGNATURE_ALGORITHM_MISMATCH

Log ID Removed

48038

LOG_ID_WAD_SSL_RCV_FATAL_ALERT

Log ID Removed

48039

LOG_ID_WAD_SSL_SENT_FATAL_ALERT

Log ID Removed

48040

LOG_ID_WAD_WANOPT_TUNNEL_CREATE

Log ID Added

48041

LOG_ID_WAD_WANOPT_TUNNEL_CLOSED

Log ID Added

FortiOS 7.0.7

There are no major log changes between FortiOS 7.0.6 and 7.0.7.

FortiOS 7.0.6

Log field values

The following log field values are changed:

WAF logs:

Field

Change

poluuid

Field Added

Web logs:

Field

Change

videocategoryname

Field Added

Log ID changes

The following log IDs are changed:

Event logs:

Log ID

Message

Change

22116 LOG_ID_POWER_REDUNDANCY_DEGRADE Log ID Added
22117 LOG_ID_POWER_REDUNDANCY_FAILURE Log ID Added

32180

LOG_ID_GEOIP_DB_INIT_FAIL

Log ID Added

32262

LOG_ID_RESTORE_IMG_CONFIRM

Log ID Added

34428

LOG_ID_NP7_HPE_PACKET_DROP

Log ID Added

34430

LOG_ID_NP7_HPE_PACKET_FLOOD

Log ID Added

46517

LOG_ID_INTERNAL_LTE_MODEM_WRONG_PIN

Log ID Added

53311

LOG_ID_NPU_PER_MAPPING_ALLOCATION

Log ID Added

53315

LOG_ID_LPM_ERROR

Log ID Added

53316

LOG_ID_LPM_INFO

Log ID Added

FortiOS 7.0.5

There are no major log changes between FortiOS 7.0.4 and 7.0.5.

FortiOS 7.0.4

Log type and subtype changes

  • The ZTNA log type is removed.

  • LOG_ID_TRAFFIC_ZTNA is added as a new Traffic log subtype.

Log field values

The following log field values are changed:

Anomaly logs:

Field

Change

dstcountry

Field Added

App logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

AV logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

DLP logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

DNS logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

Email logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

srccountry

Field Added

FILE-FILTER logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

ICAP logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

srccountry

Field Added

IPS logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

SSH logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

srccountry

Field Added

SSL logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

Traffic logs:

Field

Change

accessproxy

Field Added

clientdeviceid

Field Added

clientdeviceowner

Field Added

clientdevicetags

Field Added

countztna

Field Removed

dstreputation

Field Added

gatewayid

Field Added

srcreputation

Field Added

vip

Field Added

WAF logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

srccountry

Field Added

Web logs:

Field

Change

dstcountry

Field Added

policytype

Field Added

poluuid

Field Added

srccountry

Field Added

Log ID changes

The following log IDs are changed:

Event logs:

Log ID

Message

Change

20120

LOG_ID_FMGC_LIC_EXPIRE

Log ID Added

20121

LOG_ID_FAZC_LIC_EXPIRE

Log ID Added

20122

LOG_ID_SWNO_LIC_EXPIRE

Log ID Added

20123

LOG_ID_SWNM_LIC_EXPIRE

Log ID Added

20124

LOG_ID_VMLS_LIC_EXPIRE

Log ID Added

20125

LOG_ID_SFAS_LIC_EXPIRE

Log ID Added

20126

LOG_ID_IPMC_LIC_EXPIRE

Log ID Added

20127

LOG_ID_IOTH_LIC_EXPIRE

Log ID Added

20128

LOG_ID_FSAC_LIC_EXPIRE

Log ID Added

20129

LOG_ID_AFAC_LIC_EXPIRE

Log ID Added

20130

LOG_ID_EMSC_ACC_LIC_EXPIRE

Log ID Added

20131

LOG_ID_FMGC_ACC_LIC_EXPIRE

Log ID Added

20132

LOG_ID_FSAP_ACC_LIC_EXPIRE

Log ID Added

22040

LOG_ID_CSF_DEVICE_JOIN

Log ID Added

22041

LOG_ID_CSF_DEVICE_LEAVE

Log ID Added

22042

LOG_ID_CSF_DEVICE_UPDATE

Log ID Added

22043

LOG_ID_CSF_NEW_AUTH_REQ

Log ID Added

22044

LOG_ID_CSF_UPDATE_AUTH_REQ

Log ID Added

22045

LOG_ID_CSF_REMOVE_AUTH_REQ

Log ID Added

22046

LOG_ID_CSF_ROLE_CHANGE

Log ID Added

43715

LOG_ID_EVENT_WIRELESS_WTPR_BSS_COLOR_COLLISION

Log ID Added

45124

LOG_ID_EC_VPND_CONNECT

Log ID Added

45125

LOG_ID_EC_VPND_DISCONNECT

Log ID Added

47301

LOG_ID_EVENT_REST_API_OK

Log ID Added

47302

LOG_ID_EVENT_REST_API_ERR

Log ID Added

SSL logs:

Log ID

Message

Change

62200

LOG_ID_SSL_SERVER_CERT_INFO

Log ID Added

62220

LOG_ID_SSL_HANDSHAKE_INFO

Log ID Added

FortiOS 7.0.3

There are no major log changes between FortiOS 7.0.2 and 7.0.3.

FortiOS 7.0.2

Log field values

The following log field values are changed:

App logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

AV logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

DLP logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

DNS logs:

Field

Change

dstuser

Field Added

Email logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

FILE-FILTER logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

IPS logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

SSH logs:

Field

Change

dstuser

Field Added

hostkeystatus

Field Added

SSL logs:

Field

Change

dstuser

Field Added

Traffic logs:

Field

Change

countsctpf

Field Added

WAF logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

Web logs:

Field

Change

dstauthserver

Field Added

dstuser

Field Added

ZTNA logs:

Field

Change

dstuser

Field Added

Log ID changes

The following log IDs are changed:

AV logs:

Log ID

Message

Change

8977

MESGID_SCAN_ARCHIVE_FILESLIMIT_WARNING

Log ID Removed

8978

MESGID_SCAN_ARCHIVE_FILESLIMIT_NOTIF

Log ID Removed

8985

MESGID_FORTIAI_TIMEOUT_WARNING

Log ID Added

8986

MESGID_FORTIAI_TIMEOUT_NOTIF

Log ID Added

Event logs:

Log ID

Message

Change

22060

LOG_ID_IPAMSD_ADDRESS_ALLOCATED

Log ID Added

22061

LOG_ID_IPAMSD_ADDRESS_FREED

Log ID Added

22807

LOG_ID_VDOM_LIC

Log ID Added

22871

LOG_ID_FLPOLD_NAC_MAC_CACHE_SYNC

Log ID Added

22936

LOG_ID_EVENT_VWL_INET_SVC_PQTY_STATUS_INFO

Log ID Added

43714

LOG_ID_EVENT_WIRELESS_WTP_PARTIAL_PASSWD

Log ID Added

53312

LOG_ID_NPD_INFO

Log ID Added

53313

LOG_ID_NPD_WARNING

Log ID Added

53314

LOG_ID_NPD_ERROR

Log ID Added

SSH logs:

Log ID

Message

Change

61012

LOG_ID_SSH_HOST_KEY_WARNING

Log ID Added

61013

LOG_ID_SSH_HOST_KEY_NOTIF

Log ID Added

Traffic logs:

Log ID

Message

Change

25

LOG_ID_TRAFFIC_SFLOW

Log ID Added

FortiOS 7.0.1

Log type and subtype changes

  • The ZTNA log type is added.

Log field values

The following log field values are changed:

AV logs:

Field

Change

dstuuid

Field Added

faiaction

Field Added

faiconfidence

Field Added

faifileid

Field Added

faifiletype

Field Added

faiseverity

Field Added

pathname

Field Added

sharename

Field Added

srcuuid

Field Added

viruscat

Field Added

DLP logs:

Field

Change

dstuuid

Field Added

srcuuid

Field Added

Email logs:

Field

Change

dstuuid

Field Added

srcuuid

Field Added

Event logs:

Field

Change

fctemsname

Field Added

httpcode

Field Added

wscode

Field Added

FILE-FILTER logs:

Field

Change

dstuuid

Field Added

srcuuid

Field Added

GTP logs:

Field

Change

cfseid

Field Added

cfseidaddr

Field Added

hseid

Field Added

nai

Field Added

sessionid

Field Added

ufseid

Field Added

ufseidaddr

Field Added

ICAP logs:

Field

Change

dstuuid

Field Added

infection

Field Added

srcuuid

Field Added

virusid

Field Added

SSH logs:

Field

Change

dstuuid

Field Added

srcuuid

Field Added

SSL logs:

Field

Change

authalgo

Field Added

cipher

Field Added

cn

Field Added

dstuuid

Field Added

handshake

Field Added

issuer

Field Added

keyalgo

Field Added

keysize

Field Added

kxcurve

Field Added

kxproto

Field Added

mitm

Field Added

notafter

Field Added

notbefore

Field Added

san

Field Added

ski

Field Added

sn

Field Added

sni

Field Added

srcuuid

Field Added

tlsver

Field Added

Traffic logs:

Field

Change

countztna

Field Added

vpn

Field Removed

WAF logs:

Field

Change

dstuuid

Field Added

srcuuid

Field Added

Web logs:

Field

Change

dstuuid

Field Added

srcuuid

Field Added

ZTNA logs:

Field

Change

accessproxy

Field Added

action

Field Added

clientdeviceid

Field Added

clientdeviceowner

Field Added

clientdevicetags

Field Added

date

Field Added

desc

Field Added

devid

Field Added

dstintf

Field Added

dstintfrole

Field Added

dstip

Field Added

dstport

Field Added

eventtime

Field Added

eventtype

Field Added

gatewayid

Field Added

group

Field Added

level

Field Added

logid

Field Added

msg

Field Added

policyid

Field Added

proto

Field Added

service

Field Added

sessionid

Field Added

srcintf

Field Added

srcintfrole

Field Added

srcip

Field Added

srcport

Field Added

subtype

Field Added

time

Field Added

type

Field Added

tz

Field Added

user

Field Added

vd

Field Added

vip

Field Added

vrf

Field Added

Log ID changes

The following log IDs are changed:

AV logs:

Log ID

Message

Change

8220

MESGID_FAI_WARNING

Log ID Added

8221

MESGID_FAI_NOTIF

Log ID Added

8222

MESGID_MIME_FAI_WARNING

Log ID Added

8223

MESGID_MIME_FAI_NOTIF

Log ID Added

8983

MESGID_FORTIAI_FAILURE_WARNING

Log ID Added

8984

MESGID_FORTIAI_FAILURE_NOTIF

Log ID Added

DNS logs:

Log ID

Message

Change

54805

LOG_ID_DNS_LOCAL

Log ID Added

Event logs:

LogID

Message

Change

20304

LOG_ID_VZ_LOG_WARNING

Log ID Added

20305

LOG_ID_VZ_LOG_CRITICAL

Log ID Added

20306

LOG_ID_VZ_LOG_ERROR

Log ID Added

22114

LOG_ID_POWER_FAILURE_WARNING

Log ID Added

22115

LOG_ID_POWER_RESTORE_NOTIF

Log ID Added

22867

LOG_ID_FLPOLD_DPP_INTF_TAGS_ADD

Log ID Added

22868

LOG_ID_FLPOLD_DPP_INTF_TAGS_DELETE

Log ID Added

22869

LOG_ID_FLPOLD_NAC_DYNAMIC_ADDRESS_ADD

Log ID Added

22870

LOG_ID_FLPOLD_NAC_DYNAMIC_ADDRESS_DELETE

Log ID Added

22930

LOG_ID_EVENT_VWL_LQTY_STATUS_WARNING

Log ID Added

22931

LOG_ID_EVENT_VWL_SLA_INFO_WARNING

Log ID Added

22932

LOG_ID_EVENT_LINK_MONITOR_STATUS_WARNING

Log ID Added

22933

LOG_ID_EVENT_VWL_SLA_INFO_NOTIF

Log ID Added

22934

LOG_ID_EVENT_VWL_LQTY_STATUS_INFO

Log ID Added

22935

LOG_ID_EVENT_VWL_LQTY_STATUS_DEBUG

Log ID Added

29004

LOG_ID_PPPD_MSG_ERROR

Log ID Added

29005

LOG_ID_PPPD_MSG_DEBUG

Log ID Added

32099

LOG_ID_CHG_CONFIG_INFO

Log ID Added

32260

LOG_ID_RESTORE_IMG_FORTIGUARD_NOTIF

Log ID Added

32261

LOG_ID_RESTORE_SCRIPT_NOTIF

Log ID Added

32571

LOG_ID_RESTORE_CONF_FAIL_WARNING

Log ID Added

32700

LOG_ID_DPDK_EARLY_INIT_FAIL

Log ID Removed

37911

MESGID_HA_ACTIVITY_INFO

Log ID Added

43713

LOG_ID_EVENT_WIRELESS_SAM_CWP_AUTH_FAILED

Log ID Added

44553

LOGID_EVENT_CONFIG_FIXEDPORT_DIS

Log ID Removed

44554

LOGID_EVENT_CONFIG_POL_CHANGED

Log ID Removed

45121

LOG_ID_EC_EMS_WS_NOTIFICATION

Log ID Added

45122

LOG_ID_EC_EMS_REST_API_ERROR

Log ID Added

45123

LOG_ID_EC_EMS_WS_CONN_ERROR

Log ID Added

48018

LOG_ID_WAD_SSL_MORE_MINOR

Log ID Added

GTP logs:

Log ID

Message

Change

41231

LOGID_PFCP_FORWARD

Log ID Added

41232

LOGID_PFCP_DENY

Log ID Added

41233

LOGID_PFCP_TRAFFIC_COUNT

Log ID Added

ICAP logs:

LogID

Message

Change

60001

LOG_ID_ICAP_INFECTION_BLOCK

Log ID Added

60002

LOG_ID_ICAP_SERVER_CLOSE_CONN

Log ID Added

SSL logs:

Log ID

Message

Change

62103

LOG_ID_SSL_NEGOTIATION_INFO

Log ID Added

Traffic logs:

Log ID

Message

Change

24

LOG_ID_TRAFFIC_ZTNA

Log ID Added

ZTNA logs:

LogID

Message

Change

60500

LOG_ID_ZTNA_EMPTY_CLT_CERT

Log ID Added

60501

LOG_ID_ZTNA_CLT_CERT_FAILURE

Log ID Added

60510

LOG_ID_ZTNA_POLICY_MATCH_FAILURE

Log ID Added

60511

LOG_ID_ZTNA_POLICY_DENIED

Log ID Added

60520

LOG_ID_ZTNA_NO_VHOST

Log ID Added

60521

LOG_ID_ZTNA_VHOST_MISMATCH

Log ID Added

60522

LOG_ID_ZTNA_GWY_MATCH_FAILURE

Log ID Added

60523

LOG_ID_ZTNA_SERVER_ERR

Log ID Added

FortiOS 7.0.0

Log type and subtype changes

  • The CIFS log type is removed.
  • CIFS-AUTH-FAIL is added as a new Event log subtype.

Log field values

The following log field values are changed:

App logs:

Field

Change

pdstport

Field Added

policymode

Field Added

psrcport

Field Added

AV logs:

Field

Change

pdstport

Field Added

policymode

Field Added

psrcport

Field Added

DLP logs:

Field

Change

pdstport

Field Added

policymode

Field Added

psrcport

Field Added

Email logs:

Field

Change

policymode

Field Added

Event logs:

Field

Change

bibandwidth

Field Removed

bibandwidthavailable

Field Added

cmdbpathname

Field Removed

cmdbtablename

Field Removed

conflictcount

Field Removed

created

Field Removed

domainctrlauthstate

Field Added

domainctrlauthtype

Field Added

domainctrldomain

Field Added

domainctrlip

Field Added

domainctrlname

Field Added

domainctrlprotocoltype

Field Added

domainctrlusername

Field Added

dstintfrole

Field Added

errorcount

Field Removed

inbandwidth

Field Removed

inbandwidthavailable

Field Added

outbandwidth

Field Removed

outbandwidthavailable

Field Added

srcintfrole

Field Added

successcount

Field Removed

FILE-FILTER logs:

Field

Change

pathname

Field Added

policymode

Field Added

sharename

Field Added

GTP logs:

Field

Change

upteid

Field Added

ICAP logs:

Field

Change

vrf

Field Added

IPS logs:

Field

Change

pdstport

Field Added

policymode

Field Added

psrcport

Field Added

Traffic logs:

Field

Change

dstthreatfeed

Field Added

pdstport

Field Added

policymode

Field Added

psrcport

Field Added

srcthreatfeed

Field Added

VoIP logs:

Field

Change

attack

Field Added

attackid

Field Added

Web logs:

Field

Change

policymode

Field Added

videocategoryid

Field Added

videochannelid

Field Added

videoid

Field Added

videoinfosource

Field Added

Log ID changes

The following log IDs are changed:

AV logs:

Log ID

Message

Change

8216

MESGID_FILE_HASH_EMS_WARNING

Log ID Added

8217

MESGID_FILE_HASH_EMS_NOTIF

Log ID Added

8218

MESGID_MIME_FILE_HASH_EMS_WARNING

Log ID Added

8219

MESGID_MIME_FILE_HASH_EMS_NOTIF

Log ID Added

8706

MESGID_OVERSIZE_MIME_WARNING

Log ID Removed

8707

MESGID_OVERSIZE_MIME_NOTIF

Log ID Removed

Event logs:

LogID

Message

Change

20027

LOG_ID_REPORT_DEL_OLD_REC

Log ID Removed

22090

LOG_ID_FEDERATED_UPGRADE_CANCELLED

Log ID Added

22091

LOG_ID_FEDERATED_UPGRADE_SUCCEEDED

Log ID Added

22092

LOG_ID_FEDERATED_UPGRADE_FAILED

Log ID Added

22861

LOG_ID_FLPOLD_NAC_ADD

Log ID Added

22862

LOG_ID_FLPOLD_NAC_DELETE

Log ID Added

22863

LOG_ID_FLPOLD_NAC_MODIFY

Log ID Added

22864

LOG_ID_FLPOLD_DPP_ADD

Log ID Added

22865

LOG_ID_FLPOLD_DPP_DELETE

Log ID Added

22866

LOG_ID_FLPOLD_DPP_MODIFY

Log ID Added

22897

LOG_ID_FLCFGD_NAC_ADD

Log ID Removed

22898

LOG_ID_FLCFGD_NAC_DELETE

Log ID Removed

22899

LOG_ID_FLCFGD_NAC_MODIFY

Log ID Removed

22953

LOG_ID_IOC_DETECTED

Log ID Removed

29012

LOG_ID_PPP_OPT_ERR

Log ID Removed

29017

LOG_ID_PPP_OPT_NOTIF

Log ID Removed

32120

LOG_ID_RPT_ADD_DATASET

Log ID Removed

32122

LOG_ID_RPT_DEL_DATASET

Log ID Removed

32125

LOG_ID_RPT_ADD_CHART

Log ID Removed

32126

LOG_ID_RPT_DEL_CHART

Log ID Removed

34418

LOG_ID_NP6_HPE_PACKET_DROP

Log ID Added

34419

LOG_ID_NP6_HPE_PACKET_FLOOD

Log ID Added

36883

LOG_ID_EVENT_SYSTEM_CLEAR_ACTIVE_SESSION

Log ID Added

43707

LOG_ID_EVENT_WIRELESS_WTPR_SSID_UP

Log ID Added

43708

LOG_ID_EVENT_WIRELESS_WTPR_SSID_DOWN

Log ID Added

43709

LOG_ID_EVENT_WIRELESS_STA_DHCP_ENFORCEMENT

Log ID Added

43710

LOG_ID_EVENT_WIRELESS_SAM_IPERF

Log ID Added

43711

LOG_ID_EVENT_WIRELESS_SAM_PING

Log ID Added

43712

LOG_ID_EVENT_WIRELESS_SAM_AUTH_FAILED

Log ID Added

47002

LOG_ID_FILE_HASH_EMS_LIST_TRUNCATED_ENTER

Log ID Added

47003

LOG_ID_FILE_HASH_EMS_LIST_TRUNCATED_EXIT

Log ID Added

47004

LOG_ID_FILE_HASH_EMS_LIST_LOAD

Log ID Added

53400

LOG_ID_FMG_TUNNEL_UP

Log ID Added

53401

LOG_ID_FMG_TUNNEL_DOWN

Log ID Added

63002

LOG_ID_CIFS_CONN_FAIL

Log ID Added

63003

LOG_ID_CIFS_AUTH_FAIL

Log ID Added

63004

LOG_ID_CIFS_AUTH_INTERNAL_ERROR

Log ID Added

63005

LOG_ID_CIFS_AUTH_KRB_ERROR

Log ID Added

SSL logs:

Log ID

Message

Change

62305

LOG_ID_SSL_ANOMALY_CERT_PROBE_FAILURE_BLOCK

Log ID Added

62306

LOG_ID_SSL_ANOMALY_CERT_PROBE_FAILURE_PASS

Log ID Added

Web logs:

Log ID

Message

Change

13664

LOG_ID_VIDEOFILTER_CATEGORY_BLOCK

Log ID Added

13665

LOG_ID_VIDEOFILTER_CATEGORY_MONITOR

Log ID Added

13666

LOG_ID_VIDEOFILTER_CATEGORY_ALLOW

Log ID Added

13680

LOG_ID_VIDEOFILTER_CHANNEL_BLOCK

Log ID Added

13681

LOG_ID_VIDEOFILTER_CHANNEL_MONITOR

Log ID Added

13682

LOG_ID_VIDEOFILTER_CHANNEL_ALLOW

Log ID Added