DOCUMENT LIBRARY

FortiOS Log Message Reference

Home FortiGate / FortiOS 7.2.1 FortiOS Log Message Reference

7.2.1

Log ID definitions

Log ID definitions

Following are the definitions for the log type IDs and subtype IDs applicable to FortiOS:

Log Category IDs	Subtype IDs
traffic: 0	forward: 0 local: 1 multicast: 2 sniffer: 4 ztna: 5
event: 1	system: 0 vpn: 1 user: 2 router: 3 wireless: 4 wad: 5 endpoint: 7 ha: 8 security-rating: 10 fortiextender: 11 connector: 12 sdwan: 13 cifs-auth-fail: 14 switch-controller: 15 rest-api: 16
virus: 2	analytics: 1 filetype-executable: 3 outbreak-prevention: 4 content-disarm: 5 command-blocked: 6 malware-list: 7 ems-threat-feed: 8 fortindr: 9 fortisandbox: 10 infected: 11 filename: 12 oversize: 13 mimefragmented: 61 scanerror: 62 switchproto: 63
webfilter: 3	content: 14 urlfilter: 15 ftgd_blk: 16 ftgd_allow: 17 ftgd_err: 18 urlmonitor: 19 activexfilter: 35 cookiefilter: 36 appletfilter: 37 ftgd_quota_counting: 38 ftgd_quota_expired: 39 ftgd_quota: 40 scriptfilter: 41 webfilter_command_block: 43 http_header_change: 44 ssl-exempt: 45 antiphishing: 46 videofilter-category: 47 videofilter-channel: 48
ips: 4	signature: 19 malicious-url: 21 botnet: 22
emailfilter: 5	email: 12 spam: 13 bannedword: 14 webmail: 20 ftgd_err: 53
anomaly: 7	anomaly: 20
voip: 8	voip: 14
dlp: 9	dlp: 54 dlp-docsource: 55
app-ctrl: 10	signature: 59 port-violation: 60 protocol-violation: 61
waf: 12	waf-signature: 0 waf-custom-signature: 1 waf-http-method: 2 waf-http-constraint: 3 waf-address-list: 4 waf-url-access: 5
gtp: 14	gtp-all: 0 pfcp-all: 1
dns: 15	dns-query: 0 dns-response: 1
ssh: 16	ssh-command: 0 ssh-channel: 1 ssh-hostkey: 2
ssl: 17	ssl-anomaly: 0 ssl-exempt: 1 ssl-negotiation: 2 ssl-server-cert-info: 3 ssl-handshake: 4
file-filter: 19	file-filter: 0
icap: 20	icap: 0
forti-switch: 23	fsw-flow: 0

Previous

Next

Log ID definitions

Log ID definitions

Following are the definitions for the log type IDs and subtype IDs applicable to FortiOS:

Log Category IDs	Subtype IDs
traffic: 0	forward: 0 local: 1 multicast: 2 sniffer: 4 ztna: 5
event: 1	system: 0 vpn: 1 user: 2 router: 3 wireless: 4 wad: 5 endpoint: 7 ha: 8 security-rating: 10 fortiextender: 11 connector: 12 sdwan: 13 cifs-auth-fail: 14 switch-controller: 15 rest-api: 16
virus: 2	analytics: 1 filetype-executable: 3 outbreak-prevention: 4 content-disarm: 5 command-blocked: 6 malware-list: 7 ems-threat-feed: 8 fortindr: 9 fortisandbox: 10 infected: 11 filename: 12 oversize: 13 mimefragmented: 61 scanerror: 62 switchproto: 63
webfilter: 3	content: 14 urlfilter: 15 ftgd_blk: 16 ftgd_allow: 17 ftgd_err: 18 urlmonitor: 19 activexfilter: 35 cookiefilter: 36 appletfilter: 37 ftgd_quota_counting: 38 ftgd_quota_expired: 39 ftgd_quota: 40 scriptfilter: 41 webfilter_command_block: 43 http_header_change: 44 ssl-exempt: 45 antiphishing: 46 videofilter-category: 47 videofilter-channel: 48
ips: 4	signature: 19 malicious-url: 21 botnet: 22
emailfilter: 5	email: 12 spam: 13 bannedword: 14 webmail: 20 ftgd_err: 53
anomaly: 7	anomaly: 20
voip: 8	voip: 14
dlp: 9	dlp: 54 dlp-docsource: 55
app-ctrl: 10	signature: 59 port-violation: 60 protocol-violation: 61
waf: 12	waf-signature: 0 waf-custom-signature: 1 waf-http-method: 2 waf-http-constraint: 3 waf-address-list: 4 waf-url-access: 5
gtp: 14	gtp-all: 0 pfcp-all: 1
dns: 15	dns-query: 0 dns-response: 1
ssh: 16	ssh-command: 0 ssh-channel: 1 ssh-hostkey: 2
ssl: 17	ssl-anomaly: 0 ssl-exempt: 1 ssl-negotiation: 2 ssl-server-cert-info: 3 ssl-handshake: 4
file-filter: 19	file-filter: 0
icap: 20	icap: 0
forti-switch: 23	fsw-flow: 0

Previous

Next