Fortinet white logo
Fortinet white logo

FortiOS Log Message Reference

8221 - MESGID_ICB_NOTIF

8221 - MESGID_ICB_NOTIF

Message ID: 8221

Message Description: MESGID_ICB_NOTIF

Message Meaning: File reported infected by Inline Block (notice)

Type: Virus

Category: inline-block

Severity: Notice

Log Field Name

Description

Data Type

Length

vrf

uint16

3

virusid

uint32

10

viruscat

string

32

virus

string

128

vd

string

32

user

string

256

url

string

512

unauthusersource

string

66

unauthuser

string

66

tz

string

5

type

string

16

trueclntip

ip

39

transid

uint32

10

to

string

512

time

string

8

subtype

string

20

subservice

string

16

subject

string

256

srcuuid

string

37

srcport

uint16

5

srcname

string

64

srcmac

string

17

srcip

ip

39

srcintfrole

string

10

srcintf

string

32

srcdomain

string

255

srccountry

string

64

sharename

string

256

sessionid

uint32

10

service

string

5

sender

string

128

referralurl

string

512

ref

string

512

recipient

string

512

rawdata

string

20480

quarskip

string

46

psrcport

uint16

5

proto

uint8

3

profile

string

64

poluuid

string

37

policytype

string

24

policymode

string

8

policyid

uint32

10

pdstport

uint16

5

pathname

string

256

msg

string

4096

messageid

string

256

logid

string

10

level

string

11

itype

string

16

icbverdict

string

5

icbseverity

string

11

icbfiletype

string

10

icbfileid

string

65

icbconfidence

string

6

icbaction

string

7

httpmethod

string

20

group

string

512

from

string

128

forwardedfor

string

128

filetype

string

16

filename

string

256

filehashsrc

string

32

filehash

string

64

fctuid

string

32

eventtype

string

32

eventtime

uint64

20

dtype

string

32

dstuuid

string

37

dstuser

string

256

dstport

uint16

5

dstip

ip

39

dstintfrole

string

10

dstintf

string

32

dstcountry

string

64

dstauthserver

string

64

direction

string

8

devid

string

16

date

string

10

crscore

uint32

10

crlevel

string

10

craction

uint32

10

contentdisarmed

string

13

checksum

string

16

cdrcontent

string

256

cc

string

512

authserver

string

64

attachment

string

3

analyticssubmit

string

10

analyticscksum

string

64

agent

string

1024

action

string

18

8221 - MESGID_ICB_NOTIF

8221 - MESGID_ICB_NOTIF

Message ID: 8221

Message Description: MESGID_ICB_NOTIF

Message Meaning: File reported infected by Inline Block (notice)

Type: Virus

Category: inline-block

Severity: Notice

Log Field Name

Description

Data Type

Length

vrf

uint16

3

virusid

uint32

10

viruscat

string

32

virus

string

128

vd

string

32

user

string

256

url

string

512

unauthusersource

string

66

unauthuser

string

66

tz

string

5

type

string

16

trueclntip

ip

39

transid

uint32

10

to

string

512

time

string

8

subtype

string

20

subservice

string

16

subject

string

256

srcuuid

string

37

srcport

uint16

5

srcname

string

64

srcmac

string

17

srcip

ip

39

srcintfrole

string

10

srcintf

string

32

srcdomain

string

255

srccountry

string

64

sharename

string

256

sessionid

uint32

10

service

string

5

sender

string

128

referralurl

string

512

ref

string

512

recipient

string

512

rawdata

string

20480

quarskip

string

46

psrcport

uint16

5

proto

uint8

3

profile

string

64

poluuid

string

37

policytype

string

24

policymode

string

8

policyid

uint32

10

pdstport

uint16

5

pathname

string

256

msg

string

4096

messageid

string

256

logid

string

10

level

string

11

itype

string

16

icbverdict

string

5

icbseverity

string

11

icbfiletype

string

10

icbfileid

string

65

icbconfidence

string

6

icbaction

string

7

httpmethod

string

20

group

string

512

from

string

128

forwardedfor

string

128

filetype

string

16

filename

string

256

filehashsrc

string

32

filehash

string

64

fctuid

string

32

eventtype

string

32

eventtime

uint64

20

dtype

string

32

dstuuid

string

37

dstuser

string

256

dstport

uint16

5

dstip

ip

39

dstintfrole

string

10

dstintf

string

32

dstcountry

string

64

dstauthserver

string

64

direction

string

8

devid

string

16

date

string

10

crscore

uint32

10

crlevel

string

10

craction

uint32

10

contentdisarmed

string

13

checksum

string

16

cdrcontent

string

256

cc

string

512

authserver

string

64

attachment

string

3

analyticssubmit

string

10

analyticscksum

string

64

agent

string

1024

action

string

18