Fortinet Document Library

Version:

Version:


Table of Contents

Log Reference

Download PDF
Copy Link

Antivirus logs

This chapter contains information regarding antivirus log messages, including an example of an antivirus log message.

Antivirus log messages have a subtype called “infected”. Antivirus log messages inform you of viruses detected by your FortiMail unit.

Antivirus uses a dynamic error reporting scheme. This scheme is unable to create a definitive list of log messages that you may encounter. Errors are logged in a format similar to the following example.

You can cross-search an antivirus log message to get more information about it. For more information about log message cross search, see Log message cross search .

Example

If you send the FortiMail log messages to a remote Syslog server (including FortiAnalyzer), an antivirus log would look like the following and the log fields would appear in the following order:

date=2012-07-24 time=17:07:42 device_id=FE100C3909600504 log_id=0100000924 type=virus subtype=infected pri=information from="syntax@www.ca" to="user2@1.ca" src=172.20.140.94 session_id="q6OL7fsQ018870-q6OL7fsR018870" msg="The file inline-16-69.dat is infected with EICAR_TEST_FILE."

Antivirus logs

This chapter contains information regarding antivirus log messages, including an example of an antivirus log message.

Antivirus log messages have a subtype called “infected”. Antivirus log messages inform you of viruses detected by your FortiMail unit.

Antivirus uses a dynamic error reporting scheme. This scheme is unable to create a definitive list of log messages that you may encounter. Errors are logged in a format similar to the following example.

You can cross-search an antivirus log message to get more information about it. For more information about log message cross search, see Log message cross search .

Example

If you send the FortiMail log messages to a remote Syslog server (including FortiAnalyzer), an antivirus log would look like the following and the log fields would appear in the following order:

date=2012-07-24 time=17:07:42 device_id=FE100C3909600504 log_id=0100000924 type=virus subtype=infected pri=information from="syntax@www.ca" to="user2@1.ca" src=172.20.140.94 session_id="q6OL7fsQ018870-q6OL7fsR018870" msg="The file inline-16-69.dat is infected with EICAR_TEST_FILE."