Fortinet black logo

FortiManager event log message example

FortiManager event log message example

2020-05-12 17:01:16 log_id=0001010018 type=event subtype=system pri=information desc="User login/logout successful" user="admin" userfrom="JSON(10.100.55.254)" msg="user 'admin' with profile 'Super_User' logout from JSON(10.100.55.254)" session_id=5108 adminprof="Super_User"

Event log message breakdown

Log Field

Description

Date: 2020-05-12

The year, month, and day when the event occurred in the format: YY-MM-DD

Time: 17:01:16

The hour, minute, and second of when the event occurred.

Log ID: 0001010018

A ten-digit number that identifies the log type. The first two digits represent the log type, and the following two digits represent the log subtype. The last six digits represent the message ID number.

Type: event

The section of the system where the event occurred.

Subtype: system

The subtype of each log message.

Pri: information

The severity level or priority of the event. There are several severity or priority levels. See Priority levels.

Desc: User login/logout successful

A description of the activity or event recorded by the FortiManager unit.

User: admin

The name of the user creating the traffic.

Userfrom: JSON(10.100.55.254)

Where the user initiated the activity or event, if applicable.

Msg: user 'admin' with profile 'Super_User' logout from JSON(10.100.55.254)

The activity or event recorded by the FortiManager unit.

session_id: 5108

The session identification number.

adminprof: Super_User

The administrator profile associated with the administrator account.

FortiManager event log message example

2020-05-12 17:01:16 log_id=0001010018 type=event subtype=system pri=information desc="User login/logout successful" user="admin" userfrom="JSON(10.100.55.254)" msg="user 'admin' with profile 'Super_User' logout from JSON(10.100.55.254)" session_id=5108 adminprof="Super_User"

Event log message breakdown

Log Field

Description

Date: 2020-05-12

The year, month, and day when the event occurred in the format: YY-MM-DD

Time: 17:01:16

The hour, minute, and second of when the event occurred.

Log ID: 0001010018

A ten-digit number that identifies the log type. The first two digits represent the log type, and the following two digits represent the log subtype. The last six digits represent the message ID number.

Type: event

The section of the system where the event occurred.

Subtype: system

The subtype of each log message.

Pri: information

The severity level or priority of the event. There are several severity or priority levels. See Priority levels.

Desc: User login/logout successful

A description of the activity or event recorded by the FortiManager unit.

User: admin

The name of the user creating the traffic.

Userfrom: JSON(10.100.55.254)

Where the user initiated the activity or event, if applicable.

Msg: user 'admin' with profile 'Super_User' logout from JSON(10.100.55.254)

The activity or event recorded by the FortiManager unit.

session_id: 5108

The session identification number.

adminprof: Super_User

The administrator profile associated with the administrator account.