Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    User Guide

    25.4.0
    26.1.a
    26.1.0
    25.4.a
    25.4.0

    Field types

    Field types

    Most fields are atomic, meaning they cannot be broken down further. However, FortiNDR Cloud fields can also be a structured object, either an object or an array. See Enriched object field types.

    Fields in FortiNDR Cloud can be one of the following types.

    Field Type Description Example
    int An integer value (port, bytes, packets, etc.) 1
    float A decimal value (distance, entropy, etc.) 1.0
    Boolean true of false True
    string A sequence of arbitrary characters hello world
    timestamp A RFC3339 timestamp value 2019-01-01T00:00:00.000Z
    ip A single IP address or valid CIDR-notation 8.8.8.8, 10.0.1.0/24
    object An arbitrary JSON structure containing nested subfields N/A
    array An array of values of the same type N/A
    Previous
    Next

    Field types

    Field types

    Most fields are atomic, meaning they cannot be broken down further. However, FortiNDR Cloud fields can also be a structured object, either an object or an array. See Enriched object field types.

    Fields in FortiNDR Cloud can be one of the following types.

    Field Type Description Example
    int An integer value (port, bytes, packets, etc.) 1
    float A decimal value (distance, entropy, etc.) 1.0
    Boolean true of false True
    string A sequence of arbitrary characters hello world
    timestamp A RFC3339 timestamp value 2019-01-01T00:00:00.000Z
    ip A single IP address or valid CIDR-notation 8.8.8.8, 10.0.1.0/24
    object An arbitrary JSON structure containing nested subfields N/A
    array An array of values of the same type N/A
    Previous
    Next