Fortinet black logo

Log Message Reference

Home FortiWeb 6.3.1 Log Message Reference

20000026

6.3.1
7.4.0
7.2.2
7.2.1
7.2.0
7.0.4
7.0.3
7.0.2
7.0.0
6.4.2
6.4.1
6.3.17
6.3.16
6.3.15
6.3.14
6.3.13
6.3.11
6.3.10
6.3.9
6.3.4
6.3.3
6.3.2
6.3.1
6.3.0
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
4.4.6
4.4.4
4.4.3
4.4.2
4.4.1
Copy Link
Copy Doc ID 91d71ddb-5906-11ea-9384-00505692583a:502877
Download PDF

20000026

Meaning

HTTP Protocol Constraints violation.

Field name Description

log_id

20000026

See Log ID numbers.

main_type

HTTP Protocol Constraints

subtype

  • Header Length Violation
  • Header Line Violation
  • Body Length Violation
  • Content Length Violation
  • Parameter Length Violation
  • HTTP Request Length Violation
  • URL Parameter Length Violation
  • Illegal HTTP Version
  • Cookie Number Overflow
  • Request Header Line number Overflow
  • URL Parameter Number Overflow
  • Illegal Hostname
  • Range Header Violation
  • Illegal HTTP Method
  • Illegal Content Length
  • Illegal Content Type
  • Illegal Response Code
  • Missing POST Content Type
  • Body Parameter Length Violation
  • Header Name Length Violation
  • Header Value Length Violation
  • NULL Character in Parameter Name
  • NULL Character in Paramter Value
  • Illegal Header Name
  • Illegal Header Value
  • HTTP Request Filename Violation
  • Web Socket Protocol
  • Illegal Frame Type
  • Illegal Frame Flag
  • Illegal Connection Preface
  • HTTP/2 Header Table Size Overflow
  • HTTP/2 Concurrent Stream Number Overflow
  • HTTP/2 Initial Window Size Overflow
  • HTTP/2 Frame Size Overflow
  • HTTP/2 Header List Overflow
  • Illegal URL Parameter Name
  • Illegal URL Parameter Value
  • URL Parameter Name Overflow
  • URL Parameter Value Overflow
  • NULL Character in URL
  • Illegal Character in URL
  • Redundant HTTP Header
  • Malformed URL
  • Illegal Chunk Size
  • HTTP Parsing Error
  • HTTP Duplicated Parameter Name
  • Odd and Even Space Attack

Examples

v007xxxxdate=2019-08-03 time=10:16:50 log_id=20000026 msg_id=000000225718 device_id=FV-1KE4417900002 vd="root" timezone="(GMT+8:00)Beijing,ChongQing,HongKong,Urumgi" timezone_dayst="GMTa-8" type=attack pri=alert main_type="HTTP Protocol Constraints" sub_type="Header Name Length Violation" trigger_policy="" severity_level=High proto=tcp service=http action=Alert_Deny policy="FWB_Policy_Default_AutoTest" src=10.200.10.100 src_port=61358 dst=10.101.0.1 dst_port=80 http_method=get http_url="/" http_host="fortinet.fortiweb.com" http_agent="python-for-fortiweb" http_session_id=none msg="[policy_name=FWB_protection_profile] : Header Name Length Exceeded: (The HTTP header name length (51) exceeded the maximum allowed - 50)" signature_subclass="N/A" signature_id="N/A" signature_cve_id="N/A" srccountry="Reserved" content_switch_name="none" server_pool_name="FWB_server_pool" false_positive_mitigation="none" user_name="Unknown" monitor_status="Disabled" http_refer="none" http_version="1.x" dev_id="none" threat_weight=10 history_threat_weight=0 threat_level=Medium ftp_mode="N/A" ftp_cmd="N/A" cipher_suite="none" ml_log_hmm_probability=0.000000 ml_log_sample_prob_mean=0.000000 ml_log_sample_arglen_mean=0.000000 ml_log_arglen=0 ml_svm_log_main_types=0 ml_svm_log_match_types="none" ml_svm_accuracy="none" ml_domain_index=0 ml_url_dbid=0 ml_arg_dbid=0 ml_allow_method="none" owasp_top10="A6:2017-Security Misconfiguration"
Previous
Next

20000026

Meaning

HTTP Protocol Constraints violation.

Field name Description

log_id

20000026

See Log ID numbers.

main_type

HTTP Protocol Constraints

subtype

  • Header Length Violation
  • Header Line Violation
  • Body Length Violation
  • Content Length Violation
  • Parameter Length Violation
  • HTTP Request Length Violation
  • URL Parameter Length Violation
  • Illegal HTTP Version
  • Cookie Number Overflow
  • Request Header Line number Overflow
  • URL Parameter Number Overflow
  • Illegal Hostname
  • Range Header Violation
  • Illegal HTTP Method
  • Illegal Content Length
  • Illegal Content Type
  • Illegal Response Code
  • Missing POST Content Type
  • Body Parameter Length Violation
  • Header Name Length Violation
  • Header Value Length Violation
  • NULL Character in Parameter Name
  • NULL Character in Paramter Value
  • Illegal Header Name
  • Illegal Header Value
  • HTTP Request Filename Violation
  • Web Socket Protocol
  • Illegal Frame Type
  • Illegal Frame Flag
  • Illegal Connection Preface
  • HTTP/2 Header Table Size Overflow
  • HTTP/2 Concurrent Stream Number Overflow
  • HTTP/2 Initial Window Size Overflow
  • HTTP/2 Frame Size Overflow
  • HTTP/2 Header List Overflow
  • Illegal URL Parameter Name
  • Illegal URL Parameter Value
  • URL Parameter Name Overflow
  • URL Parameter Value Overflow
  • NULL Character in URL
  • Illegal Character in URL
  • Redundant HTTP Header
  • Malformed URL
  • Illegal Chunk Size
  • HTTP Parsing Error
  • HTTP Duplicated Parameter Name
  • Odd and Even Space Attack

Examples

v007xxxxdate=2019-08-03 time=10:16:50 log_id=20000026 msg_id=000000225718 device_id=FV-1KE4417900002 vd="root" timezone="(GMT+8:00)Beijing,ChongQing,HongKong,Urumgi" timezone_dayst="GMTa-8" type=attack pri=alert main_type="HTTP Protocol Constraints" sub_type="Header Name Length Violation" trigger_policy="" severity_level=High proto=tcp service=http action=Alert_Deny policy="FWB_Policy_Default_AutoTest" src=10.200.10.100 src_port=61358 dst=10.101.0.1 dst_port=80 http_method=get http_url="/" http_host="fortinet.fortiweb.com" http_agent="python-for-fortiweb" http_session_id=none msg="[policy_name=FWB_protection_profile] : Header Name Length Exceeded: (The HTTP header name length (51) exceeded the maximum allowed - 50)" signature_subclass="N/A" signature_id="N/A" signature_cve_id="N/A" srccountry="Reserved" content_switch_name="none" server_pool_name="FWB_server_pool" false_positive_mitigation="none" user_name="Unknown" monitor_status="Disabled" http_refer="none" http_version="1.x" dev_id="none" threat_weight=10 history_threat_weight=0 threat_level=Medium ftp_mode="N/A" ftp_cmd="N/A" cipher_suite="none" ml_log_hmm_probability=0.000000 ml_log_sample_prob_mean=0.000000 ml_log_sample_arglen_mean=0.000000 ml_log_arglen=0 ml_svm_log_main_types=0 ml_svm_log_match_types="none" ml_svm_accuracy="none" ml_domain_index=0 ml_url_dbid=0 ml_arg_dbid=0 ml_allow_method="none" owasp_top10="A6:2017-Security Misconfiguration"
Previous
Next