Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

20000041

Meaning

Machine learning bot detection violation.

 

 

Field name Description

log_id

20000041

See Log ID numbers.

main_type

Bot Detection

subtype

N/A

 

Examples

v009xxxxdate=2019-09-21 time=08:54:03 log_id=20000041 msg_id=000034371543 device_id=FV3K1E3216000005 vd="root" timezone="(GMT+8:00)Beijing,ChongQing,HongKong,Urumgi" timezone_dayst="GMTa-8" type=attack pri=alert main_type="Bot Detection" sub_type="N/A" trigger_policy="" severity_level=High proto=tcp service=http backend_service=tcp action=Alert policy="FWB_Policy_Default_AutoTest_ttp" src=10.114.0.102 src_port=53734 dst=10.114.0.1 dst_port=80 http_method=none http_url="none" http_host="none" http_agent="none" http_session_id=none msg="Bot Verification failed (Real Browser Enforcement)" signature_subclass="N/A" signature_id="N/A" signature_cve_id="N/A" srccountry="Reserved" content_switch_name="none" server_pool_name="none" false_positive_mitigation="none" user_name="Unknown" monitor_status="Disabled" http_refer="none" http_version="Unknown" dev_id="none" es=0 threat_weight=10 history_threat_weight=0 threat_level=Medium ftp_mode="N/A" ftp_cmd="N/A" cipher_suite="none" ml_log_hmm_probability=0.000000 ml_log_sample_prob_mean=0.000000 ml_log_sample_arglen_mean=0.000000 ml_log_arglen=0 ml_svm_log_main_types=0 ml_svm_log_match_types="none" ml_svm_accuracy="none" ml_domain_index=0 ml_url_dbid=0 ml_arg_dbid=0 ml_allow_method="none" owasp_top10="N/A" bot_info="{"dimen_count": 13, "boxplot_info": [{"id": 1, "value": [1.00, 1.00, 1.00]}, {"id": 2, "value": [1.00, 2.00, 2.00]}, {"id": 3, "value": [0.00, 0.00, 0.00]}, {"id": 4, "value": [0.00, 0.00, 0.00]}, {"id": 5, "value": [1.00, 1.00, 1.00]}, {"id": 6, "value": [0.00, 0.00, 0.00]}, {"id": 7, "value": [0.00, 0.00, 0.00]}, {"id": 8, "value": [1.00, 1.00, 1.00]}, {"id": 9, "value": [0.00, 0.00, 0.00]}, {"id": 10, "value": [0.00, 0.00, 0.00]}, {"id": 11, "value": [0.00, 0.00, 0.00]}, {"id": 12, "value": [1.00, 1.00, 2.00]}, {"id": 13, "value": [1.00, 1.00, 1.00]}], "vector": [100.00,100.00,0.00,0.00,100.00,0.00,0.00,100.00,0.00,0.00,0.00,2.00,2.00]}"

20000041

Meaning

Machine learning bot detection violation.

 

 

Field name Description

log_id

20000041

See Log ID numbers.

main_type

Bot Detection

subtype

N/A

 

Examples

v009xxxxdate=2019-09-21 time=08:54:03 log_id=20000041 msg_id=000034371543 device_id=FV3K1E3216000005 vd="root" timezone="(GMT+8:00)Beijing,ChongQing,HongKong,Urumgi" timezone_dayst="GMTa-8" type=attack pri=alert main_type="Bot Detection" sub_type="N/A" trigger_policy="" severity_level=High proto=tcp service=http backend_service=tcp action=Alert policy="FWB_Policy_Default_AutoTest_ttp" src=10.114.0.102 src_port=53734 dst=10.114.0.1 dst_port=80 http_method=none http_url="none" http_host="none" http_agent="none" http_session_id=none msg="Bot Verification failed (Real Browser Enforcement)" signature_subclass="N/A" signature_id="N/A" signature_cve_id="N/A" srccountry="Reserved" content_switch_name="none" server_pool_name="none" false_positive_mitigation="none" user_name="Unknown" monitor_status="Disabled" http_refer="none" http_version="Unknown" dev_id="none" es=0 threat_weight=10 history_threat_weight=0 threat_level=Medium ftp_mode="N/A" ftp_cmd="N/A" cipher_suite="none" ml_log_hmm_probability=0.000000 ml_log_sample_prob_mean=0.000000 ml_log_sample_arglen_mean=0.000000 ml_log_arglen=0 ml_svm_log_main_types=0 ml_svm_log_match_types="none" ml_svm_accuracy="none" ml_domain_index=0 ml_url_dbid=0 ml_arg_dbid=0 ml_allow_method="none" owasp_top10="N/A" bot_info="{"dimen_count": 13, "boxplot_info": [{"id": 1, "value": [1.00, 1.00, 1.00]}, {"id": 2, "value": [1.00, 2.00, 2.00]}, {"id": 3, "value": [0.00, 0.00, 0.00]}, {"id": 4, "value": [0.00, 0.00, 0.00]}, {"id": 5, "value": [1.00, 1.00, 1.00]}, {"id": 6, "value": [0.00, 0.00, 0.00]}, {"id": 7, "value": [0.00, 0.00, 0.00]}, {"id": 8, "value": [1.00, 1.00, 1.00]}, {"id": 9, "value": [0.00, 0.00, 0.00]}, {"id": 10, "value": [0.00, 0.00, 0.00]}, {"id": 11, "value": [0.00, 0.00, 0.00]}, {"id": 12, "value": [1.00, 1.00, 2.00]}, {"id": 13, "value": [1.00, 1.00, 1.00]}], "vector": [100.00,100.00,0.00,0.00,100.00,0.00,0.00,100.00,0.00,0.00,0.00,2.00,2.00]}"