Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

20000017

Meaning

File upload restrictions violation

 

 

Field name Description

log_id

20000017

See Log ID numbers.

main_type

File Upload Restriction

subtype

  • Antivirus Detection
  • Trojan Detection
  • FortiSandbox Detection
  • Illegal File Type
  • Illegal File Size

 

Examples

v007xxxxdate=2019-08-02 time=22:38:50 log_id=20000017 msg_id=000000079768 device_id=FV-1KE4417900002 vd="root" timezone="(GMT+8:00)Beijing,ChongQing,HongKong,Urumgi" timezone_dayst="GMTa-8" type=attack pri=alert main_type="File Upload Restriction" sub_type="Illegal File Type" trigger_policy="" severity_level=Medium proto=tcp service=http action=Alert_Deny policy="FWB_Policy_Default_AutoTest" src=10.200.10.100 src_port=63865 dst=10.101.0.1 dst_port=80 http_method=post http_url="/upload/servlet/UploadServlet" http_host="10.0.0.147:8090" http_agent="Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)" http_session_id=none msg="filename [filup.pdf]: Illegal file type" signature_subclass="N/A" signature_id="N/A" signature_cve_id="N/A" srccountry="Reserved" content_switch_name="none" server_pool_name="FWB_server_pool" false_positive_mitigation="none" user_name="Unknown" monitor_status="Disabled" http_refer="http://10.12.0.39:1001/upload/~upload" http_version="1.x" dev_id="none" threat_weight=30 history_threat_weight=0 threat_level=High ftp_mode="N/A" ftp_cmd="N/A" cipher_suite="none" ml_log_hmm_probability=0.000000 ml_log_sample_prob_mean=0.000000 ml_log_sample_arglen_mean=0.000000 ml_log_arglen=0 ml_svm_log_main_types=0 ml_svm_log_match_types="none" ml_svm_accuracy="none" ml_domain_index=0 ml_url_dbid=0 ml_arg_dbid=0 ml_allow_method="none" owasp_top10="A6:2017-Security Misconfiguration"

20000017

Meaning

File upload restrictions violation

 

 

Field name Description

log_id

20000017

See Log ID numbers.

main_type

File Upload Restriction

subtype

  • Antivirus Detection
  • Trojan Detection
  • FortiSandbox Detection
  • Illegal File Type
  • Illegal File Size

 

Examples

v007xxxxdate=2019-08-02 time=22:38:50 log_id=20000017 msg_id=000000079768 device_id=FV-1KE4417900002 vd="root" timezone="(GMT+8:00)Beijing,ChongQing,HongKong,Urumgi" timezone_dayst="GMTa-8" type=attack pri=alert main_type="File Upload Restriction" sub_type="Illegal File Type" trigger_policy="" severity_level=Medium proto=tcp service=http action=Alert_Deny policy="FWB_Policy_Default_AutoTest" src=10.200.10.100 src_port=63865 dst=10.101.0.1 dst_port=80 http_method=post http_url="/upload/servlet/UploadServlet" http_host="10.0.0.147:8090" http_agent="Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)" http_session_id=none msg="filename [filup.pdf]: Illegal file type" signature_subclass="N/A" signature_id="N/A" signature_cve_id="N/A" srccountry="Reserved" content_switch_name="none" server_pool_name="FWB_server_pool" false_positive_mitigation="none" user_name="Unknown" monitor_status="Disabled" http_refer="http://10.12.0.39:1001/upload/~upload" http_version="1.x" dev_id="none" threat_weight=30 history_threat_weight=0 threat_level=High ftp_mode="N/A" ftp_cmd="N/A" cipher_suite="none" ml_log_hmm_probability=0.000000 ml_log_sample_prob_mean=0.000000 ml_log_sample_arglen_mean=0.000000 ml_log_arglen=0 ml_svm_log_main_types=0 ml_svm_log_match_types="none" ml_svm_accuracy="none" ml_domain_index=0 ml_url_dbid=0 ml_arg_dbid=0 ml_allow_method="none" owasp_top10="A6:2017-Security Misconfiguration"