Fortinet black logo

Log Message Reference

Home FortiWeb 6.4.1 Log Message Reference

20000010

6.4.1
7.4.0
7.2.2
7.2.1
7.2.0
7.0.4
7.0.3
7.0.2
7.0.0
6.4.2
6.4.1
6.3.17
6.3.16
6.3.15
6.3.14
6.3.13
6.3.11
6.3.10
6.3.9
6.3.4
6.3.3
6.3.2
6.3.1
6.3.0
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
4.4.6
4.4.4
4.4.3
4.4.2
4.4.1
Copy Link
Copy Doc ID ac7ef506-e101-11eb-97f7-00505692583a:78219
Download PDF

20000010

Meaning

Brute Force Login Violation

Field name Description

log_id

20000010

See Log ID numbers.

main_type

Brute Force Login

subtype

  • Based on TCP Session
  • Based on Source IP

Examples

v007xxxxdate=2019-08-02 time=23:24:16 log_id=20000010 msg_id=000000098389 device_id=FV-1KE4417900002 vd="root" timezone="(GMT+8:00)Beijing,ChongQing,HongKong,Urumgi" timezone_dayst="GMTa-8" type=attack pri=alert main_type="Brute Force Login" sub_type="Based on TCP Session" trigger_policy="" severity_level=High proto=tcp service=http action=Period_Block policy="FWB_Policy_Default_AutoTest" src=10.200.10.100 src_port=57948 dst=10.0.1.5 dst_port=80 http_method=post http_url="/autotest/site_publishing_helper/login_check/0" http_host="fwbqa-win2k3.fwbqa.com" http_agent="python-for-fortiweb" http_session_id=none msg="Brute Force Login Violation" signature_subclass="N/A" signature_id="N/A" signature_cve_id="N/A" srccountry="Reserved" content_switch_name="none" server_pool_name="FWB_server_pool_10.0.1.5" false_positive_mitigation="none" user_name="Unknown" monitor_status="Disabled" http_refer="none" http_version="1.x" dev_id="none" threat_weight=50 history_threat_weight=0 threat_level=Critical ftp_mode="N/A" ftp_cmd="N/A" cipher_suite="none" ml_log_hmm_probability=0.000000 ml_log_sample_prob_mean=0.000000 ml_log_sample_arglen_mean=0.000000 ml_log_arglen=0 ml_svm_log_main_types=0 ml_svm_log_match_types="none" ml_svm_accuracy="none" ml_domain_index=0 ml_url_dbid=0 ml_arg_dbid=0 ml_allow_method="none" owasp_top10="A2:2017-Broken Authentication"
Previous
Next

20000010

Meaning

Brute Force Login Violation

Field name Description

log_id

20000010

See Log ID numbers.

main_type

Brute Force Login

subtype

  • Based on TCP Session
  • Based on Source IP

Examples

v007xxxxdate=2019-08-02 time=23:24:16 log_id=20000010 msg_id=000000098389 device_id=FV-1KE4417900002 vd="root" timezone="(GMT+8:00)Beijing,ChongQing,HongKong,Urumgi" timezone_dayst="GMTa-8" type=attack pri=alert main_type="Brute Force Login" sub_type="Based on TCP Session" trigger_policy="" severity_level=High proto=tcp service=http action=Period_Block policy="FWB_Policy_Default_AutoTest" src=10.200.10.100 src_port=57948 dst=10.0.1.5 dst_port=80 http_method=post http_url="/autotest/site_publishing_helper/login_check/0" http_host="fwbqa-win2k3.fwbqa.com" http_agent="python-for-fortiweb" http_session_id=none msg="Brute Force Login Violation" signature_subclass="N/A" signature_id="N/A" signature_cve_id="N/A" srccountry="Reserved" content_switch_name="none" server_pool_name="FWB_server_pool_10.0.1.5" false_positive_mitigation="none" user_name="Unknown" monitor_status="Disabled" http_refer="none" http_version="1.x" dev_id="none" threat_weight=50 history_threat_weight=0 threat_level=Critical ftp_mode="N/A" ftp_cmd="N/A" cipher_suite="none" ml_log_hmm_probability=0.000000 ml_log_sample_prob_mean=0.000000 ml_log_sample_arglen_mean=0.000000 ml_log_arglen=0 ml_svm_log_main_types=0 ml_svm_log_match_types="none" ml_svm_accuracy="none" ml_domain_index=0 ml_url_dbid=0 ml_arg_dbid=0 ml_allow_method="none" owasp_top10="A2:2017-Broken Authentication"
Previous
Next