DOCUMENT LIBRARY
DOCUMENT LIBRARY
Products
Best Practices
Hardware Guides
Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
Hybrid Mesh Firewall
FortiGate/ FortiOS
FortiGate-5000
/
6000
/
7000
NOC Management
FortiManager
/
FortiManager Cloud
Managed Fortigate Service
LAN
FortiSwitch
FortiAP / FortiWiFi
FortiEdge Cloud
FortiNAC-F
WAN
Secure SD-WAN
FortiExtender
More >>
Unified SASE
Single Vendor SASE
FortiSASE
Secure SD-WAN
Zero Trust Network Access (ZTNA)
FortiProxy
FortiMonitor
Cloud Network Security
FortiGate Public Cloud
FortiGate Private Cloud
FortiGate CNF
FortiFlex
Lacework FortiCNAPP
Secure Endpoint Connectivity
FortiClient
/
FortiClient Cloud
Web Application / API Protection
FortiWeb
FortiADC
FortiDAST
More >>
Security Operations
Security Operations Automation
FortiAnalyzer
/
FortiAnalyzer Cloud
FortiSIEM
/
FortiSIEM Cloud
FortiSOAR
SOC-as-a-Service (SOCaaS)
Identity
FortiAuthenticator
FortiTrust Identity
FortiPAM
Early Detection & Prevention
FortiSandbox
/
FortiSandbox Cloud
FortiNDR
FortiDeceptor
FortiRecon
More >>
Secure Networking
Hybrid Mesh Firewall
FortiGate/ FortiOS
FortiGate-5000
/
6000
/
7000
NOC Management
FortiManager
/
FortiManager Cloud
Managed Fortigate Service
FortiAIOps
LAN
FortiSwitch
FortiAP / FortiWiFi
FortiAP-U Series
FortiEdge Cloud
FortiNAC-F
WAN
Secure SD-WAN
FortiExtender
Communication & Surveillance
FortiVoice
/
FortiVoice Cloud
FortiFone
FortiCamera
FortiRecorder
FortiCentral
Unified SASE
Single Vendor SASE
FortiSASE
Secure SD-WAN
Zero Trust Network Access (ZTNA)
FortiProxy
FortiMonitor
Secure Endpoint Connectivity
FortiClient
/
FortiClient Cloud
Cloud Network Security
FortiGate Public Cloud
FortiGate Private Cloud
FortiGate CNF
FortiFlex
Cloud-Native Security
Lacework FortiCNAPP
FortiDevSec
Web Application / API Protection
FortiWeb
FortiADC
FortiDAST
Security Operations
Security Operations Automation
FortiAnalyzer
/
FortiAnalyzer Cloud
FortiSIEM
/
FortiSIEM Cloud
FortiSOAR
Endpoint
FortiClient
/
FortiClient Cloud
FortiEDR/XDR
Data Protection
FortiDLP
FortiDLP Agent
FortiDLP Policies
Identity
FortiAuthenticator
FortiTrust Identity
FortiToken
/
FortiToken Cloud
FortiPAM
Email
FortiMail
FortiPhish
Early Detection & Prevention
FortiSandbox
/
FortiSandbox Cloud
FortiNDR
FortiDeceptor
FortiRecon
Expert Services
SOC-as-a-Service (SOCaaS)
Edge Firewall
FortiGate/FortiOS
FortiGate-5000
/
6000
/
7000
FortiGate Public Cloud
FortiGate Private Cloud
Orchestration & management
FortiManager
/
FortiManager Cloud
FortiAnalyzer
/
FortiAnalyzer Cloud
Overlay-as-a-Service
SD Branch
FortiSwitch
FortiAP / FortiWiFi
FortiExtender
/
FortiExtender Cloud
Application Delivery
FortiADC
/
FortiGSLB
Single Vendor SASE
FortiSASE
Secure Endpoint Connectivity
FortiClient
/
FortiClient Cloud
Secure Private Access
Secure SD-WAN
Zero Trust Network Access (ZTNA)
Thin Edge
FortiGate/ FortiOS
FortiAP / FortiWiFi
FortiExtender
/
FortiExtender Cloud
Identity
FortiAuthenticator
FortiTrust Identity
FortiToken Cloud
FortiToken
Application Gateway
FortiGate/ FortiOS
FortiProxy
FortiADC
/
FortiGSLB
Enterprise Asset Management
FortiClient EMS
Endpoint Agent
FortiClient
/
FortiClient Cloud
Agentless Security Posture
FortiNAC-F
FortiSIEM
/
FortiSIEM Cloud
Identity
FortiAuthenticator
FortiTrust Identity
FortiToken Cloud
FortiToken
Wireless
FortiAP / FortiWiFi
FortiAP-U Series
FortiGate Cloud
Switching
FortiSwitch
FortiEdge Cloud
FortiNAC-F
Identity
FortiAuthenticator
FortiTrust Identity
FortiToken Cloud
FortiToken
Privilege Acccess Management
FortiPAM
Next Generation Firewall
FortiGate / FortiOS
FortiGate-5000
/
6000
/
7000
FortiGate Public Cloud
FortiGate Private Cloud
Orchestration & management
FortiManager
/
FortiManager Cloud
FortiAnalyzer
/
FortiAnalyzer Cloud
Expert Services
SOC-as-a-Service (SOCaaS)
Managed Fortigate Service
All
FortiADC Public Cloud
FortiAnalyzer Public Cloud
FortiAuthenticator Public Cloud
FortiDeceptor Public Cloud
FortiGate Public Cloud
FortiIsolator Public Cloud
FortiManager Public Cloud
FortiNDR Public Cloud
FortiPAM Public Cloud
FortiPortal Public Cloud
FortiProxy Public Cloud
FortiSandbox Public Cloud
FortiTester Public Cloud
FortiVoice Public Cloud
FortiWeb Manager Public Cloud
FortiWeb Public Cloud
All
FortiADC Private Cloud
FortiAnalyzer BigData Private Cloud
FortiAnalyzer Private Cloud
FortiAuthenticator Private Cloud
FortiDeceptor Private Cloud
FortiGate Private Cloud
FortiManager Private Cloud
FortiNDR Private Cloud
FortiPAM Private Cloud
FortiProxy Private Cloud
FortiSandbox Private Cloud
FortiTester Private Cloud
FortiVoice Private Cloud
FortiWeb Manager Private Cloud
FortiWeb Private Cloud
Account Management
FortiCloud Services
SAAS Management
FortiGate Cloud
FortiEdge Cloud
FortiEdge Cloud
FortiExtender Cloud
FortiPresence Cloud
FortiToken Cloud
FortiTrust Identity
FortiZTP
FortiCamera Cloud
SAAS Application Security
FortiWeb Cloud
FortiGSLB
FortiCASB
FortiCNP
FortiInsight
FortiPhish
FortiGate CNF
Managed Services
SOC-as-a-Service (SOCaaS)
Managed Fortigate Service
Platform as a service (PAAS)
FortiSASE
FortiAnalyzer Cloud
FortiManager Cloud
FortiClient Cloud
FortiSandbox Cloud
FortiMail Cloud
FortiSOAR Cloud
Other SAAS Services
Overlay-as-a-Service
FortiRecon
FortiConverter
ForiIPAM
FortiFlex
FortiCare Elite
4D Resources
Solution Hubs
Define, design, deploy, demo
4D Pillars
Secure SD-WAN
Zero Trust Network Access
Wireless
Switching
Secure Access Service Edge
Identity and Access Management
Next Generation Firewall
Curated Links by Solution
Cloud
FortiCloud
Public & Private Cloud
Popular Solutions
Secure SD-WAN
Zero Trust Network Access
Secure Access
Security Fabric
Tele-Working
Multi-Factor Authentication
FortiASIC
Operational Technology
MSSP
Next Generation Firewall
FortiAnalyzer
FortiAnalyzer Big-Data
FortiADC
FortiAP / FortiWiFi
FortiAP U-Series
FortiAuthenticator
FortiCache
FortiCarrier
FortiController
FortiDDoS
FortiDDoS-F
FortiDeceptor
FortiExtender
FortiGate-5000
FortiGate-6000
FortiGate-7000
FortiHypervisor
FortiIsolator
FortiMail
FortiManager
FortiNAC
FortiNDR
FortiProxy
FortiRecorder
FortiGate
FortiRPS
FortiSandbox
FortiSIEM
FortiSwitch
FortiTester
FortiToken
FortiVoice
FortiWAN
FortiWeb
FortiWLC
FortiWLM
AscenLink
AV Engine
AWS Firewall Rules
Container FortiOS
FortiADC
FortiADC E Series
FortiADC Manager
FortiADC Private Cloud
FortiADC Public Cloud
FortiAIOps
FortiAnalyzer
FortiAnalyzer BigData
FortiAnalyzer BigData Private Cloud
FortiAnalyzer Cloud
FortiAnalyzer Private Cloud
FortiAnalyzer Public Cloud
FortiAP / FortiWiFi
FortiAP-U Series
FortiAuthenticator
FortiAuthenticator Private Cloud
FortiAuthenticator Public Cloud
FortiAuthProxy
FortiBalancer
FortiBranchSASE
FortiBridge
FortiCache
FortiCamera
FortiCamera Cloud
FortiCare Elite
FortiCarrier
FortiCASB
FortiCentral
FortiClient
FortiClient Cloud
FortiCloud Services
FortiCNP
FortiConnect
FortiController
FortiConverter Service
FortiConverter Tool
FortiCore
FortiCSPM
FortiCWP
FortiDAST
FortiDB
FortiDDoS
FortiDDoS-F
FortiDeceptor
FortiDeceptor DaaS
FortiDeceptor Private Cloud
FortiDeceptor Public Cloud
FortiDevSec
FortiDLP
FortiDLP Agent
FortiDLP Policies
FortiDNS
FortiEdge Cloud
FortiEDR/XDR
FortiEndpoint
FortiExplorer
FortiExplorer Go
FortiExtender
FortiFlex
FortiFone
FortiGate / FortiOS
FortiGate Cloud
FortiGate CNF
FortiGate Private Cloud
FortiGate Public Cloud
FortiGate-5000
FortiGate-6000
FortiGate-7000
FortiGate-as-a-Service
FortiGSLB
FortiGuard Advanced Bot Protection
FortiGuest
FortiHypervisor
FortiInsight
FortiInsight Cloud
FortiIPAM
FortiIsolator
FortiIsolator Public Cloud
FortiLAN Cloud
FortiMail
FortiMail Cloud
FortiManager
FortiManager Cloud
FortiManager Private Cloud
FortiManager Public Cloud
FortiMonitor
FortiNAC
FortiNAC-F
FortiNDR
FortiNDR (on-premise) Private Cloud
FortiNDR (on-premise) Public Cloud
FortiNDR Cloud
FortiNDR Cloud Sensors
FortiPAM
FortiPAM Private Cloud
FortiPAM Public Cloud
FortiPhish
FortiPlanner
FortiPolicy
FortiPortal
FortiPortal Public Cloud
FortiPresence
FortiPresence VM
FortiProxy
FortiProxy Private Cloud
FortiProxy Public Cloud
FortiRecon
FortiRecorder
FortiRPS
FortiSandbox
FortiSandbox Cloud
FortiSandbox Private Cloud
FortiSandbox Public Cloud
FortiSASE
FortiScanner
FortiSIEM
FortiSIEM Cloud
FortiSOAR
FortiSOAR Cloud
FortiSRA
FortiSwitch
FortiSwitch Manager
FortiTap
FortiTester
FortiTester Private Cloud
FortiTester Public Cloud
FortiToken
FortiToken Cloud
FortiTrust Identity
FortiVoice
FortiVoice Cloud
FortiVoice Private Cloud
FortiVoice Public Cloud
FortiWAN
FortiWAN Controller
FortiWeb
FortiWeb Cloud
FortiWeb Manager Private Cloud
FortiWeb Manager Public Cloud
FortiWeb Private Cloud
FortiWeb Public Cloud
FortiWLM
FortiZTP
IPS Engine
Lacework FortiCNAPP
Managed FortiGate Service
Overlay-as-a-Service
Security Awareness and Training
SOCaaS
Wireless Controller
Search documents and hardware ...
FortiOS Log Message Reference
Introduction
Before you begin
Overview
What's new
Log Types and Subtypes
Type
Subtype
List of log types and subtypes
FortiOS priority levels
Log field format
Log Schema Structure
Log message fields
Log ID numbers
Log ID definitions
FortiGuard Web Filter Categories
CEF Support
FortiOSÂ to CEFÂ log field mapping guidelines
CEFÂ priority levels
Examples of CEFÂ support
Traffic log support for CEF
Event log support for CEF
Antivirus log support for CEF
Webfilter log support for CEF
IPS log support for CEF
Email Spamfilter log support for CEF
Anomaly log support for CEF
VoIP log support for CEF
DLP log support for CEF
Application log support for CEF
WAF log support for CEF
DNS log support for CEF
SSH log support for CEF
UTMÂ Extended Logging
Enabling extended logging
0200_Log_Messages
0000_Anomaly
18432
18433
18434
0000_App
28672
28673
28674
28675
28676
28677
28678
28704
28705
28706
28720
28721
0000_AV
8192
8193
8194
8195
8200
8201
8448
8449
8450
8451
8452
8453
8454
8455
8456
8457
8458
8704
8705
8706
8707
8720
8721
8960
8961
8962
8963
8964
8965
8966
8967
8968
8969
8970
8971
8972
8973
8974
8975
8976
8977
8978
8979
8980
9233
9234
9235
9236
9237
9238
9239
9240
9248
9249
0000_DLP
24576
24577
24578
24579
0000_DNS
54000
54200
54400
54401
54600
54601
54800
54801
54802
54803
0000_Email
20480
20481
20482
20483
20484
20485
20486
20487
20488
20489
20490
20491
20492
20493
20494
20495
20496
20497
20498
20499
20500
20501
20502
20503
20504
20505
20506
20507
20508
20509
0000_Event
20002
20003
20004
20005
20006
20007
20008
20010
20016
20017
20020
20021
20022
20023
20024
20025
20026
20027
20028
20031
20032
20033
20034
20035
20036
20037
20039
20040
20041
20042
20043
20044
20045
20046
20047
20048
20049
20050
20051
20052
20053
20054
20055
20056
20057
20058
20059
20060
20061
20062
20063
20064
20065
20066
20067
20068
20069
20070
20071
20072
20073
20074
20075
20077
20078
20079
20080
20081
20082
20083
20084
20085
20086
20090
20099
20100
20101
20102
20103
20104
20105
20107
20108
20109
20113
20115
20116
20117
20118
20119
20200
20201
20202
20203
20204
20205
20206
20207
20208
20209
20210
20211
20212
20220
20221
20300
20301
20302
20303
20401
22000
22001
22002
22003
22004
22005
22006
22009
22010
22011
22012
22013
22014
22015
22016
22017
22018
22020
22021
22030
22031
22032
22033
22035
22100
22101
22102
22103
22104
22105
22106
22107
22108
22109
22110
22113
22150
22151
22152
22153
22200
22201
22203
22204
22205
22206
22700
22701
22800
22802
22803
22804
22805
22806
22808
22809
22891
22892
22893
22894
22895
22900
22901
22902
22903
22904
22912
22913
22914
22915
22916
22917
22918
22921
22922
22923
22924
22949
22950
22951
22952
22953
23101
23102
23103
26001
26002
26003
26004
26005
26006
26007
26008
26009
26010
26011
26012
27001
29001
29002
29003
29010
29011
29012
29013
29014
29015
29016
29017
29021
29022
32001
32002
32003
32005
32006
32007
32008
32009
32010
32011
32014
32015
32016
32017
32018
32019
32020
32021
32022
32023
32024
32025
32026
32027
32028
32029
32030
32031
32032
32033
32034
32035
32036
32037
32038
32039
32040
32041
32042
32043
32044
32045
32046
32048
32049
32050
32051
32052
32053
32054
32055
32056
32057
32058
32095
32097
32100
32102
32103
32104
32105
32106
32107
32108
32109
32110
32111
32113
32114
32116
32117
32118
32119
32120
32122
32125
32126
32129
32130
32131
32132
32138
32140
32141
32142
32143
32144
32145
32148
32149
32151
32152
32153
32155
32156
32157
32158
32159
32160
32161
32168
32169
32170
32171
32172
32173
32174
32190
32191
32192
32193
32194
32199
32200
32201
32202
32203
32204
32205
32206
32207
32208
32209
32210
32211
32212
32213
32214
32215
32217
32218
32219
32220
32221
32222
32223
32224
32225
32226
32227
32228
32229
32230
32231
32232
32233
32234
32235
32236
32237
32238
32239
32240
32241
32242
32243
32244
32245
32246
32247
32252
32253
32254
32255
32300
32301
32302
32545
32546
32547
32548
32549
32550
32551
32552
32553
32561
32562
32564
32565
32566
32567
32568
32569
32570
32601
32602
32603
32604
32605
32606
32607
32608
32609
32610
32693
32694
32695
32696
32697
32698
32699
35001
35002
35003
35004
35005
35007
35009
35010
35011
35012
36880
36881
36882
37120
37121
37122
37123
37124
37125
37126
37127
37128
37129
37130
37131
37132
37133
37134
37135
37136
37137
37138
37139
37141
37889
37890
37891
37892
37893
37894
37895
37896
37897
37898
37899
37900
37901
37902
37903
37904
37907
37908
37909
38010
38011
38012
38031
38032
38033
38400
38401
38402
38403
38404
38405
38406
38407
38408
38409
38410
38411
38412
38420
38656
38657
38658
38659
38660
38661
38662
38663
38665
38666
38667
38668
39424
39425
39426
39936
39937
39938
39939
39940
39941
39942
39943
39944
39945
39946
39947
39948
39949
39950
39951
39952
39953
40001
40002
40003
40014
40017
40019
40021
40022
40024
40034
40035
40036
40037
40038
40039
40101
40102
40103
40114
40115
40118
40704
40705
40960
41000
41001
41002
41006
41984
41985
41986
41987
41988
41989
41990
41991
42201
42202
42203
43008
43009
43010
43011
43014
43015
43016
43017
43018
43020
43025
43026
43027
43028
43029
43030
43032
43033
43034
43037
43038
43039
43040
43041
43042
43043
43044
43045
43046
43050
43051
43264
43520
43521
43522
43524
43525
43526
43527
43528
43529
43530
43531
43532
43533
43534
43535
43542
43544
43546
43548
43550
43551
43552
43553
43554
43555
43556
43557
43558
43559
43560
43561
43562
43563
43564
43565
43566
43567
43568
43569
43570
43571
43572
43573
43574
43575
43576
43577
43578
43579
43580
43581
43582
43583
43584
43585
43586
43587
43588
43589
43590
43591
43592
43593
43594
43595
43596
43597
43598
43599
43600
43601
43602
43603
43604
43605
43606
43607
43608
43609
43610
43611
43612
43613
43614
43615
43616
43617
43618
43621
43776
43777
43800
43801
43802
43803
43804
43805
43806
43807
43808
43809
44544
44545
44546
44547
44548
44549
44550
44551
44552
44553
45057
45058
45061
45071
45081
45082
45083
45084
45100
45101
45102
45103
45104
45105
45106
45107
45108
45109
45110
45111
45112
45113
45114
45115
45116
45117
45118
45151
45152
45161
46000
46001
46002
46003
46004
46005
46006
46400
46401
46402
46403
46501
46502
46503
46504
46505
46506
46507
46508
46509
46510
46511
46512
46513
46514
46515
46600
46900
47203
47204
48000
48001
48002
48003
48004
48005
48006
48007
48009
48011
48013
48016
48017
48019
48023
48027
48029
48031
48032
48034
48035
48038
48039
48101
48102
48300
48301
51000
52000
53000
53001
53002
53003
99951
99952
99953
0000_GTP
41216
41217
41218
41219
41220
41221
41222
41223
41224
41225
41226
41227
41228
41229
41230
0000_IPS
16384
16385
16386
16399
0000_SSH
61000
61001
61002
61003
61010
61011
0000_Traffic
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
19
20
21
22
0000_VoIP
44032
44033
44034
44035
44036
44037
44038
0000_WAF
30248
30249
30250
30251
30252
30253
30255
30257
30258
30259
30260
30261
0000_Web
12288
12289
12290
12291
12292
12293
12305
12544
12545
12546
12547
12548
12549
12550
12551
12552
12553
12554
12555
12556
12557
12558
12559
12560
12561
12562
12688
12800
12801
12802
13056
13057
13312
13313
13314
13315
13316
13317
13568
13573
13584
13600
13601
13602
13603
13616
13632
13633
Change Log
Home
FortiGate / FortiOS 6.0.10
FortiOS Log Message Reference
6.0.10
7.6.0
7.4.5
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.16
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.15
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.0.18
6.0.17
6.0.16
6.0.15
6.0.14
6.0.13
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.14
5.6.13
5.6.12
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.13
5.4.12
5.4.11
5.4.9
5.4.8
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.15
5.2.14
5.2.13
5.2.12
5.2.11
5.2.10
5.2.8
5.2.7
5.2.6
5.2.5
5.2.4
5.2.3
5.2.2
5.2.1
Log Schema Structure
Log Schema Structure
This section describes the schema of the
FortiOS
log messages.
Previous
Next
Log Schema Structure
Log Schema Structure
This section describes the schema of the
FortiOS
log messages.
Previous
Next
Home
Product Pillars
Network Security
Network Security
FortiGate / FortiOS
FortiGate 5000
FortiGate 6000
FortiGate 7000
FortiProxy
NOC & SOC Management
FortiManager
FortiManager Cloud
FortiAnalyzer
FortiAnalyzer Cloud
FortiMonitor
FortiGate Cloud
Enterprise Networking
Secure SD-WAN
FortiLAN Cloud
FortiSwitch
FortiAP / FortiWiFi
FortiAP-U Series
FortiNAC-F
FortiExtender
FortiExtender Cloud
FortiAIOps
Business Communications
FortiFone
FortiVoice
FortiVoice Cloud
FortiRecorder
FortiCamera
Zero Trust Access
ZTNA
Zero Trust Network Access
FortiClient EMS
SASE
FortiSASE
Identity
FortiAuthenticator
FortiTrust Identity
FortiToken Cloud
FortiToken
Cloud Security
Hybrid Cloud Security
FortiGate Public Cloud
FortiGate Private Cloud
FortiFlex
Cloud Native Protection
FortiCNP
FortiDevSec
Web Application / API Protection
FortiWeb
FortiWeb Cloud
FortiADC
FortiGSLB
FortiGuard ABP
SAAS Security
FortiMail
FortiMail Cloud
FortiCASB
Security Operations
SOC Platform
FortiAnalyzer
FortiAnalyzer Cloud
FortiSIEM
/
FortiSIEM Cloud
FortiSOAR
FortiPhish
Advanced Threat Protection
FortiSandbox
FortiSandbox Cloud
FortiNDR
FortiNDR Cloud
FortiDeceptor
FortiInsight
FortiInsight Cloud
FortiIsolator
Endpoint Security
FortiClient
FortiClient Cloud
FortiEDR
Best Practices
Solution Hubs
Cloud
FortiCloud
Public & Private Cloud
Popular Solutions
Secure SD-WAN
Zero Trust Network Access
Secure Access
Next Generation Firewall
Security Fabric
Tele-Working
Multi-Factor Authentication
FortiASIC
Operational Technology
MSSP
4-D Resources
Secure SD-WAN
Zero Trust Network Access
Wireless
Switching
Secure Access Service Edge
Identity and Access Management
Next Generation Firewall
Hardware Guides
FortiAnalyzer
FortiAnalyzer Big-Data
FortiADC
FortiAP / FortiWiFi
FortiAP U-Series
FortiAuthenticator
FortiCache
FortiCarrier
FortiController
FortiDDoS
FortiDDoS-F
FortiDeceptor
FortiExtender
FortiGate
FortiGate-5000
FortiGate-6000
FortiGate-7000
FortiHypervisor
FortiIsolator
FortiMail
FortiManager
FortiNAC
FortiNDR
FortiProxy
FortiRecorder
FortiRPS
FortiSandbox
FortiSIEM
FortiSwitch
FortiTester
FortiToken
FortiVoice
FortiWAN
FortiWeb
FortiWLC
FortiWLM
Product A-Z
AscenLink
AV Engine
AWS Firewall Rules
Container FortiOS
FortiADC
FortiADC E Series
FortiADC Manager
FortiADC Private Cloud
FortiADC Public Cloud
FortiAIOps
FortiAnalyzer
FortiAnalyzer BigData
FortiAnalyzer BigData Private Cloud
FortiAnalyzer Cloud
FortiAnalyzer Private Cloud
FortiAnalyzer Public Cloud
FortiAP / FortiWiFi
FortiAP-U Series
FortiAuthenticator
FortiAuthenticator Private Cloud
FortiAuthenticator Public Cloud
FortiAuthProxy
FortiBalancer
FortiBranchSASE
FortiBridge
FortiCache
FortiCamera
FortiCamera Cloud
FortiCare Elite
FortiCarrier
FortiCASB
FortiCentral
FortiClient
FortiClient Cloud
FortiCloud Services
FortiCNP
FortiConnect
FortiController
FortiConverter Service
FortiConverter Tool
FortiCore
FortiCSPM
FortiCWP
FortiDAST
FortiDB
FortiDDoS
FortiDDoS-F
FortiDeceptor
FortiDeceptor DaaS
FortiDeceptor Private Cloud
FortiDeceptor Public Cloud
FortiDevSec
FortiDLP
FortiDLP Agent
FortiDLP Policies
FortiDNS
FortiEdge Cloud
FortiEDR/XDR
FortiEndpoint
FortiExplorer
FortiExplorer Go
FortiExtender
FortiFlex
FortiFone
FortiGate / FortiOS
FortiGate Cloud
FortiGate CNF
FortiGate Private Cloud
FortiGate Public Cloud
FortiGate-5000
FortiGate-6000
FortiGate-7000
FortiGate-as-a-Service
FortiGSLB
FortiGuard Advanced Bot Protection
FortiGuest
FortiHypervisor
FortiInsight
FortiInsight Cloud
FortiIPAM
FortiIsolator
FortiIsolator Public Cloud
FortiLAN Cloud
FortiMail
FortiMail Cloud
FortiManager
FortiManager Cloud
FortiManager Private Cloud
FortiManager Public Cloud
FortiMonitor
FortiNAC
FortiNAC-F
FortiNDR
FortiNDR (on-premise) Private Cloud
FortiNDR (on-premise) Public Cloud
FortiNDR Cloud
FortiNDR Cloud Sensors
FortiPAM
FortiPAM Private Cloud
FortiPAM Public Cloud
FortiPhish
FortiPlanner
FortiPolicy
FortiPortal
FortiPortal Public Cloud
FortiPresence
FortiPresence VM
FortiProxy
FortiProxy Private Cloud
FortiProxy Public Cloud
FortiRecon
FortiRecorder
FortiRPS
FortiSandbox
FortiSandbox Cloud
FortiSandbox Private Cloud
FortiSandbox Public Cloud
FortiSASE
FortiScanner
FortiSIEM
FortiSIEM Cloud
FortiSOAR
FortiSOAR Cloud
FortiSRA
FortiSwitch
FortiSwitch Manager
FortiTap
FortiTester
FortiTester Private Cloud
FortiTester Public Cloud
FortiToken
FortiToken Cloud
FortiTrust Identity
FortiVoice
FortiVoice Cloud
FortiVoice Private Cloud
FortiVoice Public Cloud
FortiWAN
FortiWAN Controller
FortiWeb
FortiWeb Cloud
FortiWeb Manager Private Cloud
FortiWeb Manager Public Cloud
FortiWeb Private Cloud
FortiWeb Public Cloud
FortiWLM
FortiZTP
IPS Engine
Lacework FortiCNAPP
Managed FortiGate Service
Overlay-as-a-Service
Security Awareness and Training
SOCaaS
Wireless Controller
Ordering Guides
Download PDF
Table of Contents
Introduction
Before you begin
Overview
What's new
Log Types and Subtypes
Type
Subtype
List of log types and subtypes
FortiOS priority levels
Log field format
Log Schema Structure
Log message fields
Log ID numbers
Log ID definitions
FortiGuard Web Filter Categories
CEF Support
FortiOSÂ to CEFÂ log field mapping guidelines
CEFÂ priority levels
Examples of CEFÂ support
Traffic log support for CEF
Event log support for CEF
Antivirus log support for CEF
Webfilter log support for CEF
IPS log support for CEF
Email Spamfilter log support for CEF
Anomaly log support for CEF
VoIP log support for CEF
DLP log support for CEF
Application log support for CEF
WAF log support for CEF
DNS log support for CEF
SSH log support for CEF
UTMÂ Extended Logging
Enabling extended logging
0200_Log_Messages
0000_Anomaly
18432
18433
18434
0000_App
28672
28673
28674
28675
28676
28677
28678
28704
28705
28706
28720
28721
0000_AV
8192
8193
8194
8195
8200
8201
8448
8449
8450
8451
8452
8453
8454
8455
8456
8457
8458
8704
8705
8706
8707
8720
8721
8960
8961
8962
8963
8964
8965
8966
8967
8968
8969
8970
8971
8972
8973
8974
8975
8976
8977
8978
8979
8980
9233
9234
9235
9236
9237
9238
9239
9240
9248
9249
0000_DLP
24576
24577
24578
24579
0000_DNS
54000
54200
54400
54401
54600
54601
54800
54801
54802
54803
0000_Email
20480
20481
20482
20483
20484
20485
20486
20487
20488
20489
20490
20491
20492
20493
20494
20495
20496
20497
20498
20499
20500
20501
20502
20503
20504
20505
20506
20507
20508
20509
0000_Event
20002
20003
20004
20005
20006
20007
20008
20010
20016
20017
20020
20021
20022
20023
20024
20025
20026
20027
20028
20031
20032
20033
20034
20035
20036
20037
20039
20040
20041
20042
20043
20044
20045
20046
20047
20048
20049
20050
20051
20052
20053
20054
20055
20056
20057
20058
20059
20060
20061
20062
20063
20064
20065
20066
20067
20068
20069
20070
20071
20072
20073
20074
20075
20077
20078
20079
20080
20081
20082
20083
20084
20085
20086
20090
20099
20100
20101
20102
20103
20104
20105
20107
20108
20109
20113
20115
20116
20117
20118
20119
20200
20201
20202
20203
20204
20205
20206
20207
20208
20209
20210
20211
20212
20220
20221
20300
20301
20302
20303
20401
22000
22001
22002
22003
22004
22005
22006
22009
22010
22011
22012
22013
22014
22015
22016
22017
22018
22020
22021
22030
22031
22032
22033
22035
22100
22101
22102
22103
22104
22105
22106
22107
22108
22109
22110
22113
22150
22151
22152
22153
22200
22201
22203
22204
22205
22206
22700
22701
22800
22802
22803
22804
22805
22806
22808
22809
22891
22892
22893
22894
22895
22900
22901
22902
22903
22904
22912
22913
22914
22915
22916
22917
22918
22921
22922
22923
22924
22949
22950
22951
22952
22953
23101
23102
23103
26001
26002
26003
26004
26005
26006
26007
26008
26009
26010
26011
26012
27001
29001
29002
29003
29010
29011
29012
29013
29014
29015
29016
29017
29021
29022
32001
32002
32003
32005
32006
32007
32008
32009
32010
32011
32014
32015
32016
32017
32018
32019
32020
32021
32022
32023
32024
32025
32026
32027
32028
32029
32030
32031
32032
32033
32034
32035
32036
32037
32038
32039
32040
32041
32042
32043
32044
32045
32046
32048
32049
32050
32051
32052
32053
32054
32055
32056
32057
32058
32095
32097
32100
32102
32103
32104
32105
32106
32107
32108
32109
32110
32111
32113
32114
32116
32117
32118
32119
32120
32122
32125
32126
32129
32130
32131
32132
32138
32140
32141
32142
32143
32144
32145
32148
32149
32151
32152
32153
32155
32156
32157
32158
32159
32160
32161
32168
32169
32170
32171
32172
32173
32174
32190
32191
32192
32193
32194
32199
32200
32201
32202
32203
32204
32205
32206
32207
32208
32209
32210
32211
32212
32213
32214
32215
32217
32218
32219
32220
32221
32222
32223
32224
32225
32226
32227
32228
32229
32230
32231
32232
32233
32234
32235
32236
32237
32238
32239
32240
32241
32242
32243
32244
32245
32246
32247
32252
32253
32254
32255
32300
32301
32302
32545
32546
32547
32548
32549
32550
32551
32552
32553
32561
32562
32564
32565
32566
32567
32568
32569
32570
32601
32602
32603
32604
32605
32606
32607
32608
32609
32610
32693
32694
32695
32696
32697
32698
32699
35001
35002
35003
35004
35005
35007
35009
35010
35011
35012
36880
36881
36882
37120
37121
37122
37123
37124
37125
37126
37127
37128
37129
37130
37131
37132
37133
37134
37135
37136
37137
37138
37139
37141
37889
37890
37891
37892
37893
37894
37895
37896
37897
37898
37899
37900
37901
37902
37903
37904
37907
37908
37909
38010
38011
38012
38031
38032
38033
38400
38401
38402
38403
38404
38405
38406
38407
38408
38409
38410
38411
38412
38420
38656
38657
38658
38659
38660
38661
38662
38663
38665
38666
38667
38668
39424
39425
39426
39936
39937
39938
39939
39940
39941
39942
39943
39944
39945
39946
39947
39948
39949
39950
39951
39952
39953
40001
40002
40003
40014
40017
40019
40021
40022
40024
40034
40035
40036
40037
40038
40039
40101
40102
40103
40114
40115
40118
40704
40705
40960
41000
41001
41002
41006
41984
41985
41986
41987
41988
41989
41990
41991
42201
42202
42203
43008
43009
43010
43011
43014
43015
43016
43017
43018
43020
43025
43026
43027
43028
43029
43030
43032
43033
43034
43037
43038
43039
43040
43041
43042
43043
43044
43045
43046
43050
43051
43264
43520
43521
43522
43524
43525
43526
43527
43528
43529
43530
43531
43532
43533
43534
43535
43542
43544
43546
43548
43550
43551
43552
43553
43554
43555
43556
43557
43558
43559
43560
43561
43562
43563
43564
43565
43566
43567
43568
43569
43570
43571
43572
43573
43574
43575
43576
43577
43578
43579
43580
43581
43582
43583
43584
43585
43586
43587
43588
43589
43590
43591
43592
43593
43594
43595
43596
43597
43598
43599
43600
43601
43602
43603
43604
43605
43606
43607
43608
43609
43610
43611
43612
43613
43614
43615
43616
43617
43618
43621
43776
43777
43800
43801
43802
43803
43804
43805
43806
43807
43808
43809
44544
44545
44546
44547
44548
44549
44550
44551
44552
44553
45057
45058
45061
45071
45081
45082
45083
45084
45100
45101
45102
45103
45104
45105
45106
45107
45108
45109
45110
45111
45112
45113
45114
45115
45116
45117
45118
45151
45152
45161
46000
46001
46002
46003
46004
46005
46006
46400
46401
46402
46403
46501
46502
46503
46504
46505
46506
46507
46508
46509
46510
46511
46512
46513
46514
46515
46600
46900
47203
47204
48000
48001
48002
48003
48004
48005
48006
48007
48009
48011
48013
48016
48017
48019
48023
48027
48029
48031
48032
48034
48035
48038
48039
48101
48102
48300
48301
51000
52000
53000
53001
53002
53003
99951
99952
99953
0000_GTP
41216
41217
41218
41219
41220
41221
41222
41223
41224
41225
41226
41227
41228
41229
41230
0000_IPS
16384
16385
16386
16399
0000_SSH
61000
61001
61002
61003
61010
61011
0000_Traffic
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
19
20
21
22
0000_VoIP
44032
44033
44034
44035
44036
44037
44038
0000_WAF
30248
30249
30250
30251
30252
30253
30255
30257
30258
30259
30260
30261
0000_Web
12288
12289
12290
12291
12292
12293
12305
12544
12545
12546
12547
12548
12549
12550
12551
12552
12553
12554
12555
12556
12557
12558
12559
12560
12561
12562
12688
12800
12801
12802
13056
13057
13312
13313
13314
13315
13316
13317
13568
13573
13584
13600
13601
13602
13603
13616
13632
13633
Change Log
