Fortinet white logo
Fortinet white logo

FortiOS Log Message Reference

8219 - MESGID_MIME_FILE_HASH_EMS_NOTIF

8219 - MESGID_MIME_FILE_HASH_EMS_NOTIF

Message ID: 8219

Message Description: MESGID_MIME_FILE_HASH_EMS_NOTIF

Message Meaning: MIME data reported infected by EMS threat feed (notice)

Type: Virus

Category: ems-threat-feed

Severity: Notice

Log Field Name

Description

Data Type

Length

action

string

18

agent

string

64

analyticscksum

string

64

analyticssubmit

string

10

attachment

string

3

authserver

string

64

cc

string

512

cdrcontent

string

256

checksum

string

16

contentdisarmed

string

13

craction

uint32

10

crlevel

string

10

crscore

uint32

10

date

string

10

devid

string

16

direction

string

8

dstauthserver

string

64

dstcountry

string

64

dstintf

string

32

dstintfrole

string

10

dstip

ip

39

dstport

uint16

5

dstuser

string

256

dstuuid

string

37

dtype

string

32

eventtime

uint64

20

eventtype

string

32

fctuid

string

32

filehash

string

64

filehashsrc

string

32

filename

string

256

filetype

string

16

fndraction

string

7

fndrconfidence

string

6

fndrfileid

uint64

20

fndrfiletype

string

10

fndrseverity

string

8

forwardedfor

string

128

from

string

128

group

string

64

level

string

11

logid

string

10

msg

string

4096

pathname

string

256

pdstport

uint16

5

policyid

uint32

10

policymode

string

8

policytype

string

24

poluuid

string

37

profile

string

64

proto

uint8

3

psrcport

uint16

5

quarskip

string

46

rawdata

string

1024

recipient

string

512

ref

string

512

sender

string

128

service

string

5

sessionid

uint32

10

sharename

string

256

srccountry

string

64

srcdomain

string

255

srcintf

string

32

srcintfrole

string

10

srcip

ip

39

srcport

uint16

5

srcuuid

string

37

subject

string

256

subservice

string

16

subtype

string

20

time

string

8

to

string

512

trueclntip

ip

39

type

string

16

tz

string

5

unauthuser

string

66

unauthusersource

string

66

url

string

512

user

string

256

vd

string

32

virus

string

128

viruscat

string

32

virusid

uint32

10

vrf

uint8

3

8219 - MESGID_MIME_FILE_HASH_EMS_NOTIF

8219 - MESGID_MIME_FILE_HASH_EMS_NOTIF

Message ID: 8219

Message Description: MESGID_MIME_FILE_HASH_EMS_NOTIF

Message Meaning: MIME data reported infected by EMS threat feed (notice)

Type: Virus

Category: ems-threat-feed

Severity: Notice

Log Field Name

Description

Data Type

Length

action

string

18

agent

string

64

analyticscksum

string

64

analyticssubmit

string

10

attachment

string

3

authserver

string

64

cc

string

512

cdrcontent

string

256

checksum

string

16

contentdisarmed

string

13

craction

uint32

10

crlevel

string

10

crscore

uint32

10

date

string

10

devid

string

16

direction

string

8

dstauthserver

string

64

dstcountry

string

64

dstintf

string

32

dstintfrole

string

10

dstip

ip

39

dstport

uint16

5

dstuser

string

256

dstuuid

string

37

dtype

string

32

eventtime

uint64

20

eventtype

string

32

fctuid

string

32

filehash

string

64

filehashsrc

string

32

filename

string

256

filetype

string

16

fndraction

string

7

fndrconfidence

string

6

fndrfileid

uint64

20

fndrfiletype

string

10

fndrseverity

string

8

forwardedfor

string

128

from

string

128

group

string

64

level

string

11

logid

string

10

msg

string

4096

pathname

string

256

pdstport

uint16

5

policyid

uint32

10

policymode

string

8

policytype

string

24

poluuid

string

37

profile

string

64

proto

uint8

3

psrcport

uint16

5

quarskip

string

46

rawdata

string

1024

recipient

string

512

ref

string

512

sender

string

128

service

string

5

sessionid

uint32

10

sharename

string

256

srccountry

string

64

srcdomain

string

255

srcintf

string

32

srcintfrole

string

10

srcip

ip

39

srcport

uint16

5

srcuuid

string

37

subject

string

256

subservice

string

16

subtype

string

20

time

string

8

to

string

512

trueclntip

ip

39

type

string

16

tz

string

5

unauthuser

string

66

unauthusersource

string

66

url

string

512

user

string

256

vd

string

32

virus

string

128

viruscat

string

32

virusid

uint32

10

vrf

uint8

3