Fortinet FortiNAC: Fortinet FortiNAC Events
Vendor Documentation
Classification
Rule Name | Rule Type | Common Event | Classification |
---|---|---|---|
Admin User Timed Out | Sub Rule | User Disconnected Due To Time Out | Information |
Database Backup Success | Sub Rule | Backup Succeeded | Information |
Directory Synchronization Success | Sub Rule | Synchronization Finished | Information |
Directory User Disabled | Sub Rule | Account Disabled | Access Revoked |
Disable Host Success | Sub Rule | Host Disabled | Other Audit |
Entitlement Polling Success | Sub Rule | Successful Activity | Other Audit Success |
Fortinet FortiNAC Events | Base Rule | General Information Log Message | Information |
L2 Poll Failed | Sub Rule | General Failed Activity | Failed Activity |
MDM Host Compliance Failed | Sub Rule | Compliance Failure | Error |
MDM Poll Success | Sub Rule | Successful Activity | Other Audit Success |
SSH Session Failure | Sub Rule | Authentication Failure Activity | Authentication Failure |
Synchronize Users With Directory Success | Sub Rule | Synchronization Finished | Information |
Telnet Server Timeout | Sub Rule | Server Timed Out | Information |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhthm Schema | Data Type | Schema Description |
---|---|---|---|
Entity ID | N/A | N/A | Entity ID |
Entity IP address | <dip> | IP Address | Entity IP address |
Entity Name | <dname> | Text/String | Entity Name |
Entity physical address | <dmac> | Text/String | Entity physical address |
Event Name | <vendorinfo> | Text/String | Name of the event that generated the syslog message. |
Header | N/A | N/A | Syslog category: This is the defined facility and the severity |
ID | <object> | Number | Database ID, AlarmID or ElementID |
Log Message | <subject> | Text/String | Log Message |
Log Time | N/A | N/A | Log time. |
Log Type | <vmid> | Number | Log type: |
Severity | <severity> | Number | Severity: |
Syslog Time | N/A | N/A | Time of the syslog generation. |
user ID | <account> | Text/String | Unique Identifier (user ID) |