Syslog - Fortinet FortiDDoS
Device Details
Vendor | Fortinet |
|---|---|
Device Type | Network Security |
Supported Model Name/Number | N/A |
Supported Software Version(s) | N/A |
Collection Method | Syslog |
Configurable Log Output? | N/A |
Log Source Type | Syslog – Fortinet FortiDDoS |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information | Configuration guide: https://help.fortinet.com/fddos/4-3-0/FortiDDoS/Configuring_remote_log_server_settings_for_event_l.htm Description of fields: https://help.fortinet.com/fddos/4-7-0/fortiddos/Appendix_B-Remote-Syslog-Reference.htm |
Currently Supported Log Types
| Type | Product Version | Supported Schema Fields |
|---|---|---|
FortiDDoS Message | N/A | <threatname>, <vmid>, <subject>, <sip>, <dip>, <dport>, <amount>, <severity> |
Catch-all | N/A | <severity> |
Parsed Metadata Fields
| Product Field Name | LogRhythm Metadata Field | Value/Data Type |
|---|---|---|
Description | <subject> | Text/String |
Dip | <dip> | Ip address |
Dport | <dport> | Numeric |
Dropcount | <amount> | Numeric |
Level | <severity> | Text/String |
Sip | <sip> | IP address |
Spp | <vmid> | Numeric |
Type | <threatname> | Text/String |