Syslog Fortinet FortiGate - V 2.0 : Event : Security Rating
Vendor Documentation
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
V 2.0 : Event : Security Rating | Base Rule | General Firewall Event | Information |
V 2.0 : Log_Id_Event_Security_Audit_Fabric_Summary | Sub Rule | General Audit | Other Audit Success |
V 2.0 : Log_Id_Event_Security_Audit_Fabric_Change | Sub Rule | General Audit | Other Audit Success |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
|---|---|---|---|
date | N/A | N/A | The date of the log event. |
time | N/A | N/A | The time of the log event. |
logid | <vmid> | Number | A unique identifier for the log event. |
type | <vendorinfo> | Text/String | The type of log event. In this case, it is an event. |
subtype | N/A | N/A | The subtype of the log event. In this case, it is a security-rating event. |
level | <severity> | Text/String | The severity level of the log event. In this case, it is a notice. |
vd | <sessiontype> | Text/String | The vdom in which the log event occurred. |
eventtime | N/A | N/A | The time at which the log event occurred. |
logdesc | <subject> | Text/String | The description of the log event. |
auditid | N/A | N/A | The audit ID of the security rating. |
audittime | N/A | N/A | The time at which the security rating was generated. |
auditscore | <result> | Text/String/Number | The security rating score. |
criticalcount | N/A | N/A | The number of critical security issues. |
highcount | N/A | N/A | The number of high security issues. |
mediumcount | N/A | N/A | The number of medium security issues. |
lowcount | N/A | N/A | The number of low security issues. |
passedcount | N/A | N/A | The number of security issues that passed. |