Skip to main content
Skip table of contents

Syslog Fortinet FortiGate - V 2.0 : Traffic : Forward

Vendor Documentation

Sample logs by log type | Administration Guide

Classification

Rule Name

Rule Type

Common Event

Classification

V 2.0: Traffic: Forward

Base Rule

Network Traffic

Network Traffic

V 2.0: 20_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: LOG_ID_TRAFFIC_START_FORWARD

Sub Rule

Network Session Created

Network Traffic

V 2.0: LOG_ID_TRAFFIC_ALLOW

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: LOG_ID_TRAFFIC_DENY

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: LOG_ID_TRAFFIC_OTHER_START

Sub Rule

Network Session Created

Network Traffic

V 2.0: LOG_ID_TRAFFIC_OTHER_ICMP_ALLOW

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: LOG_ID_TRAFFIC_OTHER_ICMP_DENY

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: LOG_ID_TRAFFIC_WANOPT

Sub Rule

WAN Optimization Traffic

Network Traffic

V 2.0: LOG_ID_TRAFFIC_WEBCACHE

Sub Rule

Web Cache Traffic

Network Traffic

V 2.0: LOG_ID_TRAFFIC_EXPLICIT_PROXY

Sub Rule

Traffic Allowed by Proxy

Network Allow

V 2.0: LOG_ID_TRAFFIC_STAT

Sub Rule

General Traffic Log

Network Traffic

V 2.0: LOG_ID_TRAFFIC_UTM_CORRELATION

Sub Rule

General Traffic Log

Network Traffic

V 2.0: 5_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 4_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: LOG_ID_TRAFFIC_OTHER_INVALID

Sub Rule

Invalid Operation

Warning

V 2.0: LOG_ID_TRAFFIC_FAIL_CONN

Sub Rule

Connection Failed

Network Traffic

V 2.0: 4_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 4_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 4_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 20_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 20_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 20_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 20_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 20_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 20_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 20_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 15_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 15_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 15_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 15_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 15_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 15_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 15_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 15_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 2_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 2_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 2_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 2_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 2_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 2_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 2_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 2_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 3_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 3_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 3_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 3_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 3_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 3_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 3_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 3_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 4_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 4_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 4_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 4_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 5_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 5_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 5_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 5_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 5_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 5_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 5_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 6_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 6_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 6_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 6_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 6_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 6_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 6_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 6_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 8_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 8_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 8_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 8_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 8_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 8_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 8_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 8_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 9_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 9_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 9_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 9_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 9_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 9_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 9_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 9_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 10_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 10_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 10_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 10_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 10_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 10_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 10_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 10_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 11_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 11_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 11_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 11_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 11_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 11_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 11_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 11_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 7_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 7_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 7_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 7_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 7_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 7_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 7_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 7_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 22_Traffic Session Denied

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 22_Traffic Session Timeout

Sub Rule

Session Timeout

Warning

V 2.0: 22_Forward Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 22_Traffic Session Started

Sub Rule

Network Session Created

Network Traffic

V 2.0: 22_Local Traffic Session Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

V 2.0: 22_Traffic Blocked

Sub Rule

Traffic Denied by Network Firewall

Network Deny

V 2.0: 22_Traffic Reset

Sub Rule

Connection Reset

Network Traffic

V 2.0: 22_Traffic Allowed

Sub Rule

Traffic Allowed by Network Firewall

Network Allow

Mapping with LogRhythm Schema

Device Key in Log Message

LogRhythm Schema

Data Type

Schema Description

date

N/A

N/A

The date of the event.

time

N/A

N/A

The time of the event.

logid

<vmid>

Number

The log ID.

type

<vendorinfo>

Text/String

The type of event.

subtype

N/A

N/A

The subtype of the event.

level

<severity>

Text/String

The level of the event.

vd

<sessiontype>

Text/String

The virtual domain.

eventtime

N/A

N/A

The event time in epoch format.

srcip

<sip>

IP Address

The source IP address.

srcport

<sport>

Number

The source port.

srcintf

<sinterface>

Text/String

The source interface.

srcintfrole

N/A

N/A

The role of the source interface.

dstip

<dip>

IP Address

The destination IP address.

dstport

<dport>

Number

The destination port.

dstintf

<dinterface>

Text/String

The destination interface.

dstintfrole

N/A

N/A

The role of the destination interface.

srcuuid

N/A

N/A

The source UUID.

dstuuid

N/A

N/A

The destination UUID.

poluuid

N/A

N/A

The policy UUID.

sessionid

<session>

Number

The session ID.

proto

<protnum>

Number

The protocol.

action

<action>
<tag1>

Text/String

The action taken by the firewall.

policyid

<policy>

Number

The policy ID.

policytype

N/A

N/A

The type of policy.

service

<parentprocessname>

Text/String

The service.

dstcountry

N/A

N/A

The destination country.

srccountry

N/A

N/A

The source country.

trandisp

N/A

N/A

The traffic disposition.

transip

<snatip>

IP Address

The translated IP address.

transport

<snatport>

Number

The transport.

appid

<object>

Number

The application ID.

app

<objectname>

Text/String

The application.

appcat

<objecttype>

Text/String

The application category.

apprisk

<threatname>

Text/String

The application risk.

applist

N/A

N/A

The application list.

duration

<seconds>

Number

The duration of the event.

sentbyte

<bytesout>

Number

The number of sent bytes.

rcvdbyte

<bytesin>

Number

The number of received bytes.

sentpkt

<packetsout>

Number

The number of sent packets.

rcvdpkt

<packetsin>

Number

The number of received packets.

utmaction

<status>
<tag2>

Text/String

The UTM action.

countapp

<quantity>

Number

The number of applications.

osname

N/A

N/A

The operating system name.

mastersrcmac

N/A

N/A

The master source MAC address.

srcmac

<smac>

Text/String

The source MAC address.

srcserver

N/A

N/A

The source server.

utmref

N/A

N/A

The UTM reference.

user

<login>

<domainorigin>

Text/String

User name

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close