Syslog Fortinet FortiGate - V 2.0 : Traffic : HTTPS

Vendor Documentation

Rule Name	Rule Type	Common Event	Classification
V 2.0: Traffic: HTTPS	Base Rule	HTTPS Request	Network Traffic

Device Key in Log Message	LogRhythm Schema	Data Type	Schema Description
logver	<version>	Number	N/A
timestamp	N/A	N/A	N/A
devname	N/A	N/A	N/A
devid	N/A	N/A	N/A
vd	<sessiontype>	Text/String	N/A
itime	N/A	N/A	N/A
logver	N/A	N/A	N/A
date	N/A	N/A	N/A
time	N/A	N/A	N/A
log_id	<vmid>	Number	N/A
msg_id	N/A	N/A	N/A
devname	N/A	N/A	N/A
device_id	N/A	N/A	N/A
timezone	N/A	N/A	N/A
timezone_dayst	N/A	N/A	N/A
type	<vendorinfo>	Text/String	N/A
subtype	N/A	N/A	N/A
pri	<severity>	Text/String	N/A
proto	<protname>	Text/String	N/A
service	<parentprocessname>	Text/String	N/A
status	<status>	Text/String	N/A
reason	<reason>	Text/String	N/A
policy	<policy>	Text/String	N/A
original_src	N/A	N/A	N/A
src	<sip>	IP Address	N/A
src_port	<sport>	Number	N/A
dst	<dip>	IP Address	N/A
dst_port	<dport>	Number	N/A
http_request_time	N/A	N/A	N/A
http_response_time	N/A	N/A	N/A
http_request_bytes	<bytesout>	Number	N/A
http_response_bytes	<bytesin>	Number	N/A
http_method	<objecttype>	Text/String	N/A
http_url	<url>	Text/String	N/A
http_agent	<useragent>	Text/String	N/A
http_retcode	<responsecode>	Number	N/A
msg	<subject>	Text/String	N/A
original_srccountry	N/A	N/A	N/A
srccountry	N/A	N/A	N/A
content_switch_name	N/A	N/A	N/A
server_pool_name	<group>	Text/String	N/A
http_host	<sname>	Text/String	N/A
user_name	<login>	Text/String	N/A
http_refer	N/A	N/A	N/A
http_version	N/A	N/A	N/A
dev_id	N/A	N/A	N/A
cipher_suite	N/A	N/A	N/A
x509_cert_subject	N/A	N/A	N/A
tz	N/A	N/A	N/A