Syslog Fortinet FortiGate - V 2.0 : Traffic : System
Vendor Documentation
Classification
Rule Name | Rule Type | Common Event | Classification |
|---|---|---|---|
V 2.0 : Traffic : System | Base Rule | System Events | Network Traffic |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
|---|---|---|---|
timestamp | N/A | N/A | N/A |
devname | N/A | N/A | N/A |
devid | N/A | N/A | N/A |
vd | <sessiontype> | Text/String | N/A |
itime | N/A | N/A | N/A |
fctsn | N/A | N/A | N/A |
date | N/A | N/A | N/A |
time | N/A | N/A | N/A |
logver | <version> | Number | N/A |
id | N/A | N/A | N/A |
type | <vendorinfo> | Text/String | N/A |
subtype | N/A | N/A | N/A |
eventtype | N/A | N/A | N/A |
level | <severity> | Text/String | N/A |
uid | N/A | N/A | N/A |
hostname | <sname> | Text/String | N/A |
pcdomain | <domainorigin> | Text/String | N/A |
deviceip | N/A | N/A | N/A |
devicemac | <smac> | Text/String | N/A |
site | N/A | N/A | N/A |
fctver | N/A | N/A | N/A |
fgtserial | N/A | N/A | N/A |
emsserial | N/A | N/A | N/A |
usingpolicy | <policy> | Text/String | N/A |
os | <objecttype> | Text/String | N/A |
user | <login> | Text/String | N/A |
msg | <subject> | Text/String | N/A |
sessionid | <session> | Number | N/A |
srcname | <process> | Text/String | N/A |
srcproduct | N/A | N/A | N/A |
srcip | <sip> | IP Address | N/A |
srcport | <sport> | Number | N/A |
direction | N/A | N/A | N/A |
dstip | <dip> | IP Address | N/A |
remotename | <dname> | Text/String | N/A |
dstport | <dport> | Number | N/A |
proto | <protnum> | Number | N/A |
rcvdbyte | <bytesin> | Number | N/A |
sentbyte | <bytesout> | Number | N/A |
utmaction | <action> | Text/String | N/A |
utmevent | N/A | N/A | N/A |
threat | <threatname> | Text/String | N/A |
service | <protname> | Text/String | N/A |
userinitiated | N/A | N/A | N/A |
browsetime | N/A | N/A | N/A |
url | <url> | Text/String | N/A |
tz | N/A | N/A | N/A |