Fortinet FortiGate
FortiGate logs for traffic, threat, VPN and system: App-ID, IPS, web filter, antivirus detections and HA state changes.
EnginsightGlobal Fields (4)
| Field | Type |
|---|---|
ngs.id Unique identifier for the log entry. | string |
ngs.createdAt Timestamp when the event was created locally. | pdate |
ngs.indexedAt Timestamp when the log was indexed into the SIEM. | pdate |
ngs.source Origin or source system of the log. | string |
Reference-Specific Fields (741)
| Field | Type |
|---|---|
fortinet.stage | pint |
fortinet.mode | string |
fortinet.community | string |
fortinet.fctemssn | string |
fortinet.fctemsname | string |
fortinet.httpcode | pint |
fortinet.method | string |
fortinet.vcluster_state | string |
fortinet.vcluster | string |
fortinet.ha_role | string |
fortinet.vcluster_member | string |
fortinet.cfgpath | string |
fortinet.cfgtid | string |
fortinet.cfgobj | string |
fortinet.cfgattr | string |
fortinet.sync_status | string |
fortinet.sync_type | string |
fortinet.state | string |
fortinet.wscode | plong |
fortinet.seq | string |
fortinet.spi | string |
fortinet.error_num | text_general |
fortinet.devintfname | string |
fortinet.ha_group | string |
fortinet.activity | text_general |
fortinet.ha_prio | plong |
fortinet.count | plong |
fortinet.connection_type | string |
fortinet.license_limit | string |
fortinet.used_for_type | string |
fortinet.name | string |
fortinet.new_value | string |
fortinet.old_value | string |
fortinet.cert_type | string |
fortinet.scope | string |
fortinet.uuid | string |
fortinet.auditreporttype | string |
fortinet.criticalcount | plong |
fortinet.lowcount | plong |
fortinet.mediumcount | plong |
fortinet.auditid | string |
fortinet.passedcount | plong |
fortinet.highcount | plong |
fortinet.auditscore | pfloat |
fortinet.trigger | text_general |
fortinet.stitch | text_general |
fortinet.stitchaction | text_general |
fortinet.action | string |
fortinet.app | text_general |
fortinet.appcat | string |
fortinet.appid | string |
fortinet.applist | text_general |
fortinet.apprisk | string |
fortinet.apps | string |
fortinet.authserver | text_general |
fortinet.bid | string |
fortinet.countapp | plong |
fortinet.countssl | plong |
fortinet.craction | plong |
fortinet.crlevel | string |
fortinet.crscore | plong |
fortinet.devid | string |
fortinet.devname | string |
fortinet.devtype | string |
fortinet.dstcity | string |
fortinet.dstcountry | string |
fortinet.dstdevtype | string |
fortinet.dstepid | string |
fortinet.dsteuid | string |
fortinet.dstfamily | string |
fortinet.dsthwvendor | string |
fortinet.dsthwversion | string |
fortinet.dstinetsvc | string |
fortinet.dstintf | string |
fortinet.dstintfrole | string |
fortinet.dstip | text_general |
fortinet.dstmac | text_general |
fortinet.dstosname | text_general |
fortinet.dstowner | text_general |
fortinet.dstport | pint |
fortinet.dstregion | string |
fortinet.dstreputation | plong |
fortinet.dstserver | string |
fortinet.dstswversion | string |
fortinet.dstunauthuser | string |
fortinet.dstunauthusersource | string |
fortinet.duration | plong |
fortinet.dvid | string |
fortinet.epid | string |
fortinet.euid | string |
fortinet.hostname | text_general |
fortinet.id | string |
fortinet.identifier | string |
fortinet.lanin | plong |
fortinet.lanout | plong |
fortinet.level | string |
fortinet.logflag | string |
fortinet.logid | string |
fortinet.logver | string |
fortinet.masterdstmac | text_general |
fortinet.mastersrcmac | text_general |
fortinet.msg | string |
fortinet.osname | text_general |
fortinet.pdstport | pint |
fortinet.policyid | string |
fortinet.policyname | string |
fortinet.policytype | string |
fortinet.poluuid | string |
fortinet.proto | string |
fortinet.psrcport | pint |
fortinet.rcvdbyte | plong |
fortinet.rcvddelta | plong |
fortinet.rcvdpkt | plong |
fortinet.saasinfo | string |
fortinet.sentbyte | plong |
fortinet.sentdelta | plong |
fortinet.sentpkt | plong |
fortinet.service | string |
fortinet.sessionid | string |
fortinet.srccountry | string |
fortinet.srcfamily | string |
fortinet.srchwvendor | string |
fortinet.srchwversion | string |
fortinet.srcintf | string |
fortinet.srcintfrole | string |
fortinet.srcip | text_general |
fortinet.srcmac | text_general |
fortinet.srcname | text_general |
fortinet.srcport | pint |
fortinet.srcserver | text_general |
fortinet.srcswversion | string |
fortinet.subtype | string |
fortinet.trandisp | string |
fortinet.transip | text_general |
fortinet.transport | plong |
fortinet.type | string |
fortinet.unauthuser | text_general |
fortinet.unauthusersource | text_general |
fortinet.user | text_general |
fortinet.utmaction | string |
fortinet.utmref | string |
fortinet.vd | string |
fortinet.wanin | plong |
fortinet.wanout | plong |
fortinet.srcuuid | string |
fortinet.dstuuid | string |
fortinet.countweb | plong |
fortinet.profile | string |
fortinet.url | text_general |
fortinet.session_id | plong |
fortinet.result | string |
fortinet.fctuid | string |
fortinet.voip_proto | string |
fortinet.disk | string |
fortinet.status | string |
fortinet.totalsession | plong |
fortinet.authproto | text_general |
fortinet.exch | string |
fortinet.src_int | string |
fortinet.interface | string |
fortinet.proxyapptype | string |
fortinet.intf | string |
fortinet.setuprate | plong |
fortinet.out_spi | string |
fortinet.incidentserialno | plong |
fortinet.ip | text_general |
fortinet.logsrc | string |
fortinet.dst_host | text_general |
fortinet.used | plong |
fortinet.authid | string |
fortinet.call_id | text_general |
fortinet.epoch | plong |
fortinet.advpnsc | plong |
fortinet.cat | plong |
fortinet.tlsver | string |
fortinet.dst_port | pint |
fortinet.xauthuser | text_general |
fortinet.sslaction | string |
fortinet.vpntunnel | text_general |
fortinet.nextstat | plong |
fortinet.to | text_general |
fortinet.cpu | plong |
fortinet.espauth | string |
fortinet.reason | text_general |
fortinet.in_spi | string |
fortinet.version | string |
fortinet.vpntype | string |
fortinet.event_id | plong |
fortinet.src_port | pint |
fortinet.from | text_general |
fortinet.mem | plong |
fortinet.agent | text_general |
fortinet.remport | pint |
fortinet.policy_id | plong |
fortinet.filename | text_general |
fortinet.assignip | text_general |
fortinet.contentencoding | string |
fortinet.rawdata | text_general |
fortinet.addr | text_general |
fortinet.tranport | pint |
fortinet.sn | string |
fortinet.total | plong |
fortinet.useralt | text_general |
fortinet.outintf | string |
fortinet.cloudaction | string |
fortinet.tranip | text_general |
fortinet.reqtype | string |
fortinet.esptransform | string |
fortinet.xauthgroup | string |
fortinet.locport | pint |
fortinet.catdesc | text_general |
fortinet.referralurl | text_general |
fortinet.logdesc | text_general |
fortinet.disklograte | plong |
fortinet.cookies | string |
fortinet.init | string |
fortinet.sni | text_general |
fortinet.desc | text_general |
fortinet.ratemethod | string |
fortinet.server | text_general |
fortinet.role | string |
fortinet.sysuptime | plong |
fortinet.group | text_general |
fortinet.tunnelid | plong |
fortinet.tunneltype | string |
fortinet.tunnelip | text_general |
fortinet.fazlograte | plong |
fortinet.peer_notif | text_general |
fortinet.kxproto | string |
fortinet.cipher | string |
fortinet.httpmethod | string |
fortinet.kind | string |
fortinet.field | string |
fortinet.scertcname | text_general |
fortinet.bandwidth | plong [] |
fortinet.scertissuer | text_general |
fortinet.ui | text_general |
fortinet.locip | text_general |
fortinet.eventtype | string |
fortinet.dir | string |
fortinet.phase2_name | text_general |
fortinet.direction | string |
fortinet.dstuser | text_general |
fortinet.dst_int | text_general |
fortinet.freediskstorage | plong |
fortinet.remip | text_general |
fortinet.clouduser | text_general |
fortinet.eventsubtype | text_general |
fortinet.messageId | string |
fortinet.subCategory | text_general |
fortinet.category | text_general |
fortinet.clouddevice.Vendor | text_general |
fortinet.clouddevice.Version | string |
fortinet.clouddevice.Product | text_general |
fortinet.waninfo | string [] |
fortinet.useractivity | string |
fortinet.clientdevicetags | string |
fortinet.mac | string |
fortinet.headerteid | pint |
fortinet.client_addr | string |
fortinet.shaperperipdropbyte | pint |
fortinet.vendor | string |
fortinet.c_sgsn_teid | pint |
fortinet.live | pint |
fortinet.port | pint |
fortinet.u_sgsn | string |
fortinet.dtype | string |
fortinet.clientcert | string |
fortinet.log | string |
fortinet.reqlength | plong |
fortinet.dstssid | string |
fortinet.vendorurl | string |
fortinet.botnetdomain | string |
fortinet.encrypt | boolean |
fortinet.act | string |
fortinet.vulnresult | string |
fortinet.countvpatch | pint |
fortinet.limit | pint |
fortinet.u_sgsn_teid | pint |
fortinet.filehashsrc | string |
fortinet.chassisid | pint |
fortinet.iptype | string |
fortinet.rcvdpktdelta | pint |
fortinet.from_vcluster | pint |
fortinet.resptime | plong |
fortinet.networktransfertime | string |
fortinet.model | string |
fortinet.ulimnc | pint |
fortinet.c_gsn | string |
fortinet.sentpktdelta | pint |
fortinet.matchfilename | string |
fortinet.switchtrunk | string |
fortinet.domainctrlname | string |
fortinet.policymode | string |
fortinet.sscname | string |
fortinet.groupid | pint |
fortinet.channeltype | string |
fortinet.parameters | string |
fortinet.snetwork | string |
fortinet.msg_type | pint |
fortinet.statuscode | string |
fortinet.videoid | string |
fortinet.stamac | string |
fortinet.countff | pint |
fortinet.inbandwidthavailable | string |
fortinet.pathname | string |
fortinet.icbverdict | string |
fortinet.saasname | string |
fortinet.appact | string |
fortinet.infectedfilelevel | pint |
fortinet.login | string |
fortinet.accessctrl | string |
fortinet.banned_src | string |
fortinet.translationid | pint |
fortinet.srcdomain | string |
fortinet.portbegin | pint |
fortinet.snprev | string |
fortinet.addr_type | string |
fortinet.channel | pint |
fortinet.portend | pint |
fortinet.icmpid | string |
fortinet.daemon | string |
fortinet.bibandwidthavailable | string |
fortinet.passwd | string |
fortinet.aptype | pint |
fortinet.domainctrlauthstate | pint |
fortinet.vwlname | string |
fortinet.invalidmac | string |
fortinet.ap | string |
fortinet.extinvalid | pint |
fortinet.to_vcluster | pint |
fortinet.newslot | pint |
fortinet.vapmode | string |
fortinet.newchannel | pint |
fortinet.countsctpf | pint |
fortinet.subject | text_general |
fortinet.file | string |
fortinet.numpassmember | pint |
fortinet.serverresponsetime | string |
fortinet.quotaexceeded | string |
fortinet.clientdevicemanageable | string |
fortinet.saddr | string |
fortinet.source_mac | string |
fortinet.docsource | string |
fortinet.shaperperipname | string |
fortinet.snmeshparent | string |
fortinet.healthcheck | string |
fortinet.fams_pause | pint |
fortinet.pid | pint |
fortinet.issuer | string |
fortinet.attackcontextid | string |
fortinet.domainctrlusername | string |
fortinet.srcthreatfeed | string |
fortinet.imsi | string |
fortinet.sndetected | string |
fortinet.hostkeystatus | string |
fortinet.domainctrlprotocoltype | pint |
fortinet.domainctrldomain | string |
fortinet.virusid | string |
fortinet.dstauthserver | string |
fortinet.ccertissuer | string |
fortinet.hseid | string |
fortinet.srcssid | string |
fortinet.manuf | string |
fortinet.rai | string |
fortinet.gatewayid | pint |
fortinet.mtu | pint |
fortinet.srcregion | string |
fortinet.dlpextra | string |
fortinet.assigned | string |
fortinet.duid | string |
fortinet.transid | pint |
fortinet.fsaverdict | string |
fortinet.requesttype | string |
fortinet.acktime | pdate |
fortinet.eventtime | pdate |
fortinet.rcode | pint |
fortinet.dtlexp | string |
fortinet.packetloss | string |
fortinet.c_bytes | plong |
fortinet.notbefore | pdate |
fortinet.attackid | pint |
fortinet.failuredev | string |
fortinet.switchl2count | pint |
fortinet.local | string |
fortinet.jitter | string |
fortinet.mitm | string |
fortinet.radioband | string |
fortinet.analyticssubmit | string |
fortinet.speedtestserver | string |
fortinet.u_ggsn | string |
fortinet.replysrcintf | string |
fortinet.ref | string |
fortinet.icbfiletype | string |
fortinet.oldchannel | pint |
fortinet.opercountry | string |
fortinet.user_data | string |
fortinet.fqdn | string |
fortinet.initiator | string |
fortinet.age | pint |
fortinet.cldobjid | string |
fortinet.remotetunnelid | pint |
fortinet.virus | string |
fortinet.oldvalue | string |
fortinet.to6 | string |
fortinet.error | text_general |
fortinet.shaperrcvdname | string |
fortinet.rate | pint |
fortinet.upgradedevice | string |
fortinet.newchassisid | pint |
fortinet.infection | string |
fortinet.uli | string |
fortinet.notafter | pdate |
fortinet.stacount | pint |
fortinet.srcremote | string |
fortinet.ufseid | string |
fortinet.acct_stat | string |
fortinet.certhash | string |
fortinet.handshake | string |
fortinet.u_pkts | plong |
fortinet.operdrmamode | string |
fortinet.ticket | string |
fortinet.cggsn6 | string |
fortinet.adgroup | string |
fortinet.onwire | string |
fortinet.emstag2 | string |
fortinet.usgsn6 | string |
fortinet.versionmax | string |
fortinet.netid | string |
fortinet.videodesc | string |
fortinet.recipient | string |
fortinet.violations | string |
fortinet.countssh | pint |
fortinet.upteid | pint |
fortinet.viruscat | string |
fortinet.informationsource | string |
fortinet.shaperdropsentbyte | pint |
fortinet.attackcontext | string |
fortinet.centralnatid | pint |
fortinet.dintf | string |
fortinet.endusraddress6 | string |
fortinet.domainfilterlist | string |
fortinet.new_status | string |
fortinet.fortiguardresp | string |
fortinet.clientdeviceid | string |
fortinet.trueclntip | string |
fortinet.comment | text_general |
fortinet.detectionmethod | string |
fortinet.mgmtcnt | pint |
fortinet.green | string |
fortinet.urltype | string |
fortinet.ski | string |
fortinet.rat_type | string |
fortinet.ufseidaddr | string |
fortinet.checksum | string |
fortinet.sensitivity | string |
fortinet.datarange | string |
fortinet.u_bytes | plong |
fortinet.cpdlisraddr6 | string |
fortinet.forwardedfor | string |
fortinet.banned_rule | string |
fortinet.switchmirrorsession | string |
fortinet.ds | string |
fortinet.localdevcount | pint |
fortinet.vwlid | pint |
fortinet.outbandwidthused | string |
fortinet.san | string |
fortinet.icbconfidence | string |
fortinet.replydstintf | string |
fortinet.vulnid | pint |
fortinet.monitor_type | string |
fortinet.radioid | pint |
fortinet.msgtypename | string |
fortinet.bssid | string |
fortinet.csgsn6 | string |
fortinet.banword | string |
fortinet.filehash | string |
fortinet.videocategoryname | string |
fortinet.switchphysicalport | string |
fortinet.infectedfiletype | string |
fortinet.signal | pint |
fortinet.cpulteid | pint |
fortinet.downbandwidthmeasured | string |
fortinet.tunnel_idx | pint |
fortinet.vdname | string |
fortinet.switchproto | string |
fortinet.shapingpolicyid | pint |
fortinet.serialno | string |
fortinet.audittime | plong |
fortinet.dstname | string |
fortinet.slctdrmamode | string |
fortinet.countwaf | pint |
fortinet.slamap | string |
fortinet.weakwepiv | string |
fortinet.cfgtxpower | pint |
fortinet.attack | string |
fortinet.u_gsn | string |
fortinet.infectedfilename | string |
fortinet.remote | string |
fortinet.emstag | string |
fortinet.module | string |
fortinet.uggsn6 | string |
fortinet.daddr | string |
fortinet.clientdeviceems | string |
fortinet.chgheaders | string |
fortinet.frametype | string |
fortinet.kxcurve | string |
fortinet.mpsk | string |
fortinet.remotewtptime | pdate |
fortinet.oldslot | pint |
fortinet.crl | string |
fortinet.qtype | string |
fortinet.snr | pint |
fortinet.serviceid | pint |
fortinet.vulncnt | pint |
fortinet.urlfilterlist | string |
fortinet.accessproxy | string |
fortinet.ruleid | pint |
fortinet.seqnum | pint |
fortinet.newvalue | string |
fortinet.sender | string |
fortinet.eventid | pint |
fortinet.operation | string |
fortinet.meshmode | string |
fortinet.filetype | string |
fortinet.switchl2capacity | pint |
fortinet.timeoutdelete | pint |
fortinet.fwserver_name | string |
fortinet.cpdlisraddr | string |
fortinet.saasapp | string |
fortinet.nai | string |
fortinet.slatargetid | pint |
fortinet.vwlquality | string |
fortinet.mosvalue | string |
fortinet.processtime | pint |
fortinet.c_ggsn_teid | pint |
fortinet.shaperdroprcvdbyte | pint |
fortinet.antiphishrule | string |
fortinet.hash | string |
fortinet.configcountry | string |
fortinet.profiletype | string |
fortinet.certdesc | string |
fortinet.switchaclid | pint |
fortinet.message_type | string |
fortinet.linked_nsapi | pint |
fortinet.srcmacvendor | string |
fortinet.srcinetsvc | string |
fortinet.cpdlisrteid | pint |
fortinet.videocategoryid | pint |
fortinet.eapolcnt | pint |
fortinet.selection | string |
fortinet.ddnsserver | string |
fortinet.peer | string |
fortinet.webmailprovider | string |
fortinet.addrgrp | string |
fortinet.cdrcontent | string |
fortinet.videoinfosource | string |
fortinet.qtypeval | pint |
fortinet.apstatus | pint |
fortinet.deny_cause | string |
fortinet.dhcp_msg | text_general |
fortinet.command | string |
fortinet.u_ggsn_teid | pint |
fortinet.attachment | string |
fortinet.servername | string |
fortinet.videochannelid | string |
fortinet.monitor_name | string |
fortinet.phone | string |
fortinet.product | string |
fortinet.trace_id | string |
fortinet.switchid | string |
fortinet.countav | pint |
fortinet.botnetip | string |
fortinet.oldwprof | string |
fortinet.cn | string |
fortinet.alarmid | pint |
fortinet.malform_desc | string |
fortinet.srcreputation | pint |
fortinet.expiry | pdate |
fortinet.icbfileid | string |
fortinet.probeproto | string |
fortinet.vulnname | string |
fortinet.vwlservice | string |
fortinet.c_ggsn | string |
fortinet.shapersentname | string |
fortinet.cpdladdr | string |
fortinet.clientdeviceowner | string |
fortinet.vap | string |
fortinet.radioidclosest | pint |
fortinet.emsconnection | string |
fortinet.c_pkts | plong |
fortinet.vrf | pint |
fortinet.from6 | string |
fortinet.domainctrlauthtype | pint |
fortinet.ietype | pint |
fortinet.line | string |
fortinet.domainfilteridx | pint |
fortinet.countdns | pint |
fortinet.scantime | plong |
fortinet.icbaction | string |
fortinet.respfinishtime | plong |
fortinet.cpaddr6 | string |
fortinet.cfseid | string |
fortinet.tamac | string |
fortinet.red | string |
fortinet.security | string |
fortinet.oldchassisid | pint |
fortinet.serveraddr | string |
fortinet.host | string |
fortinet.neighbor | string |
fortinet.videotitle | string |
fortinet.vlan | pint |
fortinet.ulimcc | pint |
fortinet.keyword | string |
fortinet.switchtrunkinterface | string |
fortinet.cveid | string |
fortinet.oldsn | string |
fortinet.filtercat | string |
fortinet.srccity | string |
fortinet.malform_data | pint |
fortinet.reqtime | plong |
fortinet.bibandwidthused | string |
fortinet.vulncat | string |
fortinet.filesize | plong |
fortinet.carrier_ep | string |
fortinet.countcasb | pint |
fortinet.resplength | plong |
fortinet.matchfiletype | string |
fortinet.keysize | pint |
fortinet.urlfilteridx | pint |
fortinet.infectedfilesize | plong |
fortinet.exchange | string |
fortinet.admin | string |
fortinet.countemail | pint |
fortinet.rssi | pint |
fortinet.gateway | string |
fortinet.authalgo | string |
fortinet.cpuladdr | string |
fortinet.outbandwidthavailable | string |
fortinet.member | string |
fortinet.app_type | string |
fortinet.switchautoip | string |
fortinet.constraint | string |
fortinet.cpdlteid | pint |
fortinet.vip | string |
fortinet.exttotal | pint |
fortinet.quotatype | string |
fortinet.iaid | pint |
fortinet.rsso_key | string |
fortinet.conserve | string |
fortinet.itype | string |
fortinet.submodule | string |
fortinet.cgsn6 | string |
fortinet.activitycategory | string |
fortinet.quotamax | plong |
fortinet.domainctrlip | string |
fortinet.threattype | string |
fortinet.wanoptapptype | string |
fortinet.versionmin | string |
fortinet.c_sgsn | string |
fortinet.icmpcode | string |
fortinet.protocol | string |
fortinet.rawdataid | string |
fortinet.analyticscksum | string |
fortinet.qname | string |
fortinet.vwpvlanid | pint |
fortinet.subservice | string |
fortinet.keyalgo | string |
fortinet.ugsn6 | string |
fortinet.quotaused | plong |
fortinet.eapoltype | string |
fortinet.noise | pint |
fortinet.authgrp | string |
fortinet.filtertype | string |
fortinet.request_name | string |
fortinet.qclass | string |
fortinet.extension | string |
fortinet.icmptype | string |
fortinet.cfseidaddr | string |
fortinet.opertxpower | pint |
fortinet.filefilter | string |
fortinet.switchinterface | string |
fortinet.ftlkintf | string |
fortinet.cc | string |
fortinet.durationdelta | pint |
fortinet.poolname | string |
fortinet.cpteid | pint |
fortinet.nsapi | pint |
fortinet.scheme | string |
fortinet.column | pint |
fortinet.countips | pint |
fortinet.apsn | string |
fortinet.slot | pint |
fortinet.lease | pint |
fortinet.reporttype | string |
fortinet.radioiddetected | pint |
fortinet.cpaddr | string |
fortinet.imei_sv | string |
fortinet.shapingpolicyname | string |
fortinet.apscan | string |
fortinet.xid | pint |
fortinet.ssid | string |
fortinet.cpdladdr6 | string |
fortinet.ipaddr | string |
fortinet.quarskip | string |
fortinet.antiphishdc | string |
fortinet.dstthreatfeed | string |
fortinet.switchsysteminterface | string |
fortinet.apn | string |
fortinet.countdlp | pint |
fortinet.core | pint |
fortinet.cert | string |
fortinet.end_usr_address | string |
fortinet.upbandwidthmeasured | string |
fortinet.clashtunnelidx | pint |
fortinet.rulename | string |
fortinet.snclosest | string |
fortinet.process | string |
fortinet.contentdisarmed | string |
fortinet.fwdsrv | string |
fortinet.path | string |
fortinet.countcifs | pint |
fortinet.cpuladdr6 | string |
fortinet.resptype | string |
fortinet.severity | string |
fortinet.icbseverity | string |
fortinet.msisdn | string |
fortinet.old_status | string |
fortinet.encryption | string |
fortinet.size | string |
fortinet.moscodec | string |
fortinet.latency | string |
fortinet.contenttype | string |
fortinet.inbandwidthused | string |
fortinet.serial | pint |
fortinet.urlsource | string |
fortinet.realserverid | pint |
fortinet.sharename | string |
fortinet.counticap | pint |
fortinet.nat | string |
fortinet.apperror | string |
Sample Log Event
Below is a representative JSON log entry showing key fields as they’re emitted by the system. Depending on the context of the event, some fields may be omitted if they’re not applicable.