![]() ![]() This field displays zero if the firewall policy does not use an identity-based policy otherwise, it dis- plays the number of the identity-based policy entry that the traffic matched. The identity-based policy identification number. Po li cy i d = ( 1 ) The ID number of the firewall policy that applies to the session or packet.Īny policy that is automatically added by the FortiGate will have an index number of zero. If no vir- tual domains exist, this field always contains root. V d = ( r oo t ) The name of the virtual domain where the action/event occurred in. L eve l = ( no t i ce ) The priority level of the event. S ub t y p e = ( d l p ) The subtype category of the log message. T y p e = ( d l p ) The section of system where the event occurred. This ten-digit number helps to identify the log message. The number represents that log message and is unique to that log message. L og _ i d = ( 2457752353 ) A five or ten-digit unique identification number. T i m e = ( 12 : 55 : 06 ) The hour, minute and second of when the event occurred in the format hh:mm:ss. It is the lowest log priority level and usually contains some firmware status information that is useful when the FortiGate unit is not functioning properly.ĭ a t e = ( 2010 – 08 – 03 ) The year, month and day of when the event occurred in yyyy-mm-dd format. The Debug priority level, not shown above, is rarely used. For example, if you select Error, the unit will log only Error, Critical, Alert, and Emergency level messages.Ġ – Emergency The system has become unstable.ģ – Error An error condition exists and functionality could be affected.Ĥ – Warning Functionality could be affected.ĥ – Notification Information about normal events.Ħ – Information General information about system operations. The FortiGate unit will log all messages at and above the priority level you select. The log severity level is defined by you when configuring the logging location. The log severity level is the level at and above which the FortiGate unit records logs. For example, if the field contains ‘alert’, you need to take immediate action with regards to what occurred. The priority level indicates the immediacy and the possible repercussions of the logged action. The log header also contains information about the log priority level which is indicated in the level field. There are no two log message bodies that are alike, however, there may be fields common to most log bodies, such as the srcintf or identidix log fields. The log body is the second group, and contains all the other information about the activity. The log header contains general information, such as the unique log identification and date and time that indicates when the activity was recorded. ![]() These log fields are organized in such a way that they form two groups: the first group, made up of the log fields that come first, is called the log header. Each log message has a unique number that helps identify it, as well as containing fields these fields, often called log fields, organize the information so that it can be easily extracted for reports. Now, let's create a custom appender that keeps logs in memory.Log messages are recorded by the FortiGate unit, giving you detailed information about the network activity. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |