Fortinet Document Library

Version:

Version:


Table of Contents

Download PDF
Copy Link

Raw logs

Raw logs can be downloaded and saved to the management computer using the Download Log button. The raw logs will be saved as a text file with the extension .log.gz. The user can search the system log for more information.

Sample raw logs file content

itime=1535413204 date=2018-08-27 time=16:40:04 logid=0106000001 type=event subtype=system pri=debug user=system ui=system action= status=success msg="SNMP TRAP sent out: Service=SSH AttackerIp=10.95.5.83 AttackerPort=57190 VictimIp=10.95.5.21 VictimPort=22 Operation=Established SSH connection Description=10.95.5.83 Username=NA Password=NA"

itime=1535413204 date=2018-08-27 time=16:40:04 logid=0106000001 type=event subtype=system pri=debug user=system ui=system action= status=success msg="SNMP TRAP sent out: Service=SSH AttackerIp=10.95.5.83 AttackerPort=57190 VictimIp=10.95.5.21 VictimPort=22 Operation=SSH connection closed Description=83ssh Username=83ssh Password=83ssh"

itime=1535413204 date=2018-08-27 time=16:40:04 logid=0106000001 type=event subtype=system pri=debug user=system ui=system action= status=success msg="SNMP TRAP sent out: Service=SSH AttackerIp=10.95.5.83 AttackerPort=57190 VictimIp=10.95.5.21 VictimPort=22 Operation=Authentication Failure Description=83ssh Username=83ssh Password=83ssh"

itime=1535413204 date=2018-08-27 time=16:40:04 logid=0106000001 type=event subtype=system pri=debug user=system ui=system action= status=success msg="SNMP TRAP sent out: Service=SAMBA AttackerIp=10.95.5.83 AttackerPort=NA VictimIp=10.95.5.21 VictimPort=445 Operation=Change to dir Description=/home/share/samba Username=83samba Password=83samba"

itime=1535413204 date=2018-08-27 time=16:40:04 logid=0106000001 type=event subtype=system pri=debug user=system ui=system action= status=success msg="SNMP TRAP sent out: Service=SAMBA AttackerIp=10.95.5.83 AttackerPort=NA VictimIp=10.95.5.21 VictimPort=445 Operation=Access path Description=samba Username=83samba Password=83samba"

itime=1535413204 date=2018-08-27 time=16:40:04 logid=0106000001 type=event subtype=system pri=debug user=system ui=system action= status=success msg="SNMP TRAP sent out: Service=SAMBA AttackerIp=10.95.5.83 AttackerPort=NA VictimIp=10.95.5.21 VictimPort=445 Operation=Disconnect net share Description=samba Username=83samba Password=83samba"

itime=1535413201 date=2018-08-27 time=16:40:01 logid=0106000001 type=event subtype=system pri=alert user=system ui=GUI action=update status=success msg="Service=SSH AttackerIp=10.95.5.83 AttackerPort=57190 VictimIp=10.95.5.21 VictimPort=22 Operation=SSH connection closed Description=83ssh Username=83ssh Password=83ssh"

itime=1535413201 date=2018-08-27 time=16:40:01 logid=0106000001 type=event subtype=system pri=alert user=system ui=GUI action=update status=success msg="Service=SSH AttackerIp=10.95.5.83 AttackerPort=57190 VictimIp=10.95.5.21 VictimPort=22 Operation=Authentication Failure Description=83ssh Username=83ssh Password=83ssh"

itime=1535413198 date=2018-08-27 time=16:39:58 logid=0106000001 type=event subtype=system pri=alert user=system ui=GUI action=update status=success msg="Service=SSH AttackerIp=10.95.5.83 AttackerPort=57190 VictimIp=10.95.5.21 VictimPort=22 Operation=Established SSH connection Description=10.95.5.83 Username=NA Password=NA"

itime=1535413198 date=2018-08-27 time=16:39:58 logid=0106000001 type=event subtype=system pri=alert user=system ui=GUI action=update status=success msg="Service=SAMBA AttackerIp=10.95.5.83 AttackerPort=NA VictimIp=10.95.5.21 VictimPort=445 Operation=Disconnect net share Description=samba Username=83samba Password=83samba"

itime=1535413197 date=2018-08-27 time=16:39:57 logid=0106000001 type=event subtype=system pri=alert user=system ui=GUI action=update status=success msg="Service=SAMBA AttackerIp=10.95.5.83 AttackerPort=NA VictimIp=10.95.5.21 VictimPort=445 Operation=Change to dir Description=/home/share/samba Username=83samba Password=83samba"

itime=1535413197 date=2018-08-27 time=16:39:57 logid=0106000001 type=event subtype=system pri=alert user=system ui=GUI action=update status=success msg="Service=SAMBA AttackerIp=10.95.5.83 AttackerPort=NA VictimIp=10.95.5.21 VictimPort=445 Operation=Access path Description=samba Username=83samba Password=83samba"

Raw logs

Raw logs can be downloaded and saved to the management computer using the Download Log button. The raw logs will be saved as a text file with the extension .log.gz. The user can search the system log for more information.

Sample raw logs file content

itime=1535413204 date=2018-08-27 time=16:40:04 logid=0106000001 type=event subtype=system pri=debug user=system ui=system action= status=success msg="SNMP TRAP sent out: Service=SSH AttackerIp=10.95.5.83 AttackerPort=57190 VictimIp=10.95.5.21 VictimPort=22 Operation=Established SSH connection Description=10.95.5.83 Username=NA Password=NA"

itime=1535413204 date=2018-08-27 time=16:40:04 logid=0106000001 type=event subtype=system pri=debug user=system ui=system action= status=success msg="SNMP TRAP sent out: Service=SSH AttackerIp=10.95.5.83 AttackerPort=57190 VictimIp=10.95.5.21 VictimPort=22 Operation=SSH connection closed Description=83ssh Username=83ssh Password=83ssh"

itime=1535413204 date=2018-08-27 time=16:40:04 logid=0106000001 type=event subtype=system pri=debug user=system ui=system action= status=success msg="SNMP TRAP sent out: Service=SSH AttackerIp=10.95.5.83 AttackerPort=57190 VictimIp=10.95.5.21 VictimPort=22 Operation=Authentication Failure Description=83ssh Username=83ssh Password=83ssh"

itime=1535413204 date=2018-08-27 time=16:40:04 logid=0106000001 type=event subtype=system pri=debug user=system ui=system action= status=success msg="SNMP TRAP sent out: Service=SAMBA AttackerIp=10.95.5.83 AttackerPort=NA VictimIp=10.95.5.21 VictimPort=445 Operation=Change to dir Description=/home/share/samba Username=83samba Password=83samba"

itime=1535413204 date=2018-08-27 time=16:40:04 logid=0106000001 type=event subtype=system pri=debug user=system ui=system action= status=success msg="SNMP TRAP sent out: Service=SAMBA AttackerIp=10.95.5.83 AttackerPort=NA VictimIp=10.95.5.21 VictimPort=445 Operation=Access path Description=samba Username=83samba Password=83samba"

itime=1535413204 date=2018-08-27 time=16:40:04 logid=0106000001 type=event subtype=system pri=debug user=system ui=system action= status=success msg="SNMP TRAP sent out: Service=SAMBA AttackerIp=10.95.5.83 AttackerPort=NA VictimIp=10.95.5.21 VictimPort=445 Operation=Disconnect net share Description=samba Username=83samba Password=83samba"

itime=1535413201 date=2018-08-27 time=16:40:01 logid=0106000001 type=event subtype=system pri=alert user=system ui=GUI action=update status=success msg="Service=SSH AttackerIp=10.95.5.83 AttackerPort=57190 VictimIp=10.95.5.21 VictimPort=22 Operation=SSH connection closed Description=83ssh Username=83ssh Password=83ssh"

itime=1535413201 date=2018-08-27 time=16:40:01 logid=0106000001 type=event subtype=system pri=alert user=system ui=GUI action=update status=success msg="Service=SSH AttackerIp=10.95.5.83 AttackerPort=57190 VictimIp=10.95.5.21 VictimPort=22 Operation=Authentication Failure Description=83ssh Username=83ssh Password=83ssh"

itime=1535413198 date=2018-08-27 time=16:39:58 logid=0106000001 type=event subtype=system pri=alert user=system ui=GUI action=update status=success msg="Service=SSH AttackerIp=10.95.5.83 AttackerPort=57190 VictimIp=10.95.5.21 VictimPort=22 Operation=Established SSH connection Description=10.95.5.83 Username=NA Password=NA"

itime=1535413198 date=2018-08-27 time=16:39:58 logid=0106000001 type=event subtype=system pri=alert user=system ui=GUI action=update status=success msg="Service=SAMBA AttackerIp=10.95.5.83 AttackerPort=NA VictimIp=10.95.5.21 VictimPort=445 Operation=Disconnect net share Description=samba Username=83samba Password=83samba"

itime=1535413197 date=2018-08-27 time=16:39:57 logid=0106000001 type=event subtype=system pri=alert user=system ui=GUI action=update status=success msg="Service=SAMBA AttackerIp=10.95.5.83 AttackerPort=NA VictimIp=10.95.5.21 VictimPort=445 Operation=Change to dir Description=/home/share/samba Username=83samba Password=83samba"

itime=1535413197 date=2018-08-27 time=16:39:57 logid=0106000001 type=event subtype=system pri=alert user=system ui=GUI action=update status=success msg="Service=SAMBA AttackerIp=10.95.5.83 AttackerPort=NA VictimIp=10.95.5.21 VictimPort=445 Operation=Access path Description=samba Username=83samba Password=83samba"