Message ID: 54000
Message Description: LOG_ID_DNS_QUERY
Message Meaning: DNS query message
Type: DNS
Category: dns-query
Severity: Information
|
Log Field Name |
Description |
Data Type |
Length |
|---|---|---|---|
|
xid |
Transaction ID |
uint16 |
5 |
|
vd |
Virtual Domain Name |
string |
32 |
|
user |
User name |
string |
256 |
|
unauthusersource |
Unauthenticated User Source |
string |
66 |
|
unauthuser |
Unauthenticated User |
string |
66 |
|
tz |
Time zone |
string |
5 |
|
type |
Log Type |
string |
16 |
|
time |
Time |
string |
8 |
|
subtype |
Log Subtype |
string |
20 |
|
srcport |
Source Port |
uint16 |
5 |
|
srcmac |
MAC address associated with the Source IP |
string |
17 |
|
srcip |
Source IP |
ip |
39 |
|
srcintfrole |
Source Interface Role |
string |
10 |
|
srcintf |
Source Interface |
string |
32 |
|
srcdomain |
|
string |
255 |
|
srccountry |
|
string |
64 |
|
sessionid |
Session ID |
uint32 |
10 |
|
qtypeval |
Query Type Value |
uint16 |
5 |
|
qtype |
Query type description |
string |
32 |
|
qname |
Query domain name |
string |
256 |
|
qclass |
Query class |
string |
32 |
|
proto |
Protocol number |
uint8 |
3 |
|
profile |
Profile name for DNS filter |
string |
64 |
|
poluuid |
|
string |
37 |
|
policytype |
|
string |
24 |
|
policyid |
Policy ID |
uint32 |
10 |
|
logid |
Log ID |
string |
10 |
|
level |
Log Level |
string |
11 |
|
group |
User group name |
string |
64 |
|
fctuid |
FortiClient ID |
string |
32 |
|
eventtype |
DNS Type (DNS query/DNS response) |
string |
32 |
|
eventtime |
Event Timestamp |
uint64 |
20 |
|
dstuser |
|
string |
256 |
|
dstport |
Destination Port |
uint16 |
5 |
|
dstip |
Destination IP |
ip |
39 |
|
dstintfrole |
Destination Interface Role |
string |
10 |
|
dstintf |
Destination Interface |
string |
32 |
|
dstcountry |
|
string |
64 |
|
devid |
Device ID |
string |
16 |
|
date |
Date |
string |
10 |