config log threat-weight
Configure threat weight settings.
config log threat-weight
Description: Configure threat weight settings.
set status [enable|disable]
config level
Description: Score mapping for threat weight levels.
set low {integer}
set medium {integer}
set high {integer}
set critical {integer}
end
set blocked-connection [disable|low|...]
set failed-connection [disable|low|...]
set url-block-detected [disable|low|...]
set botnet-connection-detected [disable|low|...]
config malware
Description: Anti-virus malware threat weight settings.
set virus-infected [disable|low|...]
set fortindr [disable|low|...]
set file-blocked [disable|low|...]
set command-blocked [disable|low|...]
set oversized [disable|low|...]
set virus-scan-error [disable|low|...]
set switch-proto [disable|low|...]
set mimefragmented [disable|low|...]
set virus-file-type-executable [disable|low|...]
set virus-outbreak-prevention [disable|low|...]
set content-disarm [disable|low|...]
set malware-list [disable|low|...]
set ems-threat-feed [disable|low|...]
set fsa-malicious [disable|low|...]
set fsa-high-risk [disable|low|...]
set fsa-medium-risk [disable|low|...]
end
config ips
Description: IPS threat weight settings.
set info-severity [disable|low|...]
set low-severity [disable|low|...]
set medium-severity [disable|low|...]
set high-severity [disable|low|...]
set critical-severity [disable|low|...]
end
config web
Description: Web filtering threat weight settings.
edit <id>
set category {integer}
set level [disable|low|...]
next
end
config geolocation
Description: Geolocation-based threat weight settings.
edit <id>
set country {string}
set level [disable|low|...]
next
end
config application
Description: Application-control threat weight settings.
edit <id>
set category {integer}
set level [disable|low|...]
next
end
end
config log threat-weight
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
status |
Enable/disable the threat weight feature. |
option |
- |
enable |
||||||||||||
|
|
|||||||||||||||
blocked-connection |
Threat weight score for blocked connections. |
option |
- |
high |
||||||||||||
|
|
|||||||||||||||
failed-connection |
Threat weight score for failed connections. |
option |
- |
low |
||||||||||||
|
|
|||||||||||||||
url-block-detected |
Threat weight score for URL blocking. |
option |
- |
high |
||||||||||||
|
|
|||||||||||||||
botnet-connection-detected |
Threat weight score for detected botnet connections. |
option |
- |
critical |
||||||||||||
|
|
config level
Parameter |
Description |
Type |
Size |
Default |
---|---|---|---|---|
low |
Low level score value . |
integer |
Minimum value: 1 Maximum value: 100 |
5 |
medium |
Medium level score value . |
integer |
Minimum value: 1 Maximum value: 100 |
10 |
high |
High level score value . |
integer |
Minimum value: 1 Maximum value: 100 |
30 |
critical |
Critical level score value . |
integer |
Minimum value: 1 Maximum value: 100 |
50 |
config malware
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
virus-infected |
Threat weight score for virus (infected) detected. |
option |
- |
critical |
||||||||||||
|
|
|||||||||||||||
fortindr |
Threat weight score for FortiNDR-detected virus. |
option |
- |
critical |
||||||||||||
|
|
|||||||||||||||
file-blocked |
Threat weight score for blocked file detected. |
option |
- |
low |
||||||||||||
|
|
|||||||||||||||
command-blocked |
Threat weight score for blocked command detected. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
oversized |
Threat weight score for oversized file detected. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
virus-scan-error |
Threat weight score for virus (scan error) detected. |
option |
- |
high |
||||||||||||
|
|
|||||||||||||||
switch-proto |
Threat weight score for switch proto detected. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
mimefragmented |
Threat weight score for mimefragmented detected. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
virus-file-type-executable |
Threat weight score for virus (file type executable) detected. |
option |
- |
medium |
||||||||||||
|
|
|||||||||||||||
virus-outbreak-prevention |
Threat weight score for virus (outbreak prevention) event. |
option |
- |
critical |
||||||||||||
|
|
|||||||||||||||
content-disarm |
Threat weight score for virus (content disarm) detected. |
option |
- |
medium |
||||||||||||
|
|
|||||||||||||||
malware-list |
Threat weight score for virus (malware list) detected. |
option |
- |
medium |
||||||||||||
|
|
|||||||||||||||
ems-threat-feed |
Threat weight score for virus (EMS threat feed) detected. |
option |
- |
medium |
||||||||||||
|
|
|||||||||||||||
fsa-malicious |
Threat weight score for FortiSandbox malicious malware detected. |
option |
- |
critical |
||||||||||||
|
|
|||||||||||||||
fsa-high-risk |
Threat weight score for FortiSandbox high risk malware detected. |
option |
- |
high |
||||||||||||
|
|
|||||||||||||||
fsa-medium-risk |
Threat weight score for FortiSandbox medium risk malware detected. |
option |
- |
medium |
||||||||||||
|
|
config ips
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
info-severity |
Threat weight score for IPS info severity events. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
low-severity |
Threat weight score for IPS low severity events. |
option |
- |
low |
||||||||||||
|
|
|||||||||||||||
medium-severity |
Threat weight score for IPS medium severity events. |
option |
- |
medium |
||||||||||||
|
|
|||||||||||||||
high-severity |
Threat weight score for IPS high severity events. |
option |
- |
high |
||||||||||||
|
|
|||||||||||||||
critical-severity |
Threat weight score for IPS critical severity events. |
option |
- |
critical |
||||||||||||
|
|
config web
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
category |
Threat weight score for web category filtering matches. |
integer |
Minimum value: 0 Maximum value: 255 |
0 |
||||||||||||
level |
Threat weight score for web category filtering matches. |
option |
- |
low |
||||||||||||
|
|
config geolocation
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
country |
Country code. |
string |
Not Specified |
|
||||||||||||
level |
Threat weight score for Geolocation-based events. |
option |
- |
low |
||||||||||||
|
|
config application
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
category |
Application category. |
integer |
Minimum value: 0 Maximum value: 65535 |
0 |
||||||||||||
level |
Threat weight score for Application events. |
option |
- |
low |
||||||||||||
|
|