Fortinet black logo

FortiAnalyzer log message example

FortiAnalyzer log message example

2018-02-12 19:09:01 log_id=0024033033 type=event subtype=faz pri=information desc="Rolling disk log file" user="system" userfrom="system" msg="Rolled log file tlog.1518490628.log of device FG1K2D3I14800143 [FG1K2D3I14800143] vdom root." action="roll"

Log message breakdown

Log Field

Description

Date: 2018-02-12

The year, month, and day when the event occurred in the format: YY-MM-DD

Time: 19:09:01

The hour, minute, and second of when the event occurred.

Log ID: 0024033033

A ten-digit number that identifies the log type. The first two digits represent the log type, and the following two digits represent the log subtype. The last six digits represent the message ID number.

Type: event

The section of the system where the event occurred.

Subtype: faz

The subtype of each log message.

Pri: information

The severity level or priority of the event. There are several severity or priority levels. See Priority levels.

Desc: Rolling disk log file

Describes the activity or event that the FortiAnalyzer unit recorded.

User: system

The name of the user creating the traffic.

Userfrom: system

Where the user initiated the activity or event, if applicable.

Msg: Rolled log file tlog.1518490628.log of device FG1K2D3I14800143 [FG1K2D3I14800143] vdom root

Explains the activity or event that the FortiAnalyzer unit recorded.

Action: Roll

Records the action taken, if applicable.

FortiAnalyzer log message example

2018-02-12 19:09:01 log_id=0024033033 type=event subtype=faz pri=information desc="Rolling disk log file" user="system" userfrom="system" msg="Rolled log file tlog.1518490628.log of device FG1K2D3I14800143 [FG1K2D3I14800143] vdom root." action="roll"

Log message breakdown

Log Field

Description

Date: 2018-02-12

The year, month, and day when the event occurred in the format: YY-MM-DD

Time: 19:09:01

The hour, minute, and second of when the event occurred.

Log ID: 0024033033

A ten-digit number that identifies the log type. The first two digits represent the log type, and the following two digits represent the log subtype. The last six digits represent the message ID number.

Type: event

The section of the system where the event occurred.

Subtype: faz

The subtype of each log message.

Pri: information

The severity level or priority of the event. There are several severity or priority levels. See Priority levels.

Desc: Rolling disk log file

Describes the activity or event that the FortiAnalyzer unit recorded.

User: system

The name of the user creating the traffic.

Userfrom: system

Where the user initiated the activity or event, if applicable.

Msg: Rolled log file tlog.1518490628.log of device FG1K2D3I14800143 [FG1K2D3I14800143] vdom root

Explains the activity or event that the FortiAnalyzer unit recorded.

Action: Roll

Records the action taken, if applicable.