Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

FortiAnalyzer log types and subtypes

The following table identifies all of the subtypes for the following log types that are specific to FortiAnalyzer:

  • Event log type
  • Application log type

For the event log type, some subtypes that are identified for FortiManager are also used by FortiAnalyzer, such as the System Manager (system) subtype. See also FortiManager log types and subtypes.

Type

Description

Subtype

Subtype Category Number

Event

 

 

 

 

 

 

 

 

 

Records system and administrative events, such as downloading a backup copy of the configuration, or daemon activities.

 

 

 

 

 

 

 

 

 

FortiAnalyzer (faz)

24

FortiAnalyzer system (fazsys)

28

Logging device (logdev)

29

Logging status/monitoring (logging)

30

Log files (logfile)

31

Reports (report)

32

Event management (eventmgmt)

33

Logging database (logdb)

34

Cache for data query (hcache)

35

Disk/quota space (diskquota)

36

FortiView (fortiview)

37

Email Discovery (ediscovery)

38

FortiAnalyzer High Availability (fazha)

39

Application

Records event logs for each ADOM for applications, such as Playbooks.

Playbook

0

 

 

Incident

2

FortiAnalyzer log types and subtypes

The following table identifies all of the subtypes for the following log types that are specific to FortiAnalyzer:

  • Event log type
  • Application log type

For the event log type, some subtypes that are identified for FortiManager are also used by FortiAnalyzer, such as the System Manager (system) subtype. See also FortiManager log types and subtypes.

Type

Description

Subtype

Subtype Category Number

Event

 

 

 

 

 

 

 

 

 

Records system and administrative events, such as downloading a backup copy of the configuration, or daemon activities.

 

 

 

 

 

 

 

 

 

FortiAnalyzer (faz)

24

FortiAnalyzer system (fazsys)

28

Logging device (logdev)

29

Logging status/monitoring (logging)

30

Log files (logfile)

31

Reports (report)

32

Event management (eventmgmt)

33

Logging database (logdb)

34

Cache for data query (hcache)

35

Disk/quota space (diskquota)

36

FortiView (fortiview)

37

Email Discovery (ediscovery)

38

FortiAnalyzer High Availability (fazha)

39

Application

Records event logs for each ADOM for applications, such as Playbooks.

Playbook

0

 

 

Incident

2