config log threat-weight
Configure threat weight settings.
config log threat-weight Description: Configure threat weight settings. set status [enable|disable] config level Description: Score mapping for threat weight levels. set low {integer} set medium {integer} set high {integer} set critical {integer} end set blocked-connection [disable|low|...] set failed-connection [disable|low|...] set url-block-detected [disable|low|...] set botnet-connection-detected [disable|low|...] config malware Description: Anti-virus malware threat weight settings. set virus-infected [disable|low|...] set fortindr [disable|low|...] set file-blocked [disable|low|...] set command-blocked [disable|low|...] set oversized [disable|low|...] set virus-scan-error [disable|low|...] set switch-proto [disable|low|...] set mimefragmented [disable|low|...] set virus-file-type-executable [disable|low|...] set virus-outbreak-prevention [disable|low|...] set content-disarm [disable|low|...] set malware-list [disable|low|...] set ems-threat-feed [disable|low|...] set fsa-malicious [disable|low|...] set fsa-high-risk [disable|low|...] set fsa-medium-risk [disable|low|...] end config ips Description: IPS threat weight settings. set info-severity [disable|low|...] set low-severity [disable|low|...] set medium-severity [disable|low|...] set high-severity [disable|low|...] set critical-severity [disable|low|...] end config web Description: Web filtering threat weight settings. edit <id> set category {integer} set level [disable|low|...] next end config geolocation Description: Geolocation-based threat weight settings. edit <id> set country {string} set level [disable|low|...] next end config application Description: Application-control threat weight settings. edit <id> set category {integer} set level [disable|low|...] next end end
config log threat-weight
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
status |
Enable/disable the threat weight feature. |
option |
- |
enable |
||||||||||||
|
|
|||||||||||||||
blocked-connection |
Threat weight score for blocked connections. |
option |
- |
high |
||||||||||||
|
|
|||||||||||||||
failed-connection |
Threat weight score for failed connections. |
option |
- |
low |
||||||||||||
|
|
|||||||||||||||
url-block-detected |
Threat weight score for URL blocking. |
option |
- |
high |
||||||||||||
|
|
|||||||||||||||
botnet-connection-detected |
Threat weight score for detected botnet connections. |
option |
- |
critical |
||||||||||||
|
|
config level
Parameter |
Description |
Type |
Size |
Default |
---|---|---|---|---|
low |
Low level score value. |
integer |
Minimum value: 1 Maximum value: 100 |
5 |
medium |
Medium level score value. |
integer |
Minimum value: 1 Maximum value: 100 |
10 |
high |
High level score value. |
integer |
Minimum value: 1 Maximum value: 100 |
30 |
critical |
Critical level score value. |
integer |
Minimum value: 1 Maximum value: 100 |
50 |
config malware
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
virus-infected |
Threat weight score for virus (infected) detected. |
option |
- |
critical |
||||||||||||
|
|
|||||||||||||||
fortindr |
Threat weight score for FortiNDR-detected virus. |
option |
- |
critical |
||||||||||||
|
|
|||||||||||||||
file-blocked |
Threat weight score for blocked file detected. |
option |
- |
low |
||||||||||||
|
|
|||||||||||||||
command-blocked |
Threat weight score for blocked command detected. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
oversized |
Threat weight score for oversized file detected. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
virus-scan-error |
Threat weight score for virus (scan error) detected. |
option |
- |
high |
||||||||||||
|
|
|||||||||||||||
switch-proto |
Threat weight score for switch proto detected. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
mimefragmented |
Threat weight score for mimefragmented detected. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
virus-file-type-executable |
Threat weight score for virus (file type executable) detected. |
option |
- |
medium |
||||||||||||
|
|
|||||||||||||||
virus-outbreak-prevention |
Threat weight score for virus (outbreak prevention) event. |
option |
- |
critical |
||||||||||||
|
|
|||||||||||||||
content-disarm |
Threat weight score for virus (content disarm) detected. |
option |
- |
medium |
||||||||||||
|
|
|||||||||||||||
malware-list |
Threat weight score for virus (malware list) detected. |
option |
- |
medium |
||||||||||||
|
|
|||||||||||||||
ems-threat-feed |
Threat weight score for virus (EMS threat feed) detected. |
option |
- |
medium |
||||||||||||
|
|
|||||||||||||||
fsa-malicious |
Threat weight score for FortiSandbox malicious malware detected. |
option |
- |
critical |
||||||||||||
|
|
|||||||||||||||
fsa-high-risk |
Threat weight score for FortiSandbox high risk malware detected. |
option |
- |
high |
||||||||||||
|
|
|||||||||||||||
fsa-medium-risk |
Threat weight score for FortiSandbox medium risk malware detected. |
option |
- |
medium |
||||||||||||
|
|
config ips
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
info-severity |
Threat weight score for IPS info severity events. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
low-severity |
Threat weight score for IPS low severity events. |
option |
- |
low |
||||||||||||
|
|
|||||||||||||||
medium-severity |
Threat weight score for IPS medium severity events. |
option |
- |
medium |
||||||||||||
|
|
|||||||||||||||
high-severity |
Threat weight score for IPS high severity events. |
option |
- |
high |
||||||||||||
|
|
|||||||||||||||
critical-severity |
Threat weight score for IPS critical severity events. |
option |
- |
critical |
||||||||||||
|
|
config web
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
id |
Entry ID. |
integer |
Minimum value: 0 Maximum value: 255 |
0 |
||||||||||||
category |
Threat weight score for web category filtering matches. |
integer |
Minimum value: 0 Maximum value: 255 |
0 |
||||||||||||
level |
Threat weight score for web category filtering matches. |
option |
- |
low |
||||||||||||
|
|
config geolocation
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
id |
Entry ID. |
integer |
Minimum value: 0 Maximum value: 255 |
0 |
||||||||||||
country |
Country code. |
string |
Maximum length: 2 |
|
||||||||||||
level |
Threat weight score for Geolocation-based events. |
option |
- |
low |
||||||||||||
|
|
config application
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
id |
Entry ID. |
integer |
Minimum value: 0 Maximum value: 255 |
0 |
||||||||||||
category |
Application category. |
integer |
Minimum value: 0 Maximum value: 65535 |
0 |
||||||||||||
level |
Threat weight score for Application events. |
option |
- |
low |
||||||||||||
|
|